kahoku.news Open in urlscan Pro
143.204.215.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kahoku.news/
Effective URL:
https://kahoku.news/
Submission: On November 17 via api (November 17th 2023, 8:40:43 am UTC) from US — Scanned from DE

Summary HTTP 314 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 26 domains to perform 314 HTTP transactions. The main IP is 143.204.215.77, located in United States and belongs to AMAZON-02, US. The main domain is kahoku.news.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 22nd 2023. Valid for: a year.

This is the only time kahoku.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	143.204.215.34 143.204.215.34	16509 (AMAZON-02) (AMAZON-02)
32	143.204.215.77 143.204.215.77	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:264... 2600:9000:2646:4e00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
52	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	52.222.214.6 52.222.214.6	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
3	18.66.110.17 18.66.110.17	16509 (AMAZON-02) (AMAZON-02)
6	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	34.193.19.100 34.193.19.100	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
1	18.66.138.185 18.66.138.185	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	182.22.24.252 182.22.24.252	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
3	18.66.122.71 18.66.122.71	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	54.199.101.239 54.199.101.239	16509 (AMAZON-02) (AMAZON-02)
2	35.190.27.55 35.190.27.55	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
65	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
23	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
7	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
11	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	54.166.239.48 54.166.239.48	14618 (AMAZON-AES) (AMAZON-AES)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
314	44

1 143.204.215.34 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-34.fra53.r.cloudfront.net

kahoku.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 143.204.215.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-77.fra53.r.cloudfront.net

kahoku.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:4e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.214.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-6.fra56.r.cloudfront.net

bousai-parts.kyodo-d.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.19.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-19-100.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.22.24.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-71.fra60.r.cloudfront.net

cdn.activity.smart-bdash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.199.101.239 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-101-239.ap-northeast-1.compute.amazonaws.com

tracker.smart-bdash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.27.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.27.190.35.bc.googleusercontent.com

receptions.smart-bdash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

jp.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.239.48 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-239-48.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rlog.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	2 MB
58	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	261 KB
33	kahoku.news 1 redirects kahoku.news	739 KB
23	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	1 MB
18	popin.cc api.popin.cc — Cisco Umbrella Rank: 30359 log.popin.cc — Cisco Umbrella Rank: 32274 jp.popin.cc — Cisco Umbrella Rank: 141544 r.popin.cc — Cisco Umbrella Rank: 32914 rlog.popin.cc — Cisco Umbrella Rank: 58833 inrecsys.popin.cc — Cisco Umbrella Rank: 37457	119 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	111 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	311 KB
10	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	smart-bdash.com cdn.activity.smart-bdash.com — Cisco Umbrella Rank: 410707 tracker.smart-bdash.com — Cisco Umbrella Rank: 419121 receptions.smart-bdash.com	186 KB
6	kyodo-d.jp bousai-parts.kyodo-d.jp	6 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	70 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925	47 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	669 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1585 mab.chartbeat.com — Cisco Umbrella Rank: 2550	25 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	182 KB
2	youtube.com img.youtube.com — Cisco Umbrella Rank: 3752	32 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	32 KB
1	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4529	559 B
1	yahoo.co.jp am.yahoo.co.jp — Cisco Umbrella Rank: 19208
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863	34 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 7973	8 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1376	201 B
0	eu-1-id5-sync.com Failed lb.eu-1-id5-sync.com Failed
314	26

	Domain	Requested by
65	tpc.googlesyndication.com	kahoku.news securepubads.g.doubleclick.net 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com
52	securepubads.g.doubleclick.net	kahoku.news securepubads.g.doubleclick.net 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com www.googletagservices.com
33	kahoku.news	1 redirects kahoku.news
24	10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
23	www.googletagservices.com	10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
12	pagead2.googlesyndication.com	kahoku.news pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
8	www.google.com	1 redirects kahoku.news 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com tpc.googlesyndication.com
7	log.popin.cc	kahoku.news
6	api.popin.cc	kahoku.news api.popin.cc
6	bousai-parts.kyodo-d.jp	kahoku.news bousai-parts.kyodo-d.jp
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com kahoku.news
3	imageproxy.eu.criteo.net	ads.eu.criteo.com
3	www.google.de	kahoku.news
3	cdn.activity.smart-bdash.com	www.googletagmanager.com cdn.activity.smart-bdash.com
3	c.amazon-adsystem.com	kahoku.news c.amazon-adsystem.com
2	rlog.popin.cc	kahoku.news
2	fonts.gstatic.com	fonts.googleapis.com
2	receptions.smart-bdash.com	cdn.activity.smart-bdash.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	kahoku.news www.googletagmanager.com
2	img.youtube.com	kahoku.news
2	static.chartbeat.com	kahoku.news
1	inrecsys.popin.cc	kahoku.news
1	r.popin.cc	kahoku.news
1	in.treasuredata.com	api.popin.cc
1	jp.popin.cc	api.popin.cc
1	am.yahoo.co.jp	s.yimg.jp
1	rtb.nl3.eu.criteo.com	10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
1	cdn.id5-sync.com	api.popin.cc
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	tracker.smart-bdash.com	cdn.activity.smart-bdash.com
1	s.yimg.jp	www.googletagmanager.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	ping.chartbeat.net	kahoku.news
1	mab.chartbeat.com	static.chartbeat.com
1	ajax.googleapis.com	kahoku.news
0	lb.eu-1-id5-sync.com Failed	cdn.id5-sync.com
314	46

This site contains links to these domains. Also see Links.

Domain
faq.kahoku.news
id.kahoku.news
www.kahoku.co.jp
forms.office.com
lp.kahoku.news
trace.popin.cc
discovery.popin.cc
cona.kahoku.co.jp
twitter.com
www.facebook.com
line.me
np.kahoku.co.jp

Subject Issuer	Validity	Valid
kahoku.news Amazon RSA 2048 M01	`2023-04-22` - `2024-05-20`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.kyodo-d.jp Amazon RSA 2048 M01	`2023-02-28` - `2024-03-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-07-28` - `2024-08-27`	a year	crt.sh
*.activity.smart-bdash.com Amazon RSA 2048 M01	`2023-08-28` - `2024-09-24`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.smart-bdash.com Amazon RSA 2048 M03	`2023-08-10` - `2024-09-06`	a year	crt.sh
receptions.smart-bdash.com GTS CA 1D4	`2023-11-04` - `2024-02-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://kahoku.news/
Frame ID: 7F03F2776C41C50C372A5BF579BA47CB
Requests: 98 HTTP requests in this frame

Frame: https://bousai-parts.kyodo-d.jp/contents/widget/civil_protection/widget.html
Frame ID: C1285E8F48C37B4CC0E0EBB620E4E657
Requests: 1 HTTP requests in this frame

Frame: https://bousai-parts.kyodo-d.jp/contents/sokuho2/pref04b.html?href=https://lifeline.kyodonews.jp/kahoku/bousai/?type=kyd_ss_earthquake&area_id=04
Frame ID: CF2C276DAD31B9160FDF14B47E6B55D1
Requests: 1 HTTP requests in this frame

Frame: https://bousai-parts.kyodo-d.jp/contents/widget/river/04.html?href=https://lifeline.kyodonews.jp/kahoku/bousai/?type=river&area_id=04
Frame ID: 3340B2C6AECA694636E7F8CF3FAFF76E
Requests: 1 HTTP requests in this frame

Frame: https://bousai-parts.kyodo-d.jp/contents/widget/evacuation_order/04.html
Frame ID: 55827AE608F9D1E29522795196B4E95C
Requests: 1 HTTP requests in this frame

Frame: https://bousai-parts.kyodo-d.jp/contents/widget/caution3/0218.html?href=https://lifeline.kyodonews.jp/kahoku/bousai/?type=caution&area_id=04
Frame ID: A2FE68008971AE3489AE6C228FF696D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 2AC6B50BAC1686987D5EADE7AAB88594
Requests: 1 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C65EB1EF38F11ACA832AD63DE7F9DD28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2577185970654102&output=html&adk=1812271804&adf=3025194257&lmt=1700210432&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fkahoku.news%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700210431665&bpp=3&bdt=442&idt=341&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7862307386728&frm=20&pv=2&ga_vid=1733892707.1700210432&ga_sid=1700210432&ga_hid=1389155701&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079518%2C44809315%2C31078301%2C44806139%2C44807763%2C44808148%2C44808285%2C44809054%2C318512601&oid=2&pvsid=1608245757115682&tmod=762430378&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=364
Frame ID: E2DB9D04546C241EAA6B517060A286BE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: DF84D67D80EC4897BB009B9BCFE572F4
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 23CC5A8DC491CCF296F7BC902D8E2B96
Requests: 19 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 519F38AA615E0047FEAA0AED4F2E79BC
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVcnAAAAFm4K4AcSAADjpTrbwNnx2Jqt03wLzw&u=%7Cqbhr1cfpZ3GxRY0A9VV4WXCXW%2FenrnGjPznaC4iPs6A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQrjL4Wd2WsVDxYo_K1_WpWrhswMKN7-0SkQ2KnUOzZrDx6trVWfvINTqwvSFVOiJB0ici9IjJ4WoOJUgkr017V8OzIRtfMg9ABBVsC2eRsE3ZfaYv-K2I3ny7TYcBCeeVF1Pwj7LQrAayKiqppDpj3cN1PlqWryT5FfaCe5JUE6_n2kyhR6tE0j245PVjuIGgsWOp02fSZ3c_iD863jhcT1QgCdt7zFD4hBOVE1zZyScEy1pqVGmCR1SLqVJUPSV5efllpgzh4Vm25txoHQ_a-R7DbokZMF6vNUZ4wMzrXqDeHywqtHpKJJa4as8V911n4Na6bNpEjYgz60gKyFemxEJrUNxbjVlfGcI2XdEJ9i8AQKVM0o-FcXJ4JUH4l_1A17iL1Kql3zKbvFPDTnBI0TSPl_4VWgYWe9HXiq_fNai3gN41LnHluDGO2N4zAVcOj--hpLJymge9KZ5lt9iC1dZ9UC-0Hi1NEqMFbhPFRUyCmJra3PTzpI7Jt4HvC1kaTulLGMN990efbzQbGrksLoQro0QuW1hNwumQxneZRx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTQlSACdXZe4sko6AB6XHg4AJyZ7SsVzVnZH3cMCNtwEQASAAYJWyqYKwB4IBF2NhLXB1Yi01NjI5NDQzOTQxMDc0OTAwyAEJqQKstJp4VjSyPuACAKgDAcgDAqoEswJP0BVQb4ur9QhIijVXvtoQGk9nTff0cQfpM72bl7BXJa7XJF_8tHUcLcJK8dS8yH7Wo7U8xRy2IjN6GKdntzMIf5J3Bt9kAwkK0Vl_qVthrhG_pvBomZc6KsGD5FCHBk35DLlOB3NKSUB47VuKsQrOcwHIpGEm6x2UgelSJTiHq8Cy8AHQGUs1wkSXV-N9jKOaYL9ajCyo-SwI6SBZsPfLsVAVjSKDioZyGy6FIlIl9Ya-AFgd22OiGYR5h04aYMauugGN_KgeiaQAWmWZGAIa7JD7YhG4FIIxB4fUuCSRSJbD6aUuNgpAUMezxzwtgIB8aPx0GSrWb_7e11ZBoxb0-i7ZTGJNC6cl_HCmlsryQqR1XCzsThs-hoEhAfYAybQ4Cez1lw_9_OHHVUCjbK5DKIFV4AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01ODE3OTIwNTk3OTU1Njg0-gsCCAGADAHiDRMI04XettHKggMVEgfgCh2l4wCQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1iWjViGYB9NbxFwpjqGHsCR5Tolg%26client%3Dca-pub-5629443941074900%26adurl%3D
Frame ID: F0E2B7367A37DCCD0462830C3A6E9354
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: CBBA2436C457C97E6CEA09DAFF1E8E7C
Requests: 11 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9A7EA2177880A9598441F7DE95E8656
Requests: 8 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B2EAE16F8756C7B1A59AEA3A1026053
Requests: 8 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22488A6E60372490937D08C1F7C4B3FC
Requests: 8 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55B1BA3BE3CAA873677095FAE8E3FFD7
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4BF6D97C4952B5BF2F659623FC0A6845
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 76BF65F4C142A12124D779B991923539
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6FC2D6E0BBA540E8B74F77184C9BEDA7
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADDC700660FA860346DC4A20DCDF4773
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 472EB239C5B59A136CEF340521D6C9C2
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 299498DE3B8B65E34EC744B5F7893BB8
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F0B478BE12C41848BD75150BD710C38
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FAE570E4A338277FC90C078E8BF6F185
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1C87EB5F0672770843067C6E244AEA04
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9557F6D94087750F58C0BD4A76FF63F6
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E473C4F1DD6FEB1A2F8970246D8144EB
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F72EDCB67FF66CC90CF4F229BAC5F3E
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B12C43D9B7A38D3ED99F1519FEE83983
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5DE920FD951EC3FDC4B64AB6671B842
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC3FFAB57AED01C622480A31F94CD5A5
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7ADF64FA4480E92A81C8919D116780A9
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D76097628D0F364607A25F3287CDDDB4
Requests: 7 HTTP requests in this frame

Frame: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 92C209EF19BFDE6F7344811DED0793B9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AA126BAB79775080413695A0F303233
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A4AD09B7ED7C8698F0D3873E77C192C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

河北新報オンライン

Page URL History Show full URLs

http://kahoku.news/ HTTP 301
https://kahoku.news/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

314
Requests

99 %
HTTPS

59 %
IPv6

26
Domains

46
Subdomains

44
IPs

5
Countries

5514 kB
Transfer

13327 kB
Size

24
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://faq.kahoku.news/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://id.kahoku.news/service/plan/
Title: お申込み

Search URL Search Domain Scan URL

URL: https://id.kahoku.news/cms/login/?from=https%3A%2F%2Fkahoku.news%2F
Title: ログイン

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/tomotoku/
Title: 読者とともに特別報道室

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/shinsai/
Title: 震災特設サイト忘れない2011.3.11

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/special/ayumi/
Title: 定点観測「復興の歩み」

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/special/quake/index.html
Title: 地震の記録特集

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/pub/nie/
Title: NIE 教育に新聞を

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/special/kodomo/
Title: こども新聞

Search URL Search Domain Scan URL

URL: https://forms.office.com/pages/responsepage.aspx?id=xghlDYLJYEGbVtbw-01nquESDsQ-h2JBhYeoupUcwvhUODA1UzJUQTVOWElKRzM3VE02WE1UUFk5WS4u
Title: ティータイム

Search URL Search Domain Scan URL

URL: https://forms.office.com/pages/responsepage.aspx?id=xghlDYLJYEGbVtbw-01nqv4yGOqSw9xEvw66WpY8bHVUNDM5RTZCSktIN1FQT01DV0lLMDFIODE1Si4u
Title: 声の交差点

Search URL Search Domain Scan URL

URL: https://forms.office.com/r/AmssbwX9wu
Title: 河北歌壇・河北俳壇・河北川柳

Search URL Search Domain Scan URL

URL: https://lp.kahoku.news/thanks2023/?utm_source=onl&utm_medium=t_link&utm_campaign=funkan2023
Title: 河北新報オンライン「ファン感謝祭」やってます

Search URL Search Domain Scan URL

URL: https://lp.kahoku.news/thanks2023/?utm_source=onl&utm_medium=banner&utm_campaign=funkan2023

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=3e247e97dec9a5bc84645d5e002f901d&acid=1429&data=VcQoi64izjMKsw6-NK_Q-Kime69yIG025LkL_o0ZHb2f4MYFwJKPxMh-UaEJ4ciOu5sSFTCxnp81RFkoPoCWtNoqJ0W1LbzyKRQqYHyTXGnKpPqbvlpOXSFX_DQlYR-DimVoLfmabCtIF3oQN3xErDKgmL9GYxWF7OsQKQAp-HIQbxmAN3cnH69bzpTanG1sZ245ZChYkdC5izPLEPIl-IwSvW8iz2oTcl7Tm6mtukzxLEslr5MVFzwb21wt6FhaRa91Hflo3wQLeIo5qrNRjjgcu9Bth7S1Wed_sGXY_pOaiGeQ8SIwO92KBKLxACGqr3qqb9H0pC57tHBCmlKRgwwmgkldKPKOHWzyUQgjIMPEp-TbcfJ5AkJP7cRdbNLI39lUoMCAmbxWIKPTBGC6KcCSFGeMwr5bHLQgHjGMwwxrBAHQUgUZPQjvlzyvWysVeG0KKM8odexxP0u4XwlYDc5CV2ccD56QjOLYDRr3397fcfDf5011r4f4Lg24bEo1zUrmWmM2Nr-4GpDjz6cvxo87ElJjdGHA-sF3GN6lXplr6mNOXF6FiAvwAwOAPZ6sEnPw29W4vqqvZGNuhyb-DQh68wtcxZYKGfgqddSWgipiqiOT0fTdhr7bZhATA-kz4Cmh5dtUxSyZGdCJYSKLoI8Jyb79yHjkslV2Rse9i82y1T0BwUHUA-0l3LSKVBArCj-VtlP97UHfYbQfPyOlYx75ZOlqQVpUKMzwB60OJfB5KZI9-ZgirO-ZW3b0Z7a8ECW4Mjj3elgAFQWZiqHv2w&uid=c483a6d74d73ba1ab0d1700206833841&mguid=&gprice=ka-TXiuuMNR73WlT3piqglDHeqGpqeDH9XuK-exJ4Js&pb=d&uidct=1700206833841
Title: 秋元真夏『最強の時間割』シーズン2出演で...(TVerプラス)

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=09cfe4fd8b13cee0c81a597c2e8dbdcc&acid=1429&data=AZpPJdGnCcB1Cs7Oy0I2u_WmRG4k1AavsLYdcAG2jH361f-KkPUMUMeutxCuo4VPDEu5jANy4yrHH28vzTKHIf_v18bIMZI0eIcPyPXdhZtwKYwvFbtZ5syf9yUBsYoW3mt0G4klgRNK6trElFaVbGJhg3XF7FUhcVlrRJ-47iiEn3-8AsyG-2S0Fgv2tXQpIfQ69kFVvr22V1BeujBiTPXmkuU0oKxAkW_98K4IaC5qOlwfkI3OxSEgoO4H-wzQKv92cF8QnHnGWlx5eUDP7iynHEsV-FbvD1y4AFoE7K6V-MHun4sG5g5tGRuFthTRRUv4NhJCinlcG5N80QjGUGYcgm7i0kNbDL6JKGM6kH2VSGx567_U7YFgnvguy9-P-GXPdclYxuG3nBwi8ero_rVZcUEYcd-tPBske6pKMg6ylk4Q4Yg--qTd1k31w3FVUBj2OegckkaKXLO4GMFyVjRCSJFHGz3cJsI6WgRU5cgTt5qPQ8Q3SBXcvShTOOzViB4Hfci6SZ1zfHIutBMmaZmFIBjXs3Gbb1cwfXi8_nyjt_lK9B5L8N_cOShO6KjfNcgl9dj7qLdN3-f9dy02Dgnn6O1zkLU2z-XQm0DDHQDKX7i8ZjEoVekQYMy0QXiWKz3kS5yM6S3R3bIM1bjWPMjdlE_dHUF0SU2jWkAKpIf1lR4n7God7Im8Mt2xqDmp1gH7Yp9FOQA1BAys39Vi2oTsHHqGt2bnn_05sPj1dqnkgw1uibGsWz0ZRvQW49hFTtLAUf2We5xIMyPA1elVrg&uid=c483a6d74d73ba1ab0d1700206833841&mguid=&gprice=3Av4Ij7S6zsp2fceIEb_ZN_jOpxKStBDxRjKNYW-EKI&pb=&uidct=1700206833841
Title: 津田健次郎が声の出演！スピンオフドラマ『パリ...(TVerプラス)

Search URL Search Domain Scan URL

URL: https://discovery.popin.cc/discovery/what-is.php
Title: powered by

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm/mail_dsp.php?id=20231117140654001
Title: オレオレ詐欺の特殊詐欺予兆電話【名取市】

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm/mail_dsp.php?id=20231117115900001
Title: 預貯金詐欺等の特殊詐欺注意報（大崎市）

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm/mail_dsp.php?id=20231116164650001
Title: 預貯金詐欺等の特殊詐欺注意報（石巻市）

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm/mail_dsp.php?id=20231116145006001
Title: 女子中学生に対する容姿撮影事案【石巻市】

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm/mail_dsp.php?id=20231116131332001
Title: 預貯金詐欺等の特殊詐欺注意報（多賀城市）

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm/mail_dsp.php?id=20231116115049001
Title: 警察官を装う特殊詐欺の予兆電話について（多賀城市）

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm_bear/
Title: 11月16日（木）午後4時10分頃、青葉区荒巻字青葉、1頭（体長不明）

Search URL Search Domain Scan URL

URL: https://cona.kahoku.co.jp/secm_rescue/
Title: 11月17日12時33分頃太白区富沢三丁目付近で災害危険排除等のため消防車が出場しています。

Search URL Search Domain Scan URL

URL: https://twitter.com/kahoku_shimpo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kahoku.shimpo

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40oa-kahoku

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/pub/koudoku/
Title: 新聞購読のご案内

Search URL Search Domain Scan URL

URL: https://np.kahoku.co.jp/
Title: デジタル紙面

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/policy.html
Title: 著作権/著作物の利用

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/pub/koudoku/subscription/#back_number
Title: バックナンバー

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/privacypolicy.html
Title: プライバシーポリシー

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/data.html
Title: クッキーポリシー

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/policy.html#browser
Title: 推奨環境

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/contact.html
Title: ご意見・お問い合わせ

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/webservice.html#barrierfree
Title: 聞くかほく

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/pub/media/
Title: 広告掲載のご案内

Search URL Search Domain Scan URL

URL: https://www.kahoku.co.jp/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kahoku.news/ HTTP 301
https://kahoku.news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 227

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

314 HTTP transactions
28 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kahoku.news/
Redirect Chain

http://kahoku.news/
https://kahoku.news/

94 KB
20 KB

135ms
54ms

Document
text/html

143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e6af4d00985609bee1de367271c3a70bff329864c60121067ee07bf051209d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 235
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 08:36:36 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-id: cZG76GGJJSvmJ5LdJDonaiAbtOd3MVGbUhCdAZoasIu0ADHdJg0q5A==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Fri, 17 Nov 2023 08:40:31 GMT
Location: https://kahoku.news/
Server: CloudFront
Via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: y_SJsaAwnPZYpntougJl3XyuCZBftX7eossbt_7xzY40HQocgBTtxw==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront

GET
H2 200 member_harmony.js Show response
kahoku.news/skin/harmony/js/ 2 KB
1 KB 44ms
43ms Script
application/javascript 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/skin/harmony/js/member_harmony.js?v=20230118

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9447d8d599fddf9ad80179c0c0bc55b7c0ece35aea3859abb505e6b388a3736d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 16:54:40 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"63459fd0-66a"
age: 46
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: U_L_i6WHv83zrGPAfYAIDtaxmeaC4uXiYlseHeDdw2bYZCAOsHy8Pg==
x-xss-protection: 1; mode=block

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 155ms
42ms Script
application/x-javascript 2600:9000:2646:4e00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:4e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:00:41 GMT
content-encoding: gzip
via: 1.1 69a82a9746d3a7343dca651e0829f000.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 02:00:31 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 2390
etag: W/"655577bf-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DLq5cS0D_opgX9RjH8cEijrl0iwvN51jgLLu3eBQxXBuho2ZctZ4FQ==
expires: Fri, 17 Nov 2023 10:00:41 GMT

GET
H2 200 pc_style_harmony.css
kahoku.news/skin/harmony/css/ 45 KB
10 KB 43ms
42ms Stylesheet
text/css 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4834a45914bdcec504cc6e6cd06dc74fcf1611833d2f129c0a152fd84b6b7d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Nov 2023 07:00:58 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"654c83aa-b226"
age: 46
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: DwyY9QKRk1bd71sGpPewRe4FLEcIUP4R4zXrWp6lSWOCGhgLUlBjCg==
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 10:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 10:47:49 GMT

GET
H2 200 lazysizes.min.js Show response
kahoku.news/skin/harmony/js/ 8 KB
4 KB 113ms
110ms Script
application/javascript 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/skin/harmony/js/lazysizes.min.js

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 16:54:40 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"63459fd0-1e5b"
age: 46
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: wNE_gf_uNGtvbjMHFCp6P4nFgrBDVwang_JTl7W6Xh6i5ASxNLhDdg==
x-xss-protection: 1; mode=block

GET
H2 200 pc_common_harmony.js Show response
kahoku.news/skin/harmony/js/ 416 B
811 B 127ms
125ms Script
application/javascript 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/skin/harmony/js/pc_common_harmony.js

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

95428f9ffb52bfdc49d6cde9c7d2215f247a2feeb76630081451bc0ed0699625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:39:45 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:29 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 46
etag: "63c6ab65-1a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 416
x-xss-protection: 1; mode=block
x-amz-cf-id: dJSRtlPOdVi8cNYEjOYSQSfhTw7B1VbtM98CG4SDh01EPtxXw43BMw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 180ms
89ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2577185970654102

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

775e99e46d6f0fdd1af6a6f4b23d106d64b5f1a8cc61f0f96f3932f27bedc12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Origin: https://kahoku.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52718
x-xss-protection: 0
server: cafe
etag: 9616816105062584028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 214ms
120ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

075551ef3eab5745e78f42450bcdc9b63f257554b2c741f6f61c6ae942df064b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31388
x-xss-protection: 0
server: cafe
etag: 701 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:31 GMT

GET
H2 200 logo.svg
kahoku.news/skin/harmony/images/ 438 KB
42 KB 331ms
330ms Image
image/svg+xml 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/logo.svg?v=20221012

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

93cda287211ce71dd8b080774d2930e6981cff2ef937ff726a0c8082bbe1696b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:20 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"63c6ab5c-6d794"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: R2lMoUysbwMOTgXOgqxAV_naIyW0_moL52iJWEetlf2A1VPbewU4kQ==
x-xss-protection: 1; mode=block

GET
H2 200 icn_search_01.png
kahoku.news/skin/harmony/images/ 2 KB
2 KB 327ms
327ms Image
image/png 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/icn_search_01.png

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d863583204dce53ed7e1a7d2c06d000e193aa94cb42bf1265f0b24314c519d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:19 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "63c6ab5b-7fc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2044
x-xss-protection: 1; mode=block
x-amz-cf-id: X41sPoOX76Nx5TOOYYKMb4tONEDc-e8GJfIUpGKHprtV7jrxmOfBBw==

GET
H2 200 member_menu_harmony.js Show response
kahoku.news/skin/harmony/js/ 2 KB
858 B 112ms
110ms Script
application/javascript 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/skin/harmony/js/member_menu_harmony.js?v=20230112

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

44e59fa896a9f12fb6295a81e1697b6a272047d6f10ecbd168f175ff13964588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:29 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"63c6ab65-7ea"
age: 46
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ZtrH1wQM1DlD5vSeMtHKqgUcmiiQSzPfZ_aaUIow5Ej_tV0VjWCVxQ==
x-xss-protection: 1; mode=block

GET
H2 200 load_widget.js Show response
bousai-parts.kyodo-d.jp/contents/static/js/ 4 KB
4 KB 155ms
40ms Script
text/javascript 52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bousai-parts.kyodo-d.jp/contents/static/js/load_widget.js
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b96c9ad16b83bf43d922be6d716dd84d8c7803bec36b645e00cdb138d49275f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:44:12 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
last-modified: Tue, 12 Sep 2023 01:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 6980
x-amz-server-side-encryption: AES256
etag: "749995f5f42300548ba9d8b682c1753b"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3772
x-amz-cf-id: E38wE1D86uTkqKwwquscV87KW5GPE8FprivMAe0pjqlwgoATgGkZCA==

GET
H2 200 lp_thanks_202311.png
kahoku.news/assets/banner/ 136 KB
136 KB 122ms
118ms Image
image/png 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/assets/banner/lp_thanks_202311.png
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84b1196518339ac96647f549019d8adee90dfc1d4dd812bb7254740414fd44e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:46:48 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 10 Nov 2023 00:34:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3224
etag: "fca47b2443720ab4580e5dbecfe1b6d7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 139213
x-amz-cf-id: dJEvHelg98yVC3XQO1t8vSoJk9W6D1P1dXB15pmGXKBueMAQooxeIQ==

GET
H2 200 1609_miyagino_livecamera_banner.png
kahoku.news/assets/banner/ 112 KB
113 KB 57ms
54ms Image
image/png 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/assets/banner/1609_miyagino_livecamera_banner.png
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f11d9ee1fe1b56410a084b2176744efd01469a29a55bf9eac1355a81a6da17a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:20:59 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 22 Dec 2022 02:18:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1173
x-amz-server-side-encryption: AES256
etag: "b2265222bf0511a7567fa03620e7bc77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 114855
x-amz-cf-id: P-sdZbdJUk_H7tUGwtjcReRIjiEa54O1Y8oZjN1HxToR-97X74j4Fw==

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/Kqh0oAQN3HM/ 9 KB
9 KB 178ms
52ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Kqh0oAQN3HM/mqdefault.jpg

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec129c035da9abfda075e92566ae869f2da30427058eae169c3fee23fff26671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8873
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Nov 2023 08:45:31 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/C_21qp9sI00/ 23 KB
23 KB 180ms
56ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/C_21qp9sI00/mqdefault.jpg

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

224a951debca209ee019ab64a09e5d86e134f898abbd2aa23e212b9a41ff73f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23815
x-xss-protection: 0
server: sffe
etag: "1699695950"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Nov 2023 10:40:31 GMT

GET
H2 200 icn_top_01.png
kahoku.news/skin/harmony/images/ 871 B
1 KB 281ms
279ms Image
image/png 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/icn_top_01.png

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8334a111af9c13dfd14b2229191dda4f4537360ba7a96d4f9c0e116abf92894c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:19 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "63c6ab5b-367"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 871
x-xss-protection: 1; mode=block
x-amz-cf-id: d4yg4y2CX_bLvzq1JuiTgCX0UgvJJkEYHIqr9k-3PJxHr7eG3D-UIA==

GET
H2 200 logo_company.svg
kahoku.news/skin/harmony/images/ 4 KB
2 KB 732ms
731ms Image
image/svg+xml 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/logo_company.svg

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c62a471538d0be212771364e36f944df6b27b2b6fc0449ee11eb816ab10469ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:20 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"63c6ab5c-f73"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: WZ5l5oeOazcj1FvrcxASE6o2c1SBEt_q3ddQOzehNKSY-dDhZAstJw==
x-xss-protection: 1; mode=block

GET
H2 200 smoothscroll.js Show response
kahoku.news/skin/harmony/js/lib/ 11 KB
4 KB 111ms
108ms Script
application/javascript 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/skin/harmony/js/lib/smoothscroll.js

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

762f2b9c9d00b67d61739c625c710236414ae92d2183d2f167d2fc363599caa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Dec 2022 02:25:56 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"63a511b4-2b8c"
age: 46
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: XYEL-7DY8Nh8ahPiDsGrB-Xa-h7Owhho3y4SpcWkC6S2zTDvPv01zQ==
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
kahoku.news/skin/harmony/js/ 5 KB
2 KB 112ms
109ms Script
application/javascript 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kahoku.news/skin/harmony/js/app.js

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

281d4c29f5c2caa38a9341eedeff4dd389cc39a195f567d7dbf4474c3adfef58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Dec 2022 02:25:53 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"63a511b1-1419"
age: 165
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: gCJm_R01uqY_2fZr09Hx4_E8e3pOLiD3U5aIwO1mBOtCE2HznSXp3w==
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 265 KB
94 KB 149ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVMWJSJ

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8712fbd2888b6ffc60a6a0dfdbc0434a698f5ec4f6eba4ced60e09f41ede046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95696
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 08:40:31 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 153 B
476 B 306ms
180ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kahoku.news&domain=kahoku.news&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a23c86eef886c2e76245a7320318b00e14aaaeff7fbbfb5fb1794952f824a58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 122
x-served-by: cache-sof1510024-SOF
x-timer: S1700210432.533775,VS0,VE123
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 15 Nov 2023 08:40:31 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 135ms
45ms Script
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:38:04 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P5
age: 148
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: tpkIu3_awXqZzly3ARjRYib8CHBdCKkqjxUYOJ7VcURtHOqX0KmwDw==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 46ms
45ms Script
application/x-javascript 2600:9000:2646:4e00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:4e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:00:16 GMT
content-encoding: gzip
via: 1.1 69a82a9746d3a7343dca651e0829f000.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 01:59:58 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 2415
etag: W/"6555779e-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: mAWTVlsFcI0uRKJHZp42KqeA2B3X5PQ4vnUKFSwK6tTC86C2Dd_fXw==
expires: Fri, 17 Nov 2023 10:00:16 GMT

GET
DATA 200
OK truncated
/ 39 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec91b1d393870af074f1269597f15663607840b592ce389f9223468e09a27c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 icon_member_g_e6b422.svg
kahoku.news/skin/harmony/images/ 1 KB
982 B 275ms
274ms Image
image/svg+xml 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/icon_member_g_e6b422.svg

Requested by

Host: kahoku.news
URL: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0ac6f1f9eb176490e2c763046b8dc80459e295dd1952b228426760d0f0fbe317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 05:11:32 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"65408c84-403"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: MJS-bTtBXUxIiTfzZFlDUbS7MoovpYGxv8L-Hk1iyIf2q8OmTm9TRg==
x-xss-protection: 1; mode=block

GET
H2 200 icn_arrow_r_01.png
kahoku.news/skin/harmony/images/ 2 KB
2 KB 754ms
754ms Image
image/png 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/icn_arrow_r_01.png

Requested by

Host: kahoku.news
URL: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

4451cd73599d5cb74d07b4c0efc9214fcfd1c649d24c301b4900d1100f921623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:19 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "63c6ab5b-710"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1808
x-xss-protection: 1; mode=block
x-amz-cf-id: mFcM8FrEddmK-aupwqKIs7T7BTJJaeTZ4yOLxZYHbkpiSwA0NxjQxw==

GET
H2 200 icon_online_logo.svg
kahoku.news/skin/harmony/images/ 7 KB
3 KB 713ms
712ms Image
image/svg+xml 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/icon_online_logo.svg

Requested by

Host: kahoku.news
URL: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7d381c59363794b6ecc688dfe83704f5fdb9a948d811c0d6dacff3b8bad31ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 05:11:32 GMT
server: nginx
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"65408c84-1bc8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: lX0WHi4UIgVxVWh9O1kwFStOJiH_gwJx04eKjEXJuRzJYMw2zrfoPw==
x-xss-protection: 1; mode=block

GET
H2 200 icn_faq_01.png
kahoku.news/skin/harmony/images/ 2 KB
2 KB 714ms
713ms Image
image/png 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/icn_faq_01.png

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

fa0eae5773067fe93f81f7b4ec126c9a9dcedf493ebb3100356167bccdc5650c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:19 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "63c6ab5b-689"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1673
x-xss-protection: 1; mode=block
x-amz-cf-id: moiAH2v0Ctd6m5YPNmpIW-Mm7qhHAOErkUr9oFUk0xAG3fCNTo0prg==

GET
H2 200 001_size4.jpg
kahoku.news/images/2023/11/16/20231116khn000028/ 43 KB
44 KB 957ms
951ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000028/001_size4.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1b23668877d718b66e5c6b1c88d8f1b01daebf309f5e93c9d1040e1d63a9d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 09:50:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "6e0d7c98b8400acf5507b24a8c39f10f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 44507
x-amz-cf-id: mWyL_0kpj4H26owHl1T46GQgHZ_a1mViQBm6edzzqH4JRVfHdhPDdg==

GET
H2 200 001_size4.jpg
kahoku.news/images/2023/11/17/20231117khn000004/ 60 KB
61 KB 966ms
961ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/17/20231117khn000004/001_size4.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5242c5dc50574145a166605d6c7e18cdea0b821a00b015daa29e843ec696e038

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 01:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "07417b0770f7473d8fe3c5c06a3fe1fb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 61645
x-amz-cf-id: 4WJ6I1Qbfb-h6u0xF95KxECi_IXyfhVK7Y4FpJnr16WRIY3aM9K8Hg==

GET
H2 200 001_size4.jpg
kahoku.news/images/2023/11/17/20231117khn000007/ 56 KB
56 KB 983ms
978ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/17/20231117khn000007/001_size4.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 559c86f9472c691f9f02473b5b2a9b50a1511044e245ba660e94cbd2444340c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 01:49:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "9b889d4af8b9d8c1fd81942a831e64c0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 57292
x-amz-cf-id: davRp1sebkVK4NHRd2vEbvHSEocywUdnCbRN5Fw8Jz8ErfE-GcdHJg==

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/17/20231117khn000029/ 50 KB
51 KB 983ms
978ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/17/20231117khn000029/001_size3.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be8df3fbd7c7e4bbf33244b282f9fdc78787694549dc01d5890b4e88d06e5221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 08:38:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e727207962cf00c04c64c12a911c70a7"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 51579
x-amz-cf-id: PvXQDQfdG_tq7d2ZgKIXlKlUUiqfeAYaTSsIFKG2KeZs8c91Upauhg==

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/16/20231116khn000035/ 8 KB
9 KB 962ms
957ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000035/001_size3.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bc182d1d57cb57e95a0df5978cf0815b31d97cc665bd1a5e750890592ffdc68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 23:20:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "91a6d85f3492a9b6c6c3cc54abd9e6c8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 8675
x-amz-cf-id: wLPObTT356ANfhjY0_fcgAEP2FdUTJpHq98z1QOyfLVFeRemnH9nHA==

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/17/20231117khn000026/ 7 KB
8 KB 988ms
984ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/17/20231117khn000026/001_size3.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e348205c0ef98c66e0540040abcfb1f1d85735055b2f696f146dd27d7c7dede2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 08:18:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "35e751779f1b918100331ab439782a06"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7449
x-amz-cf-id: YSIhKq3JhdDy_jP_XttDxwFEpOw7IxQ7hF64qI06byGA9C6WQD-ABg==

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/16/20231116khn000051/ 12 KB
12 KB 986ms
982ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000051/001_size3.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 580699e12fdc335a9545f5ecc2039a3de9eff1c19de55132b24193aa0bccc56c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 01:56:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "2d9791cdaa7f2ae9260388679a4fc346"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11920
x-amz-cf-id: P6XdnA8nnFKVeuLzCpfNmlJFnOkmwPCSCMZI230ffM6aFK-BmTmnPw==

GET
H2 200 001_size4.jpg
kahoku.news/images/2023/11/16/20231116khn000050/ 79 KB
79 KB 985ms
982ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000050/001_size4.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d94e1d5bb84989f38e3924c860a6532a3002592356fdc65ab8c0392adb15d53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 23:22:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "813c5345c7f130a215a332d49716a032"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 80947
x-amz-cf-id: BWLrIRO1G1Wt_w48uil_eKRAZNBCUyfEbMjSkYAmMf1eA_4AYL0THw==

GET
H2 200 widget.html Show response
bousai-parts.kyodo-d.jp/contents/widget/civil_protection/ Frame C128 0
350 B 41ms
39ms Document
text/html 52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bousai-parts.kyodo-d.jp/contents/widget/civil_protection/widget.html
Requested by: Host: bousai-parts.kyodo-d.jp
URL: https://bousai-parts.kyodo-d.jp/contents/static/js/load_widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12
cache-control: max-age=20
content-length: 0
content-type: text/html
date: Fri, 17 Nov 2023 08:40:20 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Wed, 23 Aug 2023 20:10:34 GMT
server: AmazonS3
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id: KvoY7xS2IjiB1dOEiMEo_qXXddzx-8-2sOmi0JoYqn1l9Dvq0-jPgQ==
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pref04b.html Show response
bousai-parts.kyodo-d.jp/contents/sokuho2/ Frame CF2C 0
350 B 617ms
616ms Document
text/html 52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bousai-parts.kyodo-d.jp/contents/sokuho2/pref04b.html?href=https://lifeline.kyodonews.jp/kahoku/bousai/?type=kyd_ss_earthquake&area_id=04
Requested by: Host: bousai-parts.kyodo-d.jp
URL: https://bousai-parts.kyodo-d.jp/contents/static/js/load_widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20
content-length: 0
content-type: text/html
date: Fri, 17 Nov 2023 08:40:33 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Sun, 05 Nov 2023 18:16:39 GMT
server: AmazonS3
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id: fWPh-gl1d9Y6hyQKNxrncINzCmZk3qZCn7d1FPEXHTs6cQ7GaTa2bg==
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

GET
H2 200 04.html Show response
bousai-parts.kyodo-d.jp/contents/widget/river/ Frame 3340 0
321 B 627ms
626ms Document
text/html 52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bousai-parts.kyodo-d.jp/contents/widget/river/04.html?href=https://lifeline.kyodonews.jp/kahoku/bousai/?type=river&area_id=04
Requested by: Host: bousai-parts.kyodo-d.jp
URL: https://bousai-parts.kyodo-d.jp/contents/static/js/load_widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20
content-length: 0
content-type: text/html
date: Fri, 17 Nov 2023 08:40:33 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Sat, 16 Jul 2022 23:21:38 GMT
server: AmazonS3
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id: q1m2VqxuqtfLGvTCh2EJJ2UAeqJNO-IoXYXEY9-i9PLBjpA7iaB7Pg==
x-amz-cf-pop: FRA56-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 04.html Show response
bousai-parts.kyodo-d.jp/contents/widget/evacuation_order/ Frame 5582 0
348 B 615ms
614ms Document
text/html 52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bousai-parts.kyodo-d.jp/contents/widget/evacuation_order/04.html
Requested by: Host: bousai-parts.kyodo-d.jp
URL: https://bousai-parts.kyodo-d.jp/contents/static/js/load_widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20
content-length: 0
content-type: text/html
date: Fri, 17 Nov 2023 08:40:33 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Fri, 08 Sep 2023 22:49:37 GMT
server: AmazonS3
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id: BoFlK5xAA1GFTkiS_sabnZEJgv7ioD_JiC5eyCoH5AwY2ungPtkeAg==
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

GET
H2 200 0218.html Show response
bousai-parts.kyodo-d.jp/contents/widget/caution3/ Frame A2FE 0
349 B 643ms
643ms Document
text/html 52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bousai-parts.kyodo-d.jp/contents/widget/caution3/0218.html?href=https://lifeline.kyodonews.jp/kahoku/bousai/?type=caution&area_id=04
Requested by: Host: bousai-parts.kyodo-d.jp
URL: https://bousai-parts.kyodo-d.jp/contents/static/js/load_widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20
content-length: 0
content-type: text/html
date: Fri, 17 Nov 2023 08:40:33 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 06 Nov 2023 23:39:35 GMT
server: AmazonS3
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id: c8egwOIAxFubueuHr1trtUStA91qj9Yx9Yl6ZrFxO1mk_-G35KmhxA==
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

GET
H/1.1 200
OK kahoku.js Show response
api.popin.cc/searchbox/ 52 KB
11 KB 1017ms
416ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/kahoku.js
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 893c828b5448887838d429716d440f1e77ce6fb72a600c1b87a7600dd1c97a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 08:40:32 GMT
x-amz-version-id: PU67ZVYKRfm3gPKJaVSyJE.W5243cNaC
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Tue, 08 Aug 2023 09:37:31 GMT
Server: nginx
ETag: W/"9ac1f2937a8b04f5c422c93c26d91800"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 17 Nov 2023 09:40:32 GMT

GET
H2 200 icn_play_01.png
kahoku.news/skin/harmony/images/ 525 B
898 B 713ms
713ms Image
image/png 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kahoku.news/skin/harmony/images/icn_play_01.png

Requested by

Host: kahoku.news
URL: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-77.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8e114141954f7241d6603e96662b215b45dd7d79215c584677676328b18987a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/skin/harmony/css/pc_style_harmony.css?v=20231109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 14:06:19 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
etag: "63c6ab5b-20d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 525
x-xss-protection: 1; mode=block
x-amz-cf-id: Vgpn_GzwLrchW2VRj354KdMra-wGqqhR58XUfdxhCTvFqB9ORPsCMQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 361ms
118ms Image
image/gif 34.193.19.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kahoku.news&p=%2F&u=De7sfCB7Q19ICaHQRD&d=kahoku.news&g=66367&g0=No%20Section&g1=kahoku.news&n=1&f=00001&c=0&x=0&m=0&y=5729&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fkahoku.news%2F&b=618&t=TocHADbumEpBhA4mI9bBqiDK0f1I&V=141&i=%E6%B2%B3%E5%8C%97%E6%96%B0%E5%A0%B1%E3%82%AA%E3%83%B3%E3%83%A9%E3%82%A4%E3%83%B3&tz=-60&_acct=anon&sn=1&sv=ByzmQKCrrPXZjndgoBWcbwwVeE9t&sd=1&im=067b2fff&_
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.19.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-19-100.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 dce0b392-db0d-44f6-8ae9-f84d660ff35e Show response
config.aps.amazon-adsystem.com/configs/ 537 B
803 B 130ms
39ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/dce0b392-db0d-44f6-8ae9-f84d660ff35e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: fc67035c0ab13cc2c50c94ad42103cc1972da2cf5255bd78f35ff7afea2ab98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:08:24 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1927
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: sxZTYxW7JKYcrdPtKglQCajAw39R4BRkijUo0ZWmBoSZHMJCuP1mlA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 43ms
43ms XHR
text/plain 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fkahoku.news&pubid=dce0b392-db0d-44f6-8ae9-f84d660ff35e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:01:03 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
age: 9567
x-cache: Hit from cloudfront
access-control-allow-origin: https://kahoku.news
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 8K0YHsa6jXJrQLr1BqwKIWeZikHP7JjMJPdFOib8Ctynxeg6nlOQ0Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
459 B 191ms
84ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fkahoku.news%2F&pid=3tfb5kXxOk26G&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1630670522712-0%22%2C%22s%22%3A%5B%221x1%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F193632318%2FLMC%2Fkyodo%2Fkahoku%2FPC_top%2Fsuperbanner1_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1533275690292-0%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F193632318%2FLMC%2Fkyodo%2Fkahoku%2FPC_top%2FKD_PC_rec1_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1574667197120-0%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F193632318%2FLMC%2Fkyodo%2Fkahoku%2FPC_top%2FKD_PC_rec3_top%22%7D%5D&pubid=dce0b392-db0d-44f6-8ae9-f84d660ff35e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: H708EZY651EG6B4DT4X9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://kahoku.news
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Zhx-RgH8BAImTNOwBbHee7kPKnyL0ulsosq4_U0Sw1x1PxAEZc2fCA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 124ms
45ms XHR
application/javascript 18.66.110.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:39:06 GMT
x-amz-cf-pop: FRA56-P5
age: 72086
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: CRHo3D_4lvG5_xhAjwn66AqTnLhfNFOdogfsWGpQj4AXkVsRlaNm3w==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 184ms
104ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2577185970654102&plah=kahoku.news

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2577185970654102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a306f7a7dafbf0e04ac1bd7a7523ad9f27994da72d90557d24c9fff97c7e8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138528
x-xss-protection: 0
server: cafe
etag: 5547878441259620599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:31 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 2AC6 9 KB
4 KB 126ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2577185970654102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:19:37 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 17:19:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
89 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-38CM5WJRN0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMWJSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39d3f4f8ab39040cda41ab4d7fb37cfd14d1c67e2259879266b7983bf1797fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 08:40:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMWJSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 07:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3050
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 09:49:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11111232778/ 3 KB
1 KB 123ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11111232778/?random=1700210431720&cv=11&fst=1700210431720&bg=ffffff&guid=ON&async=1&gtm=45He3b81v893022068&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fkahoku.news%2F&hn=www.googleadservices.com&frm=0&tiba=%E6%B2%B3%E5%8C%97%E6%96%B0%E5%A0%B1%E3%82%AA%E3%83%B3%E3%83%A9%E3%82%A4%E3%83%B3&auid=220736091.1700210432&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMWJSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104144ca50f36c94149b2fc6bf84ea7bf8c6b14a1dec2c915b25f3218bd533b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 25 KB
8 KB 1782ms
276ms Script
application/javascript 182.22.24.252
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMWJSJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.22.24.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: 1b07d57ba673e54fde9861034facadd6fae3c56e32b5d301ba9a35a57bf54eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 17 Nov 2023 08:31:06 GMT
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 02:07:16 GMT
server: nghttpx
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 567
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-z-chihaya: r=1
x-ntap-sg-trace-id: 9b570242591fb3a3
cache-control: public, max-age=600
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 8328

GET
H2 200 btm.js Show response
cdn.activity.smart-bdash.com/tag-manager/bd-naqwe3/ 75 KB
75 KB 135ms
44ms Script
text/plain 18.66.122.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.activity.smart-bdash.com/tag-manager/bd-naqwe3/btm.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVMWJSJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd3773827402b903bb474c4848e29ab51c7c3e57a02dd32bf42b8b8bf3977c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cache-control: public, max-age=7200
date: Fri, 17 Nov 2023 08:34:43 GMT
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 12:32:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 357
x-amz-server-side-encryption: AES256
etag: "c022b61bdd150576d6516a68f35ca0fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-meta-content-type: text/javascript
accept-ranges: bytes
content-length: 76308
x-amz-cf-id: KGKdVOwRjr1OExg9juyQPSne4H9aP1HCz7ceH-0zmKnz8gb0_bnv5A==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33217
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:26:54 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-38CM5WJRN0&gtm=45je3b81v874519667z8893022068&_p=1700210431271&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1733892707.1700210432&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700210431&sct=1&seg=0&dl=https%3A%2F%2Fkahoku.news%2F&dt=%E6%B2%B3%E5%8C%97%E6%96%B0%E5%A0%B1%E3%82%AA%E3%83%B3%E3%83%A9%E3%82%A4%E3%83%B3&en=page_view&_fv=1&_nsi=1&_ss=1&ep.login=non-login&ep.userType=anon-member&ep.device=PC&tfd=836
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38CM5WJRN0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kahoku.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 143ms
47ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-38CM5WJRN0&cid=1733892707.1700210432&gtm=45je3b81v874519667z8893022068&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38CM5WJRN0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kahoku.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 152ms
64ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-38CM5WJRN0&cid=1733892707.1700210432&gtm=45je3b81v874519667z8893022068&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=597529495

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11111232778/ 42 B
455 B 137ms
51ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11111232778/?random=1700210431720&cv=11&fst=1700208000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v893022068&u_w=1600&u_h=1200&url=https%3A%2F%2Fkahoku.news%2F&frm=0&tiba=%E6%B2%B3%E5%8C%97%E6%96%B0%E5%A0%B1%E3%82%AA%E3%83%B3%E3%83%A9%E3%82%A4%E3%83%B3&fmt=3&is_vtc=1&cid=CAQSGwDICaaN8VOcN2gJJZQWvuBhrZ75iReUAlbX-g&random=474134722&rmt_tld=0&ipr=y

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11111232778/ 42 B
455 B 123ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11111232778/?random=1700210431720&cv=11&fst=1700208000000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v893022068&u_w=1600&u_h=1200&url=https%3A%2F%2Fkahoku.news%2F&frm=0&tiba=%E6%B2%B3%E5%8C%97%E6%96%B0%E5%A0%B1%E3%82%AA%E3%83%B3%E3%83%A9%E3%82%A4%E3%83%B3&fmt=3&is_vtc=1&cid=CAQSGwDICaaN8VOcN2gJJZQWvuBhrZ75iReUAlbX-g&random=474134722&rmt_tld=1&ipr=y

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
31 KB 549ms
549ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1608245757115682&correlator=307841949999618&eid=31079660%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=193632318%3A159043525%2CLMC%2Ckyodo%2Ckahoku%2CPC_top%2Csuperbanner1_top%2CKD_PC_rec1_top%2CKD_PC_rec3_top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7&prev_iu_szs=1x1%7C728x90%2C1x1%7C300x250%2C1x1%7C300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700210431922&lmt=1700210431&adxs=436%2C1140%2C1140&adys=1105%2C529%2C4334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkahoku.news%2F&vis=1&psz=1600x-1%7C300x250%7C300x250&msz=728x-1%7C300x0%7C300x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1733892707.1700210432&ga_sid=1700210432&ga_hid=1389155701&ga_fc=true&dlt=1700210431223&idt=654&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=env%3Dlive&adks=3780727324%2C2797863561%2C3545255069&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35056c04492985dee7df9e1569cd09ee835e2bdc0320e59b93f92c5db8b1e775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32070
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kahoku.news
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 574 KB
58 KB 664ms
663ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1608245757115682&correlator=307841949999618&eid=31079660%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=159043525%2Ckahoku_res_column_2ndrec_all_4f1012%2Cpickup_01%2Cpickup_02%2Cpickup_03%2Cpickup_04%2Cpickup_05%2Cpickup_06%2Cinfeed_new_1%2Cinfeed_new_2%2Cinfeed_new_3%2Cinfeed_new_4%2CPR_01%2CPR_02%2CPR_03%2CPR_04%2Cbox_01%2Cbox_02%2Cbox_03%2Cbox_04%2Cbox_05%2Cbox_06%2Cbox_07%2Cbox_08&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21%2C%2F0%2F22%2C%2F0%2F23&prev_iu_szs=300x250%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50%2C320x50&fluid=0%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700210431935&lmt=1700210431&adxs=1140%2C160%2C483%2C805%2C160%2C483%2C805%2C160%2C649%2C160%2C649%2C160%2C490%2C820%2C1150%2C160%2C490%2C820%2C1150%2C160%2C490%2C820%2C1150&adys=2334%2C980%2C980%2C980%2C1170%2C1170%2C1170%2C1667%2C1957%2C2475%2C2619%2C4769%2C4769%2C4769%2C4769%2C5175%2C5175%2C5175%2C5175%2C5205%2C5205%2C5205%2C5205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2%7C0%7C0%7C0%7C0%7C0%7C0%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18&ucis=4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fkahoku.news%2F&vis=1&psz=300x0%7C302x170%7C302x170%7C302x170%7C302x170%7C302x170%7C302x170%7C459x144%7C459x146%7C459x144%7C459x144%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0&msz=300x0%7C302x0%7C302x0%7C302x0%7C302x0%7C302x0%7C302x0%7C459x0%7C459x0%7C459x0%7C459x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0%7C289x0&fws=0%2C4%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C302%2C302%2C302%2C302%2C302%2C302%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1733892707.1700210432&ga_sid=1700210432&ga_hid=1389155701&ga_fc=true&dlt=1700210431223&idt=654&cust_params=env%3Dlive&adks=2213646428%2C922569641%2C512919176%2C2844210596%2C3722270950%2C1201888190%2C2709929111%2C1060302214%2C2521060211%2C3416752516%2C2635726486%2C1400103810%2C4231808443%2C1736332616%2C3297035378%2C692603617%2C3172703412%2C3750883700%2C3371000747%2C1130305752%2C1050970414%2C250018721%2C4265051978&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289f7ff4c84342ccd83dedb5c5e38cddb22e87f46b2dda40b7483eff28067b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59127
x-xss-protection: 0
google-lineitem-id: -1,6350449418,6242453712,6405831015,6187844328,6410913596,6189507538,6393057300,6406860130,6414781904,6402811644,6197268213,6197360295,6201371492,6199661752,6272836470,6200068957,6197296992,6200299637,6198903961,6200696366,6200303258,6199152672
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138440051702,138425377160,138453103276,138417892226,138453664627,138417892031,138450273436,138452067105,138454062270,138452285368,138419325398,138419971885,138420235579,138419440418,138430111447,138419489016,138419963308,138419440496,138419961433,138420111217,138420083974,138419603472
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kahoku.news
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C65E 6 KB
3 KB 187ms
47ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 47ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1389155701&t=pageview&_s=1&dl=https%3A%2F%2Fkahoku.news%2F&ul=en-us&de=UTF-8&dt=%E6%B2%B3%E5%8C%97%E6%96%B0%E5%A0%B1%E3%82%AA%E3%83%B3%E3%83%A9%E3%82%A4%E3%83%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=418255094&gjid=1037523496&cid=1733892707.1700210432&tid=UA-172006598-1&_gid=997690534.1700210432&_r=1&_slc=1&gtm=45He3b81n81WVMWJSJv893022068&cg4=PC&cd1=non-login&cd2=anon-member&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2108627073

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kahoku.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kahoku.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bdash_log.js Show response
cdn.activity.smart-bdash.com/tracking-script/ 19 KB
7 KB 41ms
40ms Script
text/javascript 18.66.122.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.activity.smart-bdash.com/tracking-script/bdash_log.js
Requested by: Host: cdn.activity.smart-bdash.com
URL: https://cdn.activity.smart-bdash.com/tag-manager/bd-naqwe3/btm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a28646c3df8221a34c3bc1b9d9e6456a502e790a8b10677aeb2bee4e730290e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:44:15 GMT
content-encoding: gzip
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
last-modified: Thu, 07 Sep 2023 13:59:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3377
x-amz-server-side-encryption: AES256
etag: W/"5258e2ddf28851ac74ce2b57921dbc54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=7200
x-amz-cf-id: oBU3DC244h45DJKyArZTs20JbX8tESNyIf90du1jDcwQ2XddV3NX1w==

GET
H2 200 reception.js Show response
cdn.activity.smart-bdash.com/reception-script/ 375 KB
104 KB 45ms
45ms Script
text/javascript 18.66.122.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.activity.smart-bdash.com/reception-script/reception.js
Requested by: Host: cdn.activity.smart-bdash.com
URL: https://cdn.activity.smart-bdash.com/tag-manager/bd-naqwe3/btm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15e051deb35374b15f4ac4dc57f500891688464a5ab57f94a96a6e0050a207c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:18:39 GMT
content-encoding: gzip
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
last-modified: Wed, 30 Aug 2023 14:52:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1313
x-amz-server-side-encryption: AES256
etag: W/"26bb4c6bd024cd9dd71b156eb70a6ad6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=7200
x-amz-cf-id: nZmElCazNqb7YAd_mGTwpC2sQPoQqFa0nena2-Qe3WARmoh5PGn7mA==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2DB 0
315 B 269ms
267ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2577185970654102&output=html&adk=1812271804&adf=3025194257&lmt=1700210432&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fkahoku.news%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700210431665&bpp=3&bdt=442&idt=341&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7862307386728&frm=20&pv=2&ga_vid=1733892707.1700210432&ga_sid=1700210432&ga_hid=1389155701&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079518%2C44809315%2C31078301%2C44806139%2C44807763%2C44808148%2C44808285%2C44809054%2C318512601&oid=2&pvsid=1608245757115682&tmod=762430378&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=364

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2577185970654102&plah=kahoku.news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Fri, 17 Nov 2023 08:40:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 49ms
48ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-172006598-1&cid=1733892707.1700210432&jid=418255094&gjid=1037523496&_gid=997690534.1700210432&_u=YADAAEAAAAAAACAAI~&z=1070000693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kahoku.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Nov 2023 08:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kahoku.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking Show response
tracker.smart-bdash.com/ 51 B
375 B 807ms
264ms XHR
application/json 54.199.101.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.smart-bdash.com/tracking
Requested by: Host: cdn.activity.smart-bdash.com
URL: https://cdn.activity.smart-bdash.com/tracking-script/bdash_log.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.199.101.239 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-199-101-239.ap-northeast-1.compute.amazonaws.com
Software: openresty/1.15.8.1 /
Resource Hash: 9c9822471365b39702b8c8fbd99c328c0a73e482b230bf925816a81499474baa

Request headers

Referer: https://kahoku.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kahoku.news
date: Fri, 17 Nov 2023 08:40:32 GMT
access-control-allow-credentials: true
server: openresty/1.15.8.1
access-control-allow-headers: Origin, Authorization, Accept
access-control-allow-methods: POST, GET
content-type: application/json; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 68ms
67ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-172006598-1&cid=1733892707.1700210432&jid=418255094&_u=YADAAEAAAAAAACAAI~&z=257871899

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 68ms
68ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-172006598-1&cid=1733892707.1700210432&jid=418255094&_u=YADAAEAAAAAAACAAI~&z=257871899

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 receptions Show response
receptions.smart-bdash.com/ 59 B
75 B 496ms
415ms XHR
application/json 35.190.27.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://receptions.smart-bdash.com/receptions
Requested by: Host: cdn.activity.smart-bdash.com
URL: https://cdn.activity.smart-bdash.com/reception-script/reception.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.27.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.27.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4ced3053046432f2e13d701b1b60d0117530bf4e0704958b576ce77ce6bcaf18

Request headers

Referer: https://kahoku.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://kahoku.news
date: Fri, 17 Nov 2023 08:40:32 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=utf-8

OPTIONS
H2 200 receptions
receptions.smart-bdash.com/ Frame 0
0 364ms
271ms Preflight 35.190.27.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://receptions.smart-bdash.com/receptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.27.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.27.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kahoku.news
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://kahoku.news
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 17 Nov 2023 08:40:32 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame DF84 196 KB
56 KB 158ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 21755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DF84 15 KB
5 KB 280ms
164ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Nov 2023 05:14:53 GMT
age: 271539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Nov 2024 05:14:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DF84 95 KB
29 KB 266ms
150ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 17240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DF84 5 KB
2 KB 265ms
149ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 26760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DF84 40 KB
13 KB 259ms
143ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 63960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
DATA 200
OK truncated
/ Frame DF84 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21b73671087f9af017ea7a958020b7b064fe530efe1a186ca516e2a0fb4bab7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17935168248608803546
tpc.googlesyndication.com/daca_images/simgad/ Frame DF84 46 KB
46 KB 136ms
43ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17935168248608803546

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db666c018f794eb6034e316e72fc7bb03a79237281ce5927f6672d66533d4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 22:10:34 GMT
x-content-type-options: nosniff
age: 469798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47203
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 12:18:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Nov 2024 22:10:34 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF84 3 KB
3 KB 210ms
118ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:10:19 GMT
x-content-type-options: nosniff
server: cafe
age: 16213
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Sat, 18 Nov 2023 04:10:19 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF84 344 B
573 B 209ms
116ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 6131
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 18 Nov 2023 06:58:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DF84 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsJZ0I-YDal8f39-xfxjaJdIZfZLTMOEjoYxR7Xm3nVIPVpp8rtRp3yYDVditZ8GsXR92Z
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 23CC 196 KB
55 KB 187ms
87ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 21755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 23CC 15 KB
5 KB 156ms
155ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Nov 2023 05:14:53 GMT
age: 271539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Nov 2024 05:14:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 23CC 95 KB
28 KB 157ms
157ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 17240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 23CC 5 KB
2 KB 180ms
180ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 26760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 23CC 40 KB
13 KB 181ms
181ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 63960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 23CC 6 KB
1 KB 135ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 07:31:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 08:40:32 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 23CC 3 KB
3 KB 196ms
119ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:10:19 GMT
x-content-type-options: nosniff
server: cafe
age: 16213
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Sat, 18 Nov 2023 04:10:19 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 23CC 344 B
402 B 141ms
119ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 6131
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 18 Nov 2023 06:58:21 GMT

GET
H2 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 519F 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 23CC 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBVbPKG9iXq28LGnvccLjvYVRs14EIp-zV4i8CQkMeeXBbPO6mecDmLJHJoDatdOHF2HcG
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/2690945706112135682/ Frame 23CC 33 KB
33 KB 110ms
90ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2690945706112135682/2076313506083323656

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92216270872c0920a5b6c3f4cf5e17f0ec15ed1597d8d0d6577b4aa04282f4bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:01:30 GMT
x-content-type-options: nosniff
age: 5942
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 06:36:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 07:01:30 GMT

GET
H2 200 6335037260742195211
tpc.googlesyndication.com/simgad/ Frame 23CC 3 KB
3 KB 56ms
42ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6335037260742195211?w=100&h=100&tw=1&q=75

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

009ac93a0533c6f4caff30fb4721e1e9adb919e901d87f990f441bceac6e2502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:10:16 GMT
x-content-type-options: nosniff
age: 91816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2818
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 06:12:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 07:10:16 GMT

GET
DATA 200
OK truncated
/ Frame 23CC 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 23CC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aae049d567bc0e7d2996ca1540ea1736411ec97bd7fcb65b3f0bf652a90f24f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F0E2 134 KB
46 KB 200ms
100ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVcnAAAAFm4K4AcSAADjpTrbwNnx2Jqt03wLzw&u=%7Cqbhr1cfpZ3GxRY0A9VV4WXCXW%2FenrnGjPznaC4iPs6A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQrjL4Wd2WsVDxYo_K1_WpWrhswMKN7-0SkQ2KnUOzZrDx6trVWfvINTqwvSFVOiJB0ici9IjJ4WoOJUgkr017V8OzIRtfMg9ABBVsC2eRsE3ZfaYv-K2I3ny7TYcBCeeVF1Pwj7LQrAayKiqppDpj3cN1PlqWryT5FfaCe5JUE6_n2kyhR6tE0j245PVjuIGgsWOp02fSZ3c_iD863jhcT1QgCdt7zFD4hBOVE1zZyScEy1pqVGmCR1SLqVJUPSV5efllpgzh4Vm25txoHQ_a-R7DbokZMF6vNUZ4wMzrXqDeHywqtHpKJJa4as8V911n4Na6bNpEjYgz60gKyFemxEJrUNxbjVlfGcI2XdEJ9i8AQKVM0o-FcXJ4JUH4l_1A17iL1Kql3zKbvFPDTnBI0TSPl_4VWgYWe9HXiq_fNai3gN41LnHluDGO2N4zAVcOj--hpLJymge9KZ5lt9iC1dZ9UC-0Hi1NEqMFbhPFRUyCmJra3PTzpI7Jt4HvC1kaTulLGMN990efbzQbGrksLoQro0QuW1hNwumQxneZRx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTQlSACdXZe4sko6AB6XHg4AJyZ7SsVzVnZH3cMCNtwEQASAAYJWyqYKwB4IBF2NhLXB1Yi01NjI5NDQzOTQxMDc0OTAwyAEJqQKstJp4VjSyPuACAKgDAcgDAqoEswJP0BVQb4ur9QhIijVXvtoQGk9nTff0cQfpM72bl7BXJa7XJF_8tHUcLcJK8dS8yH7Wo7U8xRy2IjN6GKdntzMIf5J3Bt9kAwkK0Vl_qVthrhG_pvBomZc6KsGD5FCHBk35DLlOB3NKSUB47VuKsQrOcwHIpGEm6x2UgelSJTiHq8Cy8AHQGUs1wkSXV-N9jKOaYL9ajCyo-SwI6SBZsPfLsVAVjSKDioZyGy6FIlIl9Ya-AFgd22OiGYR5h04aYMauugGN_KgeiaQAWmWZGAIa7JD7YhG4FIIxB4fUuCSRSJbD6aUuNgpAUMezxzwtgIB8aPx0GSrWb_7e11ZBoxb0-i7ZTGJNC6cl_HCmlsryQqR1XCzsThs-hoEhAfYAybQ4Cez1lw_9_OHHVUCjbK5DKIFV4AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01ODE3OTIwNTk3OTU1Njg0-gsCCAGADAHiDRMI04XettHKggMVEgfgCh2l4wCQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1iWjViGYB9NbxFwpjqGHsCR5Tolg%26client%3Dca-pub-5629443941074900%26adurl%3D

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b3eefb3e372fc2c884fc841effd93343ada2577e3ed7680d6274999df67a3597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ADMd9Q11MyM1zh0-4sxFR7Uls8OHf2wqL4YsQjXreGwBz3_qoX7dKPebdEwMgN3DPLhOi-Pup3vuO5W8Tz24n69hiNT6AWwHGiZ9Y1BRjui2u4YSCXKD1UX1z1P_Y_KQCSy0OcpfXWMrv4q_B3gxsTAwXkTygqmdLIWOzK6HRN02iptKbN765z5UVRiI50whkNhMxYNtrPptkL84agV4WUrwYk1EkiLxMnS0iuH5ClpJ25n3mfzkYCKo_m2vmN3-K9-YJg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 51760931
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 519F 3 KB
1 KB 124ms
122ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 519F 20 KB
9 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 519F 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQmdPgt3rDvxWwOUWo3q6w0Ui6h21DxuMqwrVpr7QzwwohRZgVXgwAvKpb23W-VPHHkZNx
Requested by: Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 519F 24 KB
7 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 519F 203 KB
64 KB 286ms
181ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:32 GMT

GET
H/1.1 200
OK popIn-common-8.min.js Show response
api.popin.cc/lib8-lightweight/ 36 KB
13 KB 565ms
564ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/kahoku.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 1f2df6a1a501a0922a976d878630ff43bc46ed73b4b3355d548390a16f58dbf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 08:40:32 GMT
x-amz-version-id: xTD00zBHqjcBswUhXPdRsNreFf8K_doF
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-meta-tag: 20231018_OnlineApi-13769_geo_country
Last-Modified: Wed, 18 Oct 2023 10:56:35 GMT
Server: nginx
ETag: W/"b97abc57aa509b6605853fa9466787ed"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 17 Nov 2023 09:40:32 GMT

GET
H/1.1 200
OK popIn-discovery-8.min.js Show response
api.popin.cc/lib8-lightweight/ 99 KB
27 KB 592ms
592ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/lib8-lightweight/popIn-discovery-8.min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/kahoku.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 75408ada0a7482fb508e3b272017828e9c177db49e261a851491a4cc6e2dbb51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 08:40:32 GMT
x-amz-version-id: OLD3XhjlM6VYotOBe3VZ3h3ipmq1r2_u
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-meta-tag: 20231018_OnlineApi-13769_geo_country
Last-Modified: Wed, 18 Oct 2023 10:56:35 GMT
Server: nginx
ETag: W/"1f0309c787d9487cd05fc8bb359f3ffb"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 17 Nov 2023 09:40:32 GMT

GET
H/1.1 200
OK popIn-read-8.min.js Show response
api.popin.cc/lib8-lightweight/ 28 KB
9 KB 852ms
281ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/lib8-lightweight/popIn-read-8.min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/kahoku.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 330e673f9146dd263552d6145d2aa6b252be8ef55be5df273577ecfc2ecb3cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 08:40:33 GMT
x-amz-version-id: Z.QWxEAAFUsowASxN6EXyBGZmdXcK5AG
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-meta-tag: 20231018_OnlineApi-13769_geo_country
Last-Modified: Wed, 18 Oct 2023 10:56:35 GMT
Server: nginx
ETag: W/"f576a1f401b10edd73c25a031631559e"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 17 Nov 2023 09:40:33 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 1130ms
286ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYiLCJyZWZlcnJlciI6IiIsInBhdGgiOiIvIiwiY2hhcnNldCI6InV0Zi04IiwibGFuZ3VhZ2UiOiJlbi11cyIsImNvbG9yIjoiMjQtYml0IiwidGl0bGUiOiLmsrPljJfmlrDloLHjgqrjg7Pjg6njgqTjg7MiLCJ1cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsInBsYXRmb3JtIjoiV2luMzIiLCJob3N0Ijoia2Fob2t1Lm5ld3MiLCJ0eXBlIjo5LCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwibWVkaWEiOiJrYWhva3UubmV3c19MTUMiLCJwb3Bpbl92ZXJzaW9uIjo4fQ==&t=1700210432626
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
last-modified: Mon, 07 Jan 2019 09:48:08 GMT
server: nginx/1.13.5
etag: "5c332058-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame CBBA 196 KB
55 KB 152ms
149ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 02:37:57 GMT
age: 21755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CBBA 15 KB
5 KB 168ms
165ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Nov 2023 05:14:53 GMT
age: 271539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Nov 2024 05:14:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CBBA 95 KB
28 KB 170ms
167ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:53:12 GMT
age: 17240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CBBA 5 KB
2 KB 175ms
172ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:14:32 GMT
age: 26760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CBBA 40 KB
13 KB 175ms
173ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Nov 2023 14:54:32 GMT
age: 63960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Nov 2024 14:54:32 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CBBA 3 KB
3 KB 93ms
91ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:10:19 GMT
x-content-type-options: nosniff
server: cafe
age: 16213
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Sat, 18 Nov 2023 04:10:19 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CBBA 344 B
402 B 93ms
92ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 6131
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 18 Nov 2023 06:58:21 GMT

GET
H2 200 12808940174306731945
tpc.googlesyndication.com/daca_images/simgad/ Frame CBBA 17 KB
17 KB 93ms
93ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12808940174306731945?w=300&h=250&tw=1&q=75

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35807d641f302e0136f70811c27696dc8596ffce89ced14a2cc9060639bb9ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 05:45:59 GMT
x-content-type-options: nosniff
age: 269673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17320
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 04:46:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 05:45:59 GMT

GET
DATA 200
OK truncated
/ Frame CBBA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c994105a9d6127da09d24b2f746ad5fe09e22014714c64f021ae0daadf4d24a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D9A7 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B2E 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2248 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55B1 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4BF6 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 76BF 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FC2 6 KB
3 KB 43ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADDC 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 472E 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame CBBA 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmZxDSCucPT_Xw5V6-L8BWOntgOLf1KBEL8tYmjhDby3u9FuNqh0tkYEJCIqi3ZAfa29PLFaCdUVpqnLcR8bTnyS2g9w
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2994 6 KB
3 KB 43ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F0B 6 KB
3 KB 41ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAE5 6 KB
3 KB 41ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C87 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9557 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E473 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F72 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B12C 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A5DE 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC3F 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7ADF 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D760 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 92C2 6 KB
3 KB 43ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:32 GMT
expires: Sat, 16 Nov 2024 08:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F0E2 2 KB
1 KB 132ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVcnAAAAFm4K4AcSAADjpTrbwNnx2Jqt03wLzw&u=%7Cqbhr1cfpZ3GxRY0A9VV4WXCXW%2FenrnGjPznaC4iPs6A%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQrjL4Wd2WsVDxYo_K1_WpWrhswMKN7-0SkQ2KnUOzZrDx6trVWfvINTqwvSFVOiJB0ici9IjJ4WoOJUgkr017V8OzIRtfMg9ABBVsC2eRsE3ZfaYv-K2I3ny7TYcBCeeVF1Pwj7LQrAayKiqppDpj3cN1PlqWryT5FfaCe5JUE6_n2kyhR6tE0j245PVjuIGgsWOp02fSZ3c_iD863jhcT1QgCdt7zFD4hBOVE1zZyScEy1pqVGmCR1SLqVJUPSV5efllpgzh4Vm25txoHQ_a-R7DbokZMF6vNUZ4wMzrXqDeHywqtHpKJJa4as8V911n4Na6bNpEjYgz60gKyFemxEJrUNxbjVlfGcI2XdEJ9i8AQKVM0o-FcXJ4JUH4l_1A17iL1Kql3zKbvFPDTnBI0TSPl_4VWgYWe9HXiq_fNai3gN41LnHluDGO2N4zAVcOj--hpLJymge9KZ5lt9iC1dZ9UC-0Hi1NEqMFbhPFRUyCmJra3PTzpI7Jt4HvC1kaTulLGMN990efbzQbGrksLoQro0QuW1hNwumQxneZRx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTQlSACdXZe4sko6AB6XHg4AJyZ7SsVzVnZH3cMCNtwEQASAAYJWyqYKwB4IBF2NhLXB1Yi01NjI5NDQzOTQxMDc0OTAwyAEJqQKstJp4VjSyPuACAKgDAcgDAqoEswJP0BVQb4ur9QhIijVXvtoQGk9nTff0cQfpM72bl7BXJa7XJF_8tHUcLcJK8dS8yH7Wo7U8xRy2IjN6GKdntzMIf5J3Bt9kAwkK0Vl_qVthrhG_pvBomZc6KsGD5FCHBk35DLlOB3NKSUB47VuKsQrOcwHIpGEm6x2UgelSJTiHq8Cy8AHQGUs1wkSXV-N9jKOaYL9ajCyo-SwI6SBZsPfLsVAVjSKDioZyGy6FIlIl9Ya-AFgd22OiGYR5h04aYMauugGN_KgeiaQAWmWZGAIa7JD7YhG4FIIxB4fUuCSRSJbD6aUuNgpAUMezxzwtgIB8aPx0GSrWb_7e11ZBoxb0-i7ZTGJNC6cl_HCmlsryQqR1XCzsThs-hoEhAfYAybQ4Cez1lw_9_OHHVUCjbK5DKIFV4AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01ODE3OTIwNTk3OTU1Njg0-gsCCAGADAHiDRMI04XettHKggMVEgfgCh2l4wCQ0BUBgBcB%26num%3D1%26sig%3DAOD64_1iWjViGYB9NbxFwpjqGHsCR5Tolg%26client%3Dca-pub-5629443941074900%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F0E2 2 KB
1 KB 131ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F0E2 308 B
636 B 41ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F0E2 293 B
621 B 41ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F0E2 43 B
348 B 125ms
40ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=gYV9_ZSdAITy1Ulo9HjmEAakjX1xkcdW3fsS8JQQ9cdYuOwK2jrFdMILIlUkIF_nZcVojgCqUsXQiWZcMkRkk8O8GLdegrViAJs9EvGIiy8TXZ428nOR8mGxDRE3DYvQcgIhF73_GGcY0fbVimXRRf42J0YJOF6wPV_6FuglMgn6J28-uFZj9dzNRaJIV2Yy7ElQfv1Z2HnmymdGSVLpnvROWgDoKZDonKe6nhk-NSCOY8NJtj7JAKrkh5Z3lA2T9xYQx5vcptnPIgGKvVEYBXvk7RqA5d0qg0njVK2iNaFzrw1SsdvGPxbe1D_UwUhJ4LNq7Gw3fwK1HI-6HlmAS1hJ6woORoiogyUq285ItN5NU6YXWougN037GXcT5mOnnTylLYqpaFNmSulgGnwoo9adD0Qpu-wQDfxJ2pXM839xlVMQ8t-OolXonEQypNaS7hIa1g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2133860
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 23CC 15 KB
16 KB 132ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kahoku.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:44 GMT
x-content-type-options: nosniff
age: 360529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 23CC 15 KB
15 KB 141ms
49ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kahoku.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 580658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 15:22:55 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D9A7 24 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 562928695066510542
tpc.googlesyndication.com/simgad/ Frame D9A7 8 KB
8 KB 193ms
192ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/562928695066510542?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c58791aefddfe2b0e059c7f1e59de552ea94789156f08c15dbf4d79a9f0b3bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7972
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 00:59:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9A7 203 KB
64 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8B2E 24 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 403728653511122463
tpc.googlesyndication.com/simgad/ Frame 8B2E 215 KB
215 KB 148ms
148ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/403728653511122463?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

079b2f8ac33e70f1f61cd02222b7a9c3bf50717e7b84251ba9be78c89c0185e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219859
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 00:44:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B2E 203 KB
64 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2248 24 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 866174019783299845
tpc.googlesyndication.com/simgad/ Frame 2248 68 KB
68 KB 122ms
121ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/866174019783299845?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac8194f618f9023e8eee3c179a1f834efefd04657be0924ce560b0caf230f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69880
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 00:40:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2248 203 KB
64 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 55B1 24 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 5952634169130325802
tpc.googlesyndication.com/simgad/ Frame 55B1 19 KB
19 KB 151ms
151ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5952634169130325802?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d563861ea6d8ad023f895371517e3f9d7f361e42bf67159790f9c604e224deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19008
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 06:56:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55B1 203 KB
64 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4BF6 24 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 13544550167597988273
tpc.googlesyndication.com/simgad/ Frame 4BF6 94 KB
94 KB 135ms
135ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13544550167597988273?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4228c2726ca923a09224bccdf3bca009931b2ae2df698a208b933e5967e30e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96252
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 08:00:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BF6 203 KB
64 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 76BF 24 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 4083362670046406369
tpc.googlesyndication.com/simgad/ Frame 76BF 12 KB
12 KB 355ms
355ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4083362670046406369?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5f62973df6cf9c6ec566fd21629ba7c2667a93765cb24417b427834dae9f4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11785
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 03:15:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76BF 203 KB
64 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6FC2 24 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 7835704700163938800
tpc.googlesyndication.com/simgad/ Frame 6FC2 34 KB
34 KB 107ms
107ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7835704700163938800?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8f227ba667bb4b2491ec17f432a51de5252a1289f9995d8fc89d3e9e4b3fa54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34394
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 02:45:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FC2 203 KB
64 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ADDC 24 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 9728964537794889269
tpc.googlesyndication.com/simgad/ Frame ADDC 13 KB
13 KB 167ms
167ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9728964537794889269?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faeff7481b825698e09dd4518b24a72a09d627658e2a00eb0dc25786761a4af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 04:16:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADDC 203 KB
64 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 472E 24 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 17529289486383777406
tpc.googlesyndication.com/simgad/ Frame 472E 59 KB
59 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17529289486383777406?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539614698484c01d86cbd1deff95ec79c842245587abc2b12292f6e1eddc8fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:17:21 GMT
x-content-type-options: nosniff
age: 102192
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60172
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 05:09:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 04:17:21 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 472E 203 KB
64 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F0E2 12 KB
5 KB 131ms
50ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 782924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1zS%2FPdOp6Odkz3I6CCaJ8LINd%2FHfB6GV6frmn0ARXOOKm%2Bp51TzgEDG7Lq3VQdnkpKiUMyVlx7NjQov5HOghuvZ3aeutTqjfTzK9T5g8HpniQWNZgNLx8Z3JAJq%2Fpd4%2BKOkgCTuBa%2B%2BpGrA%2BbuA3c7x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8276ab673f871c26-FRA
expires: Wed, 06 Nov 2024 08:40:33 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F0E2 12 KB
6 KB 48ms
48ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2994 24 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 16184990849957074114
tpc.googlesyndication.com/simgad/ Frame 2994 47 KB
47 KB 167ms
167ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16184990849957074114?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be9edd901938f350b900ad0243d7b2f8620ea562f14a81654aa483d755692730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47949
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 02:34:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2994 203 KB
64 KB 164ms
159ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6F0B 24 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 2425569621460089457
tpc.googlesyndication.com/simgad/ Frame 6F0B 52 KB
52 KB 202ms
199ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2425569621460089457?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46107a47f83483eab39af1d10f49a2285ef82d04565776df0ccc380e9663284c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53614
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 10:02:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F0B 203 KB
64 KB 167ms
160ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FAE5 24 KB
6 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 17431337165434599953
tpc.googlesyndication.com/simgad/ Frame FAE5 31 KB
31 KB 145ms
142ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17431337165434599953?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c576b722faa8bb0af734fee664fb88849fb60561b5f10c3fc5821dc1813adb68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31570
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 10:12:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAE5 203 KB
64 KB 63ms
60ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1C87 24 KB
6 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 15936984256890661890
tpc.googlesyndication.com/simgad/ Frame 1C87 79 KB
79 KB 121ms
118ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15936984256890661890?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d0bb7c5ded56f5bdc05cbcd0e3bbd3b015e640b6d841578f323fc2a9d912ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80654
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 05:13:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C87 203 KB
64 KB 131ms
128ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9557 24 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 6407430262289251396
tpc.googlesyndication.com/simgad/ Frame 9557 194 KB
194 KB 170ms
168ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6407430262289251396?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed095f6683a2b03f2ae0f23e48193c3c370cb54252c790ed49f5aa812f438b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198775
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 02:07:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9557 203 KB
64 KB 146ms
144ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E473 24 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 1604366414008861097
tpc.googlesyndication.com/simgad/ Frame E473 17 KB
17 KB 158ms
157ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1604366414008861097?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6efa02a4bbd4e6defd0bb781800d539410bd1422221f4331eee0b112753edc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17765
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 11:52:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E473 203 KB
64 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1F72 24 KB
6 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 9393164317672409215
tpc.googlesyndication.com/simgad/ Frame 1F72 35 KB
35 KB 118ms
116ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9393164317672409215?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe7285a1169eeb269e67c54ce955be26daa180637005928e5caedac1d311006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36116
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 11:01:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F72 203 KB
64 KB 130ms
127ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B12C 24 KB
6 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 3671471801987760016
tpc.googlesyndication.com/simgad/ Frame B12C 32 KB
32 KB 120ms
118ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3671471801987760016?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d898e9540556bbfcb7c70f16c5360dc46c17f13726e3d57dd64570cf1e4326c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32428
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 08:48:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B12C 203 KB
64 KB 76ms
73ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A5DE 24 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 16842962167092088410
tpc.googlesyndication.com/simgad/ Frame A5DE 14 KB
14 KB 127ms
126ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16842962167092088410?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56bfc0860e8272ed74f216b1db0fdeffcf90f45672027e693f764f54deb0e0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13896
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 02:25:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5DE 203 KB
64 KB 108ms
106ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BC3F 24 KB
6 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 5519634677759085830
tpc.googlesyndication.com/simgad/ Frame BC3F 95 KB
95 KB 175ms
174ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5519634677759085830?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dda22e34a2d0d66745bc52d3e60349184160e2ab437fb906a4130f78ce74e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97473
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 08:15:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC3F 203 KB
64 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7ADF 24 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 2550168542137343710
tpc.googlesyndication.com/simgad/ Frame 7ADF 53 KB
53 KB 163ms
163ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2550168542137343710?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc19704da7054e1adeaf4a10f55e6b756da32538fd7ddce296bb025eff807bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54702
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 10:51:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ADF 203 KB
64 KB 156ms
155ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D760 24 KB
6 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 5590900012096898134
tpc.googlesyndication.com/simgad/ Frame D760 37 KB
37 KB 124ms
123ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5590900012096898134?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4abf006c30b5d3de1a139a0f1f12ce6b97b7661e1e4db4aa2b8bbe6f76835d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37837
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 02:30:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D760 203 KB
64 KB 187ms
186ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 92C2 24 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H3 200 11608073162993066669
tpc.googlesyndication.com/simgad/ Frame 92C2 7 KB
7 KB 121ms
120ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11608073162993066669?

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c80303ca2530da3dd16e07e653249cca7507a432e1aa7e3cf85893de64475f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7221
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 05:59:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 08:40:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92C2 203 KB
64 KB 189ms
188ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/16/20231116khn000057/ 11 KB
11 KB 967ms
966ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000057/001_size3.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c3372657b3ea254c500414b7fd8e40e3622b8ffa17ce3b753de469bca6ec2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 23:23:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "8377979e9cdc606b42bfb4093a658150"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 11266
x-amz-cf-id: PefM_x3NIzw6JW7IWcH5ut6jTURW0JLqcE1lPfqoAsXtxQ6-NwbSmw==

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/16/20231116khn000072/ 13 KB
13 KB 977ms
976ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000072/001_size3.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc8a16cc129b419f03c8b157852209e003ce9f8f6d408aecb0f46029da982bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 02:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "763c97367603a388c2f58010d9161978"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 12928
x-amz-cf-id: AMHG4VuY-OpqwkiYgdmVBM34SaC_WlJB9la1KXysSUuZ8IGhojcoWA==

GET
DATA 200
OK truncated
/ Frame 519F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c82a6ff436966415eb2feb7d8cfa6864ee85f6c58b4a2124e8dcfadc41b01f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dbbc399d77b849d88127a50c12ca789e_cpn_300x250_1.jpeg
static.criteo.net/design/dt/19906/4834108/ Frame F0E2 61 KB
62 KB 63ms
61ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/19906/4834108/dbbc399d77b849d88127a50c12ca789e_cpn_300x250_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5409b00c1531cf7e989e59f50a440f3a70c019dbefd5379327661fcb8d16bdc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 14 Nov 2023 12:33:08 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65536904-f57d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 62845
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F0E2 10 KB
10 KB 185ms
89ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=596&rid=4&s=0QCl27MyXPG2kIk4n1NDhjGp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dd73f4e1f4316b52955d52de613c5cbb1034124faf6657ceb6d1e1799979790a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9815
expires: Sun, 03 Nov 2024 05:28:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F0E2 3 KB
4 KB 137ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F25405489_4-202306022236.jpg&v=3&w=400&rid=4&s=X4BdBLZ2QNq5UDRlpeEH7UxE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97bc2fdacb6911749d06c22b469468e02a0ffcbd04b4eaca0a03ec3ba5be573b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3504
expires: Thu, 24 Oct 2024 22:57:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F0E2 4 KB
5 KB 139ms
43ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4547
expires: Thu, 07 Nov 2024 09:55:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F0E2 0
128 B 145ms
45ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ADMd9Q11MyM1zh0-4sxFR7Uls8OHf2wqL4YsQjXreGwBz3_qoX7dKPebdEwMgN3DPLhOi-Pup3vuO5W8Tz24n69hiNT6AWwHGiZ9Y1BRjui2u4YSCXKD1UX1z1P_Y_KQCSy0OcpfXWMrv4q_B3gxsTAwXkTygqmdLIWOzK6HRN02iptKbN765z5UVRiI50whkNhMxYNtrPptkL84agV4WUrwYk1EkiLxMnS0iuH5ClpJ25n3mfzkYCKo_m2vmN3-K9-YJg&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 08:40:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F0E2 2 KB
1 KB 120ms
118ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F0E2 2 KB
1 KB 120ms
119ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DF84
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

49ms
48ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H3
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 17935168248608803546
tpc.googlesyndication.com/daca_images/simgad/ Frame DF84 46 KB
46 KB 49ms
42ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17935168248608803546

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db666c018f794eb6034e316e72fc7bb03a79237281ce5927f6672d66533d4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 22:10:34 GMT
x-content-type-options: nosniff
age: 469799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47203
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 12:18:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Nov 2024 22:10:34 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF84 3 KB
3 KB 50ms
43ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:10:19 GMT
x-content-type-options: nosniff
server: cafe
age: 16214
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Sat, 18 Nov 2023 04:10:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF84 344 B
370 B 47ms
40ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 6132
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 18 Nov 2023 06:58:21 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 23CC 3 KB
3 KB 50ms
44ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:10:19 GMT
x-content-type-options: nosniff
server: cafe
age: 16214
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Sat, 18 Nov 2023 04:10:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 23CC 344 B
370 B 47ms
41ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 6132
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 18 Nov 2023 06:58:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D9A7 0
0 81ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsivVtsjlXfAyR3GfCRBsuWMldIfK7BX5nnZUZrFW_dZ6R_FdCnzi6r-_6za0gUvr-Rbqsk0G2GvQmBmaa5PxiheSiM9ZJ2Ql7fTkw-gW4FuLObYj0w2-bVzgi2kRKyiYlWDgZeZd72VrfeU9Jfda92TDAMC3Qcaljqtdr0CeNWrPM3W7VXXY7DWgP15X_VpNAWUP58as5ziVP6EZWLhsy4Yu3rXUSyl4hKKP_OCvdfkCVYKoFpSrfr4bZ5LLl_xeAZVVgJO6C_I6FOnXIiKsP1c9H1aWERLoHpJ7cwPUmOxTeVtXasULnJJlh0GKPZY6xcQ&sai=AMfl-YTNhFRnDhXunAn1rRSn4uxYusJRqy1YDxKfzf7YwxqLpnngObdnFIvLouvO2IfMRyYNKykJA96fY-Udwq1d8-BbCchKJriJIGkTBnBrBsWpp1r7BTQFpYq_uO82ehM&sig=Cg0ArKJSzEy8CnY0eRxZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B2E 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6LNrzCw79xBmQP04CGX5XTZ1_NH9Drjwfuz4GAvsd-kJSVevk9lRhg2jLtLpv68NY4iMPyQPdEvtIoUvtMDsrUWCcce-pJAtWUKludFT_hFogFJFscDEhtNOo6ZR6x8HL4-mBsbq7Yw_6aK84MKoNgot2is-MxnZuUhiJmCFoHh4Jkr8hcg0A4IXatXQ29o98JHy6Q7vYsObIZN-I4HL-t-_BfVwL9AuE6JNF2pCgkcNMQxtigl1F6eTPXTfkKweLOJeYgY8i-kcL1zu5y_oEIsHoMgahK0bFs3rkqFT7nm1M4E7TvNzFwMSmeD8zIURBLw&sai=AMfl-YTopFO3rmDxt3GGaRz2gStIViSXIdRMp3BFepzBiqyjDCHBJKd2cxOnRD7-8tx1XCgkl_M6ucDqoOCUDr0Ycly3ZFpp1j4iNukf5AyK42D-3KRxRWO_-VkmoeOY8yo&sig=Cg0ArKJSzCOGP3FsNzfiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2248 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutxo_uVJq3en5ps9Bc3ER3_FPfzjHzODeukSPHv-VI0wn44iUvopAaDVj-FlfjFo2jhBtvmYU17KbsSby9etttk_99A6p1f33CW6cTWbZjOGRZGPRbbvHd1_aUqpC87FGDqq9J9UT5zW7wn0qqNpz7OqYHM9hX5yXlVGX_iuv8SRktts8rnGRkHSVL1T_70xK3mvV7NHpq_mtU3ZTEhiTwVvyUZsKS5rQFH_9uL6d5UCMuheLtWjobxMNvoyuAe6EF1y29GbBHY6k6_U0X50HdK8VmESisoapVSJmqannJHk_6KBqk5n-k37_IyziInlkCew&sai=AMfl-YT39NvL76ajeCEd_JgLn1Vb1S1B51Byxmiz2gOXrT_cvDjd_7HPceQ-nTM5MYJeFxw0puAhkeemcdU07L0JIW1_-9A7JXRZ0o6F5DRY-AR-3OW8DAfCBnlNCuPhApk&sig=Cg0ArKJSzBdfPvF9-XeMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2248 0
0 158ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZQSnNIM9_QSeDfd3ksf9p8mYqGIwYQs_Z4nEdpM0faDM-1N147s128uS3r5XxR0dfevsXCgEJ7at-lF4hK3hObWAVrNjx4BZG6JLfTp6k3P73XUVng8_ZAHUXhhAJ3TZTMjwIfCwYFMqOnkcGAPHSUUIALHrIXARTC8hhR1IwuawIindyJa0GO2wpQKj7zwljQOHD45ujXqISoKTcuAAgCUF6lmXsTk_u945ir2I-zdQraB_hN8yM27hYMP7m7dN1Q0WS5UckSlDuUnm7iDyWVQ7dVTDn2TDzzftZd2ZNK82b6R0qF-hEQJUv7On4DmMGJSd6&sai=AMfl-YTR0JvxI3i4c8hp5pDYFl8sCUnvALu5V2z34eRFURP0h-onVARwfG8j8Ls6wyBcesculOZ736IWpB7kTYhMU_KaZziO8bbb7nMdDhzX80m09yFxuPy6Zz23ykmpLLQ&sig=Cg0ArKJSzKmGFBi95m-rEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 55B1 0
0 84ms
84ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty49b9YGtzNNjKFI3tMfWzSd_h305h4-RILH06cChKhxdZX5BsIkphY1fXgBYqiX5COYnFTr-pAuqDOT4F-0re5U0SnWGdjWcfpaMqgSeLnZh9F5pbvIxvo5BMQkoBBym84GrNAbbSy3_u5kYtANAfngoemHkpXtmppHeD2vjdG4q95Q_d5R0SwOaI87wWDhxxKprLKnUpkYcDu_uwgqOhhoDz1L1txZwcwEfUcxuY_yNeLheCdPrVE_qthkYcNAiTIz5OLQBAlkpDuyf_DNE2sIdt-vMAPyxbzojZ34Qq6n_5V_pJMh9E04GVgPk_giF1mQ&sai=AMfl-YRrd1dz_vGJIi-L09DaMQRQO11DX7VcZ3HGOjGCGmTYf6W9BWeCQBgLjGLNIovDqd78sTRbCx1Q68NUX73jKtXcmU7aK6_ij7iCLlaloaFCo-iE8CWtaJYMh276Wb4&sig=Cg0ArKJSzB_BunlDWF08EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 55B1 0
0 126ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdTEXfTrU_Crg9cgMtenYwqRjD1mGpLDMeGXrXPLhTUYmyJw5ho1l6sqNobkOtQepoMwHd43UzTlhlP-w_1rqSc92ZJrNWyAkj4lATEx7U488NMZyLMGJsd5322jExlbztaEQP3lp71ETsvOdWSOneFJfueSugOyqbGufWgC5HetA84PYF-IIyuBKwh2O9KmcrLjdysLDKQrRpfddiRnIL0L25jBVoa5I5zxJTj8ByMYw7HJtjvBP3otjZLS33ehvyppTxrrTWykeixO05jM5ISwAGdBGezxvyOGPf7UW-ypfox7oqQAWM3Esre5D-Yt6gqt1Y&sai=AMfl-YQX4gVzuUr6J2mWS_UpfI_P0wT9nY8RI4_1AuXiYqMnORPjza0S5tNFZmvVAVwinSMvm9vDkbe8mgiRtgdtGblcCCzMybijlQgVVvVihlEV05oeZxXxVaFu2iAYa4M&sig=Cg0ArKJSzNGuv2dbK_TqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BF6 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLI4U513o9s1wpbHzH8XGUj9ZUIy1xOxLpExUqDAbfpRT9pbY6pBwiHLc-AflOipClnokhI9JtUFtYic_nfyq2r-E7t4nuA1nnfdCT5bHWMqSFkqJKSNflgLbBGK0Xn6yararhX8tRkkSh9nLgFK4-ZFi-d08TEenVaFAMqcl7LGsnXGR1UP9H_pAo-nkYK3Wv08R4y--VZw7tv6S5AIeZtzRrox2RPXwHbTa22Gr4xSxmx3qfwzWa9bPQyg33IfyYXOHWB6HCHKCWeHE7iPBMI4zleGk8jnKjErhMkf1lqEMaPmrr7rQOEwdluI7jeuXJcw&sai=AMfl-YQF4LlZZ4IZmS3F3IUuX3kRb9_D2BwFDMOm6auekfBjXIzm3t_4SDItbItHoPrh22AvnA_0Yelbdp4-n3peafS9WzbMqLOi995Vnj28NYNfz4rEj06T17lK3Lk3a0s&sig=Cg0ArKJSzMePsRg_7cuSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BF6 0
0 96ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszIuWsPbi7pc0N69YubQBgfj59br0wqOb5yF5F-jjc2BJbxPUoEEizCEOnGX2IdRQ8MWx7MHJJBb5EXXfL8kqTDe51XWqOu1yILxHWaQASgIvAIVenlgpBqZ6RcZYZXVd_m224wiMvYLlWf1Y68CX4SaGoYef7OESQ2QljXpKuErnQMKVJrnJNV6E_jQ0-Yti17nE0_snSQf04xwqKnv3wAKBSk2ipmZl9ou1Hc-46aYW3v7PNOO9MCG18SrGYGNCEciUvkpeKsiUnvcourWMwjitvIHOOgv7c51WjasrbaDRAG2lZ1nSaXe2aOD9Q45P3rOLS&sai=AMfl-YS9JEchMNOOq00kb45AUHA3cPRMoK87w35pmMXRIjtHc78rYprv9nvaEoV3kakUG95Tfdk5mopOpTzTIqjWuVtBgz2m-qQK2zJjXUzXAlG4RP0FP-xg0UF1Nl68u18&sig=Cg0ArKJSzOjqUGmLfr8yEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76BF 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjTE00vqdKWAvVpYvT6J7me0ONVhZgpxDYfvX6iJwlh0AfYj2bC0QIIAEQTLKSh4KoOEqeMqwENM--y0MHuu0I8F-tHcQIp0SBJTZB2tSNK3V5-4Mkh2zGVZA--E2Ep7RkxfwRArWHnCwfn5dAErFmZVgf8lVd2zlGYMKpLREtbHOmYDERKTsJIH8PbDNVqVX_huN0zMLDrEhNrls5wIFyuqrY4NLeaQ3dKCiTS-Fai9SfqN0ZVa8lwo53y6_lJR2nXMjPzI1CkbIHzPpB0yzG8xuKrDbwyX_zA9IVTy4ZnkSAfnTqhzjxwzwgjI3bBw&sai=AMfl-YQxiQgUTmVGbkhXmNYra0vnTl0XMoVuTgakLkaVn3p2sW7ng70mJbWNHpuW5c74hT7KfwypxqQK_H5n8gt4kgWO_ynd9VuR6hAdiVf_1D4xdEHDlC1fa2_NjwnULXQ&sig=Cg0ArKJSzBlmf5wtT47DEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76BF 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvYvy9GvGxIQ8ZRtk9Zi07RIlkgFw0XSDFQ5JDivc8Au_MQ9aY82LT7yMLKZsjTQ8OG2Iwzd3IOAN0rYfIva5h51sYpWCtEK4hTYpoAB6CDWInAQpTCjkwy2g_R3UnIDQ-gSwgP-1_PoUijWybmQ87FIG66qBbgAYJ0q5lIqKqZ2j9xN5y3rZD6-LH_mi4x9xki89BnoRALiYwZpIMDAjH145lfxh0mBOZ8ZHZSCmuIIJ1Bjv6p1KtDAA5RDDnpCyTrCg0cxYJvvFWZSlzCbpu6w9ufxPSuYnVcyxXLpNQHRc8WbCaxWt3NoilM8xOQNYk&sai=AMfl-YTqi1NUQy5gKJTtOni5ey3KVv-zR4g3Yjkem6waBSUghZsEfERytHh01qvmcOhALyErwX7xThXKYPK6tf_-9VbiHKYdAYukXbzhE67sRwHCh5a0WTlDY8kp4n3UYrU&sig=Cg0ArKJSzB9TZ8hNNYxdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FC2 0
0 86ms
85ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI6f_BFv92FDvCOQouv4n217CweX_vpspmsE2gssewHLR_6F3QJonHT-SCyLyZJ8E4F-V1y_c3LVoHCXtmJbBaGx9NyXUJ6nk_0Sm1JewCo8esvByLSqhlnRkpqpHS3JA90Vjt6Dkny8h0spBU9bKkmNbrzaRNAehsORw6iwFIJIUTpB-SWW_lIWK3TTYyO5_aL5RTDmL6_DPZsCbR4-ncLJKCPkF2bEIesJ91zbzOwUntZZL759lNa2LADDFTdNWR2O7KlvovfZQpz73UGTY3K-6eGgyumTZQ97z_26axhhkp4WodDQfSecSltLJUeV3N7viycA&sai=AMfl-YRasP70kBayX33QzUc8YuzOB0-dxMZmV-aWAR2DoxFvlJnszUUSQW0M7IcdM_HmDs7mOkEXCBLoaeV_8YMbiR9hxv1MLAQX8MqEwFhLVbbBvsUb4ERMTOaLD2M0wV0&sig=Cg0ArKJSzLA_GcWkZ3yvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FC2 0
0 85ms
84ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbDdKZhaPbsOwtvhBW8Gtruj-_St0mcIsxugmwHtakWRkCqD1CpodqKE4AFB2Niq7_HuZ2fPN0zYMwXUvA-LahvpAHILFFEEt6QxTcFTFgKHklSfU7gXJLFRTTDnM98Kn5vG5ct7NpEQ45UoA7HRNV9yFqWX-3z05LjkdfsWF1ZiovvtveROv4-I2acpdmmTELrft-dTv6dvNchr3Kk2-x5_llUUjtP8U2f7sutYkVgQeHetb6cPaT4AaGhknKQpe3JpeK-kb1c1gF-2WQ5IPuRMzrwmvRp5Qr-HppMXnRZKYe0F4D6ACxfbirEI2qy_AoNv_hbnsS&sai=AMfl-YT6A-d_kSCylzvSauB8UqfctRSvoe_vE-F4IaolldQIzZmFgaYz0XoGC7XjPLs_H-xtaiOxGNF_ZCKw3DDQcL1RqpHfWqnMzm9UktgRylyWN95zonj2YvTK8f3Ks18&sig=Cg0ArKJSzB3jEb-HEUPuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ADDC 0
0 80ms
80ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFrceb1tiLPaae4ZsU5VvIOn4FQ-4-K_Z4G_01rhyFh7oa-hsRVenfOcGkU6f2VQrf0ib1JwoxNjiRrO-ZfW6Ke3D6BB34VggyFjpvuBMPRjQLHVqplA4fKH0VxSnZXJ04uXV1VZcoMlppXOSCXUYPQX0QLGrjungJZUIvIDfV-KTni7mFTSB8JECARSPojZJSJZQ5MrygGEXkN9kB063txbgCzT9VvH8mZ2T3ZElBC80gh8uKo1teXDgPlMCyhN_wib890WZmlt_t65JL-23P8-16lJWuQxbXhayaa2P0MwLQ-R0lc57tZK8W5xd7qLXaQiEu_g&sai=AMfl-YQz4sFNy6VemeN7ER_qgQtn6xxU4086SMuOivPZd_inftAUXjLcqW3rC52XKW1CM8mRtTNToHYeTXF48-H9tInbhAIm8Ol5SNBkr6flQIvYsGdPKnITYSxpmzkpoPM&sig=Cg0ArKJSzMJQvWKDwyA5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ADDC 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN49ZRPe3bAM_9qRIp1J2oqky6lBiOXFtk6MnX_HgsAGG18QvhaDjrVkyvTosxxyboIpxrufeiTvYj3Ej1ljXkfhUzGBKGPV3g9biUE00TGypECtR94ua_OCLD7-g6ofUMnvDuFBQ0WsGovuSf42whqa9n3tKJ-Cl848jBEFEYjB0I2gYiTbTJwIdT9Dpnsqpx-LFFma7hifmQqPq1jmEtaT0OyTNB4BbI0SeIanz8lhAKsoV73qbpTZgadCy1EfN8blh5sWu6P9owP5Vk67YvQwig8LmGsprPyrD-Je1Xl4rCSqJxTuk-ZsbGIWUyunfS7B4_KSh5&sai=AMfl-YQ_IVqX8gR2G5PiwkeamsLsyWvCtbsG-nJ5klo4OywpHWAqbpeHxWUykT6IsmuWziYBcuv2kbYrQXtcdqOiBP8cZtAahtc_VfeOU2P3IZtzzbEOy7AN6cwNnHqi59A&sig=Cg0ArKJSzI4vRPJ8ehAlEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 472E 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoyboMh57fnqroESho5RU2PMjZ4whdgZky7pVJqf--bXwk1Q9EsoGy7iji9wkMIEg1LHDufqW1020SuI8eVpWwUVEwv39RTT4rernsopBZXM8RIp6L5027PlyGlENv7jZEa66-o-YVAHSoMIRHi_PhyhUiI07cp0XtqQywMPEpwQgaqyuXPPoh1SbN6LBuWThMdH0m7C_cE4Sa-lJqU_AmfuQ4iLRUwajHAkiHJfiMS4g-AjTeVRKTi3VVUtXXG9YL197CFpOycGcUUZHLni9LiHJI8KOCJcklTlxEsOn1zxZ4e7H4nt6yLrqXiLL8Y5ddn1H9Lw&sai=AMfl-YTI3_pDloS5gMYsH6UBHJE8CAs8eHZULUqhO02gLCD-HW0FrkuKfSbq7Yfs29dCk5ZsnThciCKX8QK0Ct13WsEXFeZG1mXPqdjrKiDdrn77_vL9g8bU2O1HpcJLBhc&sig=Cg0ArKJSzOq71S4zX4v3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 472E 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJjWJsgprG1ddoagxwpcxcYKEJrbl0LhOlzmFwwlsgMsKvyJ5YtaeiZChz6pWmh8gcvSqekHtkuUD5Dvwi4TIpofAOEpNzB2WPnQ4fIV7wR5JZSOz7jRCta354ZhU7_GdPM4bzKS9gBwpyFAwBqQ1AvW70aOl7IRQaHkYupg3ZO2MzYgGqDYuuuNdRoiSxR_VDcA3eCeaV-tC6tdk5GgFfKfRTPYNlqTiAiOK7W8mHPiAW84-w1WvpxDjGs7C5SzoL3wdwMwT5Zb1KvNc14ENhfre4PmC31coM_I8Ri9dPjwPJg-7xxE_mC0axCy_tKHSjhAPWrn6a&sai=AMfl-YQS-pvJgWOFDw9ZJtNAuVUV_CNMPBEBtkHrrHja_TZ4FGIYYpbefrr2KxTEKkmUa3tvWIYzc-EJZYZF-IwPI4PVd2BnPtZBIQV272P_urmRbXE3bFXrgmuqQNflf_s&sig=Cg0ArKJSzIktrxm6KfT2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2994 0
0 89ms
88ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCfLd4apr8j5lmDThRj-BUCAoDyO5rp0W5YhLymqp1_UY2LagY8IPf4Ee_akdz0JdQ9SekAVrSpRGNV_HW4jA2oI4L1aAEdFyxvoj94K0I5TYl47K_w_1OOJqEr02v6WKEkSGbhzAXsvpEpHKfh1q_DmXZdffhmWccUesNOY66nSD69zCW-551bYmQrffijBlXtFDwtztYjX7vTzILQefcrDI4ZHLa4qgr1Nhb2TKM5F18IriMUyCNoTgiUNst4ehiJgMNdpXVn0WlL8lmAY_uMM3DbJwWfbXhsgAplnsS2skdxgm5pSGg5MtQVPsLHuhTJpu-ow&sai=AMfl-YSehOgSMbBLpvQqAVLQPo-CWOYFQuRtB6m60DIk3_XFvMsGMtfD7VwxLRq1pjoawPDAOshWKdaIG2bkUEoJtu5T9gt2LHzPXAvvKUrZNZtAIxguVEXygbm5r12t3vM&sig=Cg0ArKJSzO6TD6ut9sViEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D9A7 0
0 81ms
79ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkeHOg8DrgXVB7j_A-WSQrz_GUWljWZthvnv6-gOViNgiM2xfitSsqmgmQJLEllgpePcS5B2gh8e3QpZj23OhimRz7UEWoMmcV7iYdFrlUvl8svIVNZKlwIIuJgy4WplSs1LO8l5_lk15zOZDpr6ZATwdhCcU83yjht-TYy-dA13qV8RngJsalydwqbY8KWjfRSCeLNde9lh-rlWnX213o5LsYwLxxvl3xNtIJ5zCH9nwPw1uLg_okSI__xSKQtwBKCEdHTMAmcqWmXAp-YRF8GeKXrgcU3L2x4fOrnZcNLlXx065YAgBIYQMpxVG3iz05E4cP&sai=AMfl-YQeIlvnt4omaW4Mwe8izFEFYYVgLb9jGhsvfas7Q-oZZrR4uQOSxp1REM-lyYbQ3a97NJHOv_NZJFyJeiz8uUPlG2CXOTjjTWxedgpO1NPtrxRn2pudhD9USBabyhk&sig=Cg0ArKJSzAqqjATGkQbOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F0B 0
0 78ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0KTKQHHqbzKP5SSkhThGEOAloGBIRZyzxj8QWVkBQDpPln36o4gmXrXSj71Y8bdsqFbjGcWOOWcOAXc4lzWn-HCQ3BwLLqLLV_EtwOXyec--F7qYY7x3-ubI9pbIFqn6-AUsDa_YlPT8BjbJw_s6FPmy9nmG9g00o5bRqBOd-yjLXIo9igEvp8Nlhdwj7UmuaOmqHAoly-ene6r7xmqIEuUZfW9V3UW02MjUzt5lP27rgke8uhs9a4oLxjKwzdCeMIoD9AqizwYCNzDXoXHfEEziRfNekY3QZo_SXNo0WgRgs9Xk2dpzAY7baSqm5&sai=AMfl-YR4XI2boodQmszGyXXPrjYOmP3zUNHmws44wTEFWGC98DN22eZb5-39qurX1IxiPEK7XVl0ufkWFjATivU6xmLZqvt5gWuL0j-jJsuBCQZEkSWzVnfGd7AjletXzmg&sig=Cg0ArKJSzBYn19Qo-7OAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAE5 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPqrhM6BaVcD6240YJx-z9r2KM9b1ml1yg9qxK7qvwcqgdq0XlB6PoFbfqBA_39jXF8ndleLsaUwOAdvRVOHkQ2n4v2Wxb1KHRWwa5NxnZIXo8can6yX_-BmKju1GHS4YH0ACYBtVwSBQXQMFrIxRy8qEJSuIR93nY7slBG9x6FA2KpvndrRAoEcRaL1xMjECaSbgron-Hw4JTEmErdtIODuZddaWhVIHw72n9vnHislruh19ScCm4fGkFcmXnTCCl0TP3ujso_uVVWM88hWAQsk-nrtUxcOuPQeOHcOLpnr7--cC8Prlguqh52EFw&sai=AMfl-YSSWxNW6B4iG_Ss4Gid9mBatUMl1w3hcIseLld_QYMjN5UsVPikCQQG41WVVTaFRwOm2oeT1NIdvEM-urypXdEovTn4_Pyj4Lj-4gIY5xDQnLlZFnTQ3OnqEihKQM8&sig=Cg0ArKJSzLnYarz70YgBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C87 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7-sMqAuGKX5UC4OHXAqFuA_Vj9PTqzPBiM0OiUsCex0tBsuaUoLoM2dLvHlGJr_HZbyFf2eNBfx_kGNDWuHp_0KzNqyDMylvuoNXLxaPYT-grx0I0_tRlkPZOgjzu57y-nVQOv0fbbL0wRP9igYoXJES0T1eet54COR0Z_4jC2imkdShHY_Am6F9zTmyV4vCJb3mS0up860ym6DvYafi3IjC-O-35y9RXboGYax6VqwcqUaRabaRLgBAkSQVJ9HQmUiAN4GqNpmoGEAGVNv6aiByzOB4jd9c6ZxadeoEO5o_xsSjKhAj60sm91SGD&sai=AMfl-YQjwNlxy0A1gX-yrj8h6eQP_h-5iwGN32PxWUHUoUOG101QtubPamx9fUbclGfAvWQC5WKrA1ICtT0hBB8TFpDC4hKWO0tEEBi2zpb8QG29f6V5qiNV0s0EBWwOIGs&sig=Cg0ArKJSzBvVjLBKpBbeEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9557 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX44FnmQUlQTpEIH5SoF0AA5TOGvFOwSn0yUvkNx6G-JiQk70Nb4-h9ppLSC0WyLkpEMqmCQ9R51_AdgjafBFmn6Bx0AojyAaSuvt6zt8ZDvokrBMk8MA2diUo376Y_15fPoUEfsiqfl51Xmyeeeq8iFEvlwecQnjDAQKriGmNf4KgZbVj5luFsO-9HoWf5EBIBtk67OgKlH27DkLNrwypBVM7wktnnsgw1hi-CThBIhKs8VlQu42hQ58KEeml3fnQq2S8FK9gPnqLxchR9kqEEVGLBDpOcHJXT9feD_QU6amL0v3xnktVOIIskLgc&sai=AMfl-YTVTU50V3Q6YiWR1XECEbvr7DsUZopVukeL2KGuwGU_a9xjbT4XopGvwIgUT8K2NpQMPKtw0rkyClAFKIQlzU63qAvnRQgQMjTVgBRHlv3BkIUJ02UfDAWRo3xBrmw&sig=Cg0ArKJSzLWA1eNDav1rEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D9A7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1b3a1fd7ae0dbda85fc6d8c0f5f169e3966c5db27b445de6ffc102a0c9abb31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E473 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIqWjDOGEsJ5iZLK-UOxvLUMa8uMC3tY9uKhgdAwgO8zstWJ-wEULX8Z7xoHNMfmT0NfmVSkuC8scTUKj9aNIbOMqghE2J5szTr6McDT_Qq4FZkualmUX0XSD3t4nP_ltFl3SvoF_VpZ0dlKPg-MbZBN3Z2kwuRYL0VJdj5m0RJbrsGYUqFudrB-NSZFQnuvbkUdNL7IxH__TPe5j6B6qY0-bIJXms-U5sX3JahOLFcK8kWl75ulBGj8CRDW2CcmfdzPRmJRc8JJNOdd4afkHvLjDErpCetapwnC-vrx_xJeghcEuIq-F-nYTz3ca9xw&sai=AMfl-YQrAP3NFLKaM8rig9tAa2T4nPMQSzcAgrqLi6pycYF88KvDh3RyxxvAtqOp2Gixg78MERJzZaF-FutLj2yDWQyw64biosl8kzKvGoeJkiUDm0kdL3HXztqbhBF-Xj4&sig=Cg0ArKJSzOqilV0TNywiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B2E 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOHG3GWegY06e9_6lADYYC0IFaApqDpVFyGbzthnM3EyeVu0sGfXXspAhjoEkFJd86JydNY2VBo8_fFj5fDhyQUbIU0lK_AK7f7Bo809pELsu-_5oBvFR4dHOVEK16MeTjbVQDi-x5dnaOiS9dAVKD0xFc0HSw4E-PNQDn-3OTH0uUsogOq6oOtHOLJj78EUp5dLK3rZ3gdUjOmnZY2VjdYjeKVJ4H8m_yKLsbXA7T8X7syhEKvsaEwqsl-vAXRTDdIE2S58skLB373lVPC9gJo4qRXqAKRIAMrlj_gMoxeblNfRHskkaA0jvpm2gGtT7m_y9c&sai=AMfl-YR5tDOTuJe96PBEQLGo_sp3tpjaxoMfR9rQEGBm8BBIMMwYIlax7K1s30hdzlgq547l9g5pEw5xxxV55V2UjKeaE-XD89iVPXndw-RC04O2v8pTU4gYhhG5j_vDw-8&sig=Cg0ArKJSzKhSp4YZPIU5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F72 0
0 79ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWnUR-0fbF4xveTbUupkyCb5Bf_6oL9A_ZgvAjdu4Xw-72npshLLBISI1RkNIR9ChNaCcbFND4LeOZnQ4qI-TB6VBpEyHjvoOOq4YUFmtd9pT6w6xWkFH6vLVgS6JOxMh9bqrr5m1hZgPVDhk2PwI9l9UYL-H-YGlQ44PxSevtk_3gnyoRCpvq2U8LNh47plCIIi4Ho-dQRcTwIVPpX8gxxAp5HN1bpn8aiw5rgisIyKR8xUQImslF2Eo3WhikPSW5NJ8ZAKZ1IneOk9aP4WgFjf9NReUJiaCarIZ9ZiRB-amm2c4lt79P3Veieki5WA&sai=AMfl-YQylY8BSE5gKX0E-Ma_vRZHJ7yWmq6CaPT2WF7MYvDuatjSq1rEthWqxG0YbZxsdayUCMlI7e1kLNdSvlZBJgPuRR2FzKajNdlddjwZgxd-UI97CkKkmMB8b-FcMYU&sig=Cg0ArKJSzK8XBQhShOrXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F72 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPqgbB_d21-CFaIqwQ2bZg42E7-Edp36jGVGO_WoJFqyDM0obMnJgLus3CJd2N4UF8HO2mmet2mQkWvFZFndHTEYyvoGbr24GDiUyKeUIX8ua-elliX4t5Z4b0RhjiWmCkBSAc8QAcfJ6RIGcrBuKLVInFKYv9jKmE9reYMPcQlhVhhZgMKTBkott5xYz8KQOcxoVw5_6wH5oPnOTVEpJmRCrbGAYH9bKzampyzMqekU95ksv9R_AMM36XYL1b0p0NpRWRO8xQurIh7_cTpNZPJ1ptyDFkHNLxom3DcwEOpzrbaEeoE9bXPGI7TetfleCW&sai=AMfl-YR7MlgKXZCsXJJMDwPwkZ-1AD4FxileMrm3iyFTbJKPJ4QOA7-jhXvAAMbtGC2q8JBBGuf5qXZlNCj3TwQMCrReDwsqxrmCs1ZwkiO6eoivw_TUsIsVIrpFV9qlrJM&sig=Cg0ArKJSzH6urg1UBMTyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9557 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlJTC7wM41-aF-dsS_YEopKbdsOiuVGubEops4gIjImYp-l5V_WR0ZDqB5HuuKmuUzMLZcDk__9PkQiyhXH9y9hRHARwoQ05zxkohEtf9NSiNMwuzYNmNKk3_hijkWx4fbFRRfhRoY1ddQns923wS1NvUHY9qX5lcVV9c-Bw_Qd16V17V13SwTRdbBuMF3AGax7TduyLXzJYJTbnOV8h_anh06GIv_bSFEqWIXJdjyohcbt7I8ACQyLfDyotyHdNFNzxLDGDQpHrfE7pP_cO1l_Sz8akELt4tUGp3p-nqDSiga1HjURlBBtWMwtSORHOM&sai=AMfl-YTWYAQ2lOGVqLn8lbEv2W9kU9iSOn6hgNJnyaXqUnKvtwgGLjfNzrRzXPnap4sVcd91s7d_VoFLHxGpo_z1PBRuWDip_Tixk0Suc-Dlqc5aOLaARUWOU7LBaDEOiVQ&sig=Cg0ArKJSzMfHVNnqSEjwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B12C 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvElIHaiRUDkQ13BCAoEkTrUtvUe6nkiDXpKbAEM9dZFDOWqGkNNqp2-0NH7VfwBwysdg3yB1Dk51Mqc2gsLx8DrWjXsHRXmFrDgoYN0ubQes5pgo1brRwBJ3NSAzoQxApidA6Swz4R9arD-z10fISl0cG32PomciOX5AOFG207pVOVkmITJKoCB9SPlwGysO4CzSJpGvtPST2KiuZJaOQo90n803930kc8nHrciq2VetKzdiNWxl17i9vzTlJgerD3SDUrwCKLtjA0BvTuSzy_eVGPKod2RpXYY_Z5ACwrm0mxtXrbU4XzUc_n2H54rw&sai=AMfl-YRYwaXQiRq0mZelPrcX9pPK47HGkbXsrlLCmh3XLUybqo2wOvCh7Nn7-NYZJu4IODo40SC-bQp6bsD-4k8RB8-NlrYg8yDolMJSGYfTa1c3GrvfCN99l5QjL38Dbzs&sig=Cg0ArKJSzCF1xF7RB4JdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5DE 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4Y8CdTNFS2YCNdh19llOpP3k8weJF29In92jNJwAfANoVZ1p4s5ELoz02fsJ7CZnYN999s3nOJUwUx-tpSSBG80XnxGaA0JpX3EkhMDdOFtb71uWAetUW5701KOhwezzfJAoDN0MRa14TN03-r7LXxk8VhDCJEoXDt-aKNKCHABnOK8tPCflN4blR4Sr3KA8tOIX85F9XH23_p0wfwMh51ETurzoC0lPUAvwGikOA9xHnG0Kcn-9z2Rtv4GosG_vr5LsRlPe5Y_zS6wxdtzlTU8pSZ9yJmWmZOgYbwTAOAnre2o5C2L-CACG7esf9ug&sai=AMfl-YSsoVV8Mre0BMNLfy8LdXK-vF2q4aHHU3nhCSTMZaFN1sH1wYbtQZelJvLq20p7Vm91aOZWij-YOD9z5cckEGjQ27smxmSDwYdCFw6pNw5CcQYQhViUJROdlBsopgk&sig=Cg0ArKJSzD9u62pp2ptIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC3F 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCmHxkf91oO1_NIjkbJMh5HaFnRcq0D1oopESlQFb8XGIwAWMVr4XUyRj07X14KEgTOx2I_A0N4621rY8gd-9MGblljdvQdeQhbT6qG1YcRvyaegtSYZWyZLBxH52oJVuBPGP7WLgF-BnUeKdb36WUG2VinxSPcyeMFjUfVCA1JGDeudTJeyTjKlntpvnKoEiyvGdnBJxAKTCi_V_2vT7i46cZ66e8_jRR7odqd1pfHbonpJGJ_KI0s73s4NnxaKHbGGHMSFPHnS4t_0PQ5xr54JMe82pve0tSqyQB8eNk6q-twnZ27i1pry_YarcCow&sai=AMfl-YQjY52DSaW87fY_EYfW8jLuF4-DPch0E7mLykdbrqo7shcO08U31hxgdokDr5FCM2g6eyFF7A4Vnl_H-6VoGPmUHdMCxn4XuLHmc_NJQg1y1Dk1skaLcsDjQfcC4RY&sig=Cg0ArKJSzNxvQaql1J6rEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2994 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoVdqZSbK8WJfvnEmAvs8ZoYaaojiOWCHh-mdIa1U0p2n5m91IgCoFNLVdvw0xv7wts7YQgsdaVo-413I7a-ZrYKdCKRRKq-iovtDuVMZ2RyI02ezP0yJ7G0S1wa5L6hb8Nl4_eD-v8P-qNx64FYusAIYRVdLpvKi-K46Gq9tGuhgeQhxvNld3PRzDabIG4BIl-FyaG5w4_lwr7Epb6SIe_OkyCMdImS_XAEKV6wGU-9a-Os33GggeuHOI-ma0-SE2A4RCzRWcxBVkGoWMg10VLVpVzOovBJPn9y0ir_7IbN_tUxjegYrQZJXiSeb_hjT-_iueNzGp&sai=AMfl-YQDGVKZ-vYaXjVIbEMqYVof-9QEigKhDXCKpixIqCFLWCzDQwsKlv8RJkFC4wmC6CRyt5CDEKjBEXj_Dvpo7sfHvgMtQBq5KDqAfW8a381k7a6oMAStrOC1cja4UKE&sig=Cg0ArKJSzO9-6CUJQugNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
DATA 200
OK truncated
/ Frame 8B2E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a384e00bc6e180bdfb08fbd45d5fb82d23cdddb36ebdd2901528d07c061b342a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F0B 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmVjg11IpGiNCvP_pBWWU_bc9mBqQ_eGqLnyzuX8euXO2S9y2ip0vtvPfPYa3Zy0iQY4RAcIW0tpmeBR6OvfNxtu0vYvwp0XjluMQ2ZvUhU96nXWsxmKhqrSn6LqLE42S8DIcHWMpy_04BxyB-hjntIB_ES2iQyBj162ms4AKhnBpP0OsK5AiSKnl0Bp32Ap_PmkJFNg6S2sf2uH-rNPSfQAnvd13bUdgg_PVAT97bnqpN0vPNy_cRLNWWXwgoqotTuctiTD1matPb9hhhGJ3d6VZLfCA15hsEkGtDcqb5qeKn_McKheer3MsqYkZwh8s&sai=AMfl-YRys5j1InJWPrjS7OWs7dicyy7fle9P5N1wen9Nk_JAVyggu3VVB7PgMhow84FJnF9kQWHexzuSAh7BAh_F7WvMBrl4t2glEVyoV4e-yaFOcBhfMz9jviWAjM0WUn0&sig=Cg0ArKJSzMi3acje39oSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7ADF 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg-ymQWTSxpod6missF_iJIs3nETFedCNmXSihQUCTReipzp41wRn_hCabrFi0FdSTgYcy4MyUV3ZUs9pSSZpLZFIsC-0xJKkLxSOLCgzCdu679azydVopEm-QmMdAI7pJS-YP6CkXv7dwEJVvmYWCG68MjC0LjbgyjRs4XsPPp7pSNuT4yeCr6yT37Zty7H-zFp88Y1UMSVyJcU6z--3rgN8MN6pl4IUBEqLV5iuYFvvCHMfxEU-BCoMrUI-aFIX453b0nCQ4DS0-V68l5BkwbGMpWB-DfUZ0wLqH4NaYnms8UY2FsecgUVE-53m65Q&sai=AMfl-YSDO2V7b7P4IZN-xALAAT6N0aVRgQyi6L83S8LPGSh2C0GE10LYP3Iqyv81HqzNj-kMlX_CZIT5I33T9DGErjX5yP5CbNg1F99emt1_PskdB7_OIjX2KiOvVCcvcFQ&sig=Cg0ArKJSzDHs4ze970CTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D760 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJd0CN_vJimaQ37ZmS-5qswUT4Qdc9e86zjL7gdNSMX3uaUElCRTPh_ma6qUEGiLoOYNjn2V88WSkRHdZ-Q9DcJhPiEbsnqLUpYLdIVh9Js5e_fwarQ_Zsij4WZlN84OiAlZYD99BIC8xqmVUVcRzkFiQM5F0_t5jJdCGvbHfVrlp09w_tGkKmromzYiEpO24iU2BgkOwjz39JI28JWCohMIgrKgXPNE-fOqJvreywLWf9RZKfufNQCiKmbnifkPQlCK1CtB_2-7UjA5a3pwixZViJWKy-f0w2sqfFBL2uxTI_Qs0Obkxx_TRje97MCA&sai=AMfl-YSIH1u0Y8czp9hXarwfU18S4aAFAgz3tZXHuv2ie2raHeOsZxuHJaVH4JnBrs3O7OL194uiRsqPIxXUHD6AgJKlo8KDq2xTRe5Ok31xtHh4irVLr9hJ1kRHUhAqIQg&sig=Cg0ArKJSzN5G15f8Yi_uEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92C2 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDlRo29BsD0DZe-SYOjeJ2W5oppuOtThTq5yRvsgBjGsRmdpKu1DbuLrsjjGaFPNz14-Ansg_uHQD9OSqGj-Xs22dEBDDA8T8ac5ReMJ8Mds8yT49Nyn7eCX_6JFts600ha6NuF4fe5IwCxc02f9EY0n0aWKxdqe9vWY5vjK0MCVAs_jwCsrf2dhIKyIjP393fPkeWKXTFbTkde0__z05EXAlIjaiNLAlSI-5uuJTXk4girPjWl5uN7_9JWhClPE8L7_UcTxRxB6DywzZQXRa7dHwGPIUZiT3lIaYAVHGrvxeuBAjCeFhppThTRjZvRA&sai=AMfl-YT9iYbwGQ5A7P9TlL8ToMKdkYrKgtMVthKDLwQlZu2b5LtkMpgePGKPho2t20iA--S5fsKaQ3ZaI2vp1BhxDfJlcJddGl7KvPIyvMHf1gQjVYrOGfk3w_xUj7DPZJY&sig=Cg0ArKJSzFaE54XEd4EQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame F0E2 2 KB
899 B 43ms
42ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame F0E2 2 KB
900 B 43ms
43ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:33 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 154 KB
34 KB 272ms
51ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 09:30:02 GMT
server: cloudflare
x-amz-request-id: WRZWY564W9H5HD6Z
age: 1304
etag: W/"391026e5958781dc657c57860854abcb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8276ab6cfff19a41-FRA
x-amz-id-2: iDfc1JpuSeqbX3757gzAgzRO9/cGV5UrgwnWpb8hP609D7pVT6km1Fcdx/AUlXsgHr3OtPZS+ugkNWpiR5vW9A==

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 575ms
575ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 08:40:33 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Fri, 17 Nov 2023 09:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAE5 0
0 79ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumejH5DTAoy1Kh6uhtpoPy2ur1Qe9d6x7j8MDvVQIyyHGwl_d4zLGicCtOVrA5yvUEx0vfLhgoVLLLng9y02GlLy5-62PGq-HUISazHVwtKJtVmH5fH5hFORCPc-mhKmawXW2BapadjQuTwAIeECUwBjjstOOMgSqpPxEqYJ_1I90Y_-3IMFZudq2HVHPB8TOG6hV3vh9eYFBnBkgWbzQBmvAgq8rjnicei9eISWUYwKEVPCv8eDRvM9YiMmaPXYRUKbCKIuDLliB2-EGJhywhH2MJhxisuk0BJgnM4_Wpvtk1vzJONO2uPK9vtpm4abo&sai=AMfl-YRXI437yxxO5cTkfrFHdbyFhxjNWm1Xs4gNIgdhnX2ehkbBSSruoPlevuCZEysflhalHDzjshgzT-a3AHsXIV4jcyYkfvMYMYjUWlZEsgWw3mx0PRlvns2xdmdoqXI&sig=Cg0ArKJSzBcd9GZO4zEcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/16/20231116khn000034/ 9 KB
10 KB 974ms
968ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000034/001_size3.jpg?timestamp=20231117173635
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78abba991c67583113f81ccccf2f9f2c0978fdeaec6a66b84b1e3603e7075a4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:35 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 23:37:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "b30f08ab8c0412b145920eaf6d5cfd19"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9438
x-amz-cf-id: FW2Pnw8q4aIJhaSM9LEXwCMD4lOCE3bZ8ae5R8iIjPMepWSLbkZh4A==

GET
DATA 200
OK truncated
/ Frame 2248 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13267b1062a8e54f6f78424e5f33ab3e7112c1694367b052f6eef9f787513672

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C87 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssu-ZXOX8_OzoJ09C-6ZIFB8ZKjyJb4EGkvpPjB19S32nkfwEdBLqaVXfN8mf-D3qaQTQ7U3nzl8niRcRwaGruClDpbalXp88nRvGdjhdVLb_CuujKnD5z5jUkuZxnARjgOeEqRFNCDpaxh2Wi9dBeVO6stVAZ2ldAB4IBTb_bkhgRTXA4Ow3ZFVWUIdX8TYLp7iW9vw0W4I42sAxMN-P2pNb6GqUfGmqz2oRyCAay9TDaPWlDFKUeoHFCf8FgPNpC5cOyVW0XMbq4r5bCeT0akZZurxFoMOh7JL69TjB891fkHWejq4dWKHcXD1NROsA8&sai=AMfl-YQJVUH4ICbhiZ1UpC3fofZjHeFLyclvnW5aV6OLnPnDrvLe5lnZLI6kYXmMMR0mvITy7zzjJlybH6zSgyHWXDj6vRJWazhj5Jas7f7MOtrGYDf4GpfZaPFE96Wlfk8&sig=Cg0ArKJSzHXu51tqxUwrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B12C 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxh01NijibowRp195lydVCyaw84FK-vw94Q9mQ2pTcvJJeUOrEMqmCG59MTf4IYl8EvsVIPobulNSvilCWTH-_G6VARAMMboALQ6CssSz4eGuW338iheixDaIP_H4VTBvopXxa_O_ZMKmfqLZRaZR_xEnvxazpCFIhQZXuDI1vIfGMORAdFVucZyQPsohgAhLU0oCDHCEn23qas-O_AM4q_uDi6lVo85ubujO0FR14k7gariHvcfy48tQXcI-vAfBcCPvD9SNhzy35nMw6sY4fZ1jSz7V6SMWYAARyHlUMDnbmYhPfqv-emRRL376I_nZx&sai=AMfl-YTEn0y2jojeWg0ocY4WpkEY9nwK3f4NzIIJ6gazzHZOfa9T2a3A5LAqYue-9OxMnTqXN9oO9GzTSVWaCETCT-TzhZlzi5lKC17-Up22qYF_Xu0O_GUq0w5hhDxcbmc&sig=Cg0ArKJSzNnjbzTKOtcCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E473 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwQefm_cZmjvcNFUiAdARWHHjNjJOrN9gjZ_BigDHkViezfojiFwxhMcPDTz-wXOev7ci_Sxxb3IIXHKJkkq8FnjNF9ZrLxd-050muEMii45-6oEOsUrftMtjLRs0xa60ulr_hST-WH4T83fbhQ7SQVYaNl00QNsFHD0DgrNjh2iC_a1cWBEmsAwCgnHcn8QNqxE_P1mmmpi4CzP11JEWFmTzx6gxsrjhev8jhiYXKeLgAYlPqOi2u1qb35MF5HQ05eHrZE1p_icDPmDRBDxGFH9vpFPxxbh_KKQwwt1GMx9sGhL_PEIVUpamJd55wrnZu&sai=AMfl-YR0xzqR4dO9oqxrSNxqhdkBmEsI8Uuq3HQZ8cWEs51wN_W_Xhfo1hrcYrGHQVQZ0JmrJHH4OSkqzpzwPqwwhp21xsA1Len9bdnOsw5DphqncGNKkFq21oEI6TNrKig&sig=Cg0ArKJSzAK49ooktlT_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5DE 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyYK5_ogoOmHAHS0nZDdXT2jkeugwCcUPAKDfVGylggPZDhU1yvZTx2Irgc_2CYr0eViqIBVLoZNIK-De4210EF2uR9QhGVJmKOUtrJpwAMLwnx_vAb2LB8671F07ctexjVp_16KjpWSooi3PCOH7Tk7aE39Qj3ZFcsE4h3vqF2lTuqNcH3PpGlRGSdOZevatW6dmNIiwWB6QAVQZ4QZe7xXmKRaL1tatziAwmLAT7-DscG8_21Vw_OXYnZNx2hXg8TpfcCP4FPY-Jx9MPEO5963Ad6qcJckZS_kaClYMrFN5AGIIH93VW7C5jgSjEpsMM&sai=AMfl-YSKYBBXpTphvNnfrTtjSnESak2Hncf7n0AsCXx58d5-8VFjemWMC5FxueaZb6O1nWgdj-uocYaI73L6-9Liphc0m7G3THUrzTZeNaYQtIpsAwrJcPj4Q7Nqg69TLx4&sig=Cg0ArKJSzPSuLAFpXcjqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:34 GMT

GET
DATA 200
OK truncated
/ Frame 55B1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 070e7efe2f13a04c1d5c23ff1e7062d112dfb3e2de56712f511441f3d4dbac9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4BF6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52fef6d4a29866a6ea39cb83673768f7622a5a198e1e96c7f5100dbe847a1c48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC3F 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK5jxLLHrzmxbKm7VLRLGVwHx0L0yAcWcV5tUeUVe3K-rmCC9K5-wvQQ2v5dZhxoPzexSWpaSEMOyI6uFHsy2-Dc214XIQWGE5Y0mMGSvOxJXMOLwoopVpnq8e5wwM2IAhbxs4cOkuL_36gfvHxILtJb8Kd1vS5ZkOCxjXmDLEGLcltw-E3LXEEJqnxiE0u-9K9T--CYlD_udz2V7ywXThNOC8PTZhEQAj-HqlyEPefqWzE4hfsQ2Zfs3tsAMcsMrBHMTmrF5Nwg37ayn5Iq1JRjPmVpHEBHyiTj5O56C7HXVAYaXvnEWpn6WU-fnjazef&sai=AMfl-YT24qnN9hI5nEWxL4VZlxc61u8RE0bMMGD2fr37ulqlCTZfW0q8zAMHcQ6F_s-FBMfrTpcPgBEOuMSjo_61YVAc8tS9IX2wD1Ojc6iTWwm9MeSZYIsFkDW3hlDNxnU&sig=Cg0ArKJSzKNMVMYH6BUgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7ADF 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsv1fQ8M5m8BTDpglx4GrZk-EuwHgRxRBKqTCCx-Vm5DTxyB8OfHsci2w6xdzbTongMFUQkV5C-Km2yxr63PZiT4wFRk3-N6v0cPglLBkBzzYoKWndWod7l948h_suSmD83mBomUfWhRAHx20T2_JQ0D6rrlaHsD8pzNTj7eTK2mG_DEfkpdyVX88y5GtpCtcmK_6tySqwGxknzsdZv0-cgpXZwIR_n0kXZ3UdcHFG3ftCxT6uJDj8UopQ-9RV7TJuj-0d07-3BLCLzq0MCJzVGv0cRLADzVLXw9bwL4KfN9pwBnktrJB7x-qNwl97hq0X&sai=AMfl-YSoXTDWus8OzLkY4sTvNWbdbmC9vu6PGiJ3nOLA3-p2vJATtXxgwdbia5w49xLzSAnR5d3K6X-XvB-U6iZ6jD88Vwl5p1sBVM9Bp3xOU7hJVteVsgoT8cGh5-suXG8&sig=Cg0ArKJSzPyWubGTOSm9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:34 GMT

GET
DATA 200
OK truncated
/ Frame 2994 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b75b52882be2ba7bb212214af5d5895bf8fa72c5550b6aacb1af429e18f0687

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6F0B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f0ae1726ce2ab79c4f76a3709c496386c79e967f9eeac8abdc2066d8f2a4388

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FAE5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c35a56b136d9f871b531f8f71306331b9799a6eea4d9d389959de29e6d2a13c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1C87 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 456d3ecf334af8195546d0b6c59c74d9b169cba69d6e5c6033639c520d7383fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9557 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ca416027ce24f8929d176aca9c1d2269e041214483a24ab621454fa470aef00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E473 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc38b4ff7084f66dc04585ddcf8973974f6a6a5a4d4dca392042848e789b3b73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D760 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVoKermHgjkEcvWts7pTjv4XeAbqjdHmnMEL9j8S66Pvyap2rbVpo2V_xKBx2iRLsNPIni-g5wn8tAxQHBlNeKDTl5eNrpnLRQCw5wmmHs7yA2-LOdTgYp3cRJqtZ9Q7xYtjhg8Oc672a863zZ9Fi2tfrk10U8yda3BroX4PCuX2coIAywDaZ5S2piY2rAVN0TgGCIo82AsER34edZCqsb7UdOCl4DAgDi2ci5aagENJE4FFWsffc3cc7drh9EWw8BYAs7C9zSdQzrjx9o47_rtvSiR64_GYg6Ae02rBIp4vzmmfP9iwUbwL0CuOWCVMtA&sai=AMfl-YQwhDvIMMKFKisshtlzgT3FZZm7-1Csks52M_064zTK_ky2YML2ZW_smONgVAGoIx_YDxAkOe4r1Q7YfEbxow1H0Pk3XWDOD3MbqzkBKI9UINNMytydwSLYv1gmdsU&sig=Cg0ArKJSzIl7bsQ7PVxQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:34 GMT

GET
DATA 200
OK truncated
/ Frame 76BF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a8542630c020e05326ac2e014ac3a8a0ba96a78d795c36ec53fa98c6a70ffb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6FC2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3420052137ae9e3e3cdaf56200d8fc532886dcee550ee56f00c2572b1cc3e8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame ADDC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbcc0e532c58fbbb6758fc080317236616e2c2b7eb3f7f09c444633b9b00e318

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 472E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d6c679ab6fbb598035ac632bdaf230aa8085c378c0471b2baef4e19d4515e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92C2 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstevcPIEJzX2033ZPpRLp5PGhkTPD2fZRUU4txxl4a0CWMOQiUq9kMMozOv6dbzYlR1ptTTuxLuNCfN-WC0SF69BqypLADMMPbB4ILlnG8o-utcmue4S8SctjdxpX58YNsBtAJ-w3TT367qDSatm2CmNC_W5rs82uH7ZBePWlX2da3RkAcnQgYZtd1PPNqUZ6u6mzmljTKl68dvHID2cDNHf5w_-bby0I8QSX0HEN6wYXJwbvd7xqFIXg0t1GOO6Nb4C3ao5SgGWMF7AYAgH4Ea9JOAy79MG2j1_CpFKViFzKRunv0DEjfxSLBsa0JNz6Vr&sai=AMfl-YTjSOKAGkazBgSxaq6DfD8XgDmMHHm7vumuFzr1nrxCclrl0htOQfBjFiPuoQmRjbdUwBeygjgH9QASS30U2oQNGDeRulf_ki9e5RG73FNKdAfb52kZM518OTbrz8Y&sig=Cg0ArKJSzEnWhpJOT2TJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 08:40:34 GMT

GET
DATA 200
OK truncated
/ Frame B12C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d95c281d4a1a71473394b0a1ff3388dc04e777ac326aa18d6d90e399dfa0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A5DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b46e819264e9be360212cd651bcd5da2fbe3cd6853f60ad2a4a47ce67747498

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BC3F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32d1a7f31630c56fc8d5092a3a7d51e9ae086b57ee8a0bb42fe438b1d075de50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7ADF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3a1469692801aa1c38de51dfc26be8d5317e5951675a79d62f24b798af34b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D760 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f279e7a019762fe2a39fb792d5e6030de90f9d94e4da54b68da31c734692b843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 92C2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 048d5a78eea99e7fa1c97668994f8a7979e9c7145421ff1625280905300d49a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1F72 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d86fca859cdbabe9b5169a2c48e25dffe01c2c19f624257052ade77433c386e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF84 0
0 85ms
85ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKhbyACdXZewsko6AB6XHg4AJkYyJh3Sh_O6bgBK3y6K9wAEQASCmuPtGYJWyqYKwB6AB--TfmAPIAQKpAqy0mnhWNLI-4AIAqAMByAMIqgS7Ak_Q_f5wY6dzgNLlZkw9AkWNK_-g8gh4m8S0MDojlanhku-D6bjC6vW4ODCPt8N6khHVs3FyaY6QPHRcQq0NCgFwy3p_GGR-G_GLXuimmvfW4kCNksIJgtrd3DmsFYVSN0pwSU9wM5BnXEK2wQNQVhKcf-syLtCs9yRqT2mEEuuvMRU9o3PBVaViE3zPG6W98JEm5__y8sYDxkOFLZdYXxQyLixSUKZ52K6wNTNVkx9mtOX60DyrRt5T14CkyacgZr5rvQKoJlZpZG6yEBEpjgG86bDCr8gzJ_wm101Knhl0yi1JIv7Zo-KpFlQ1_tB-s7ZJgNAopLw7reoQePk0ZW8-3_w7lxxOx_QngfOUCXVBpdM1g89TpA-ycUpwVu5fV5O6AWIvQMeqHzZ2Hl24Za2Wb8tTAlqYQWpt08AEr9rCp6sE4AQBiAX2iOuvS5IFBAgEGAGSBQQIBRgEoAYCgAftmqBnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ97gM0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTgxNzkyMDU5Nzk1NTY4NJoJ7AFodHRwczovL3d3dy5lbnBhbC5kZS9hcnRpa2VsMi9tZWhyLWFscy1kYXMtc29sbHRlbi1zb2xhcmFubGFnZW4taW4tMjAyMy1uaWNodC1rb3N0ZW4_dXRtX3NvdXJjZT1Hb29nbGUlMjBEaXNwbGF5JnV0bV9jYW1wYWlnbj0yMDIzMjk3OTU3NCZ1dG1fdGVybT0xNDkwNjQ1NTk5MTkmdXRtX2NvbnRlbnQ9Njc2OTk1Nzg4NjAzJnV0bV9wbGFjZW1lbnQ9a2Fob2t1Lm5ld3MmdXRtX2RldmljZT1jJmRldmljZW1vZGVsPYAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI0YXettHKggMVEgfgCh2l4wCQ2BMN0BUBmBYBgBcBshceChwIABIUcHViLTE0Mzg2NDcxNjYzMTY1MDMY5uAg&sigh=DtkPnxUnjRE&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNLm0ILCUL2_6DZaQw4edqi8BFkXxKM1whp2DWiDlh_VHH9jLim5n6GEnnydkyReXaxh4q5--FGAE&cbvp=2
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 23CC 0
0 83ms
83ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8EfXACdXZe0sko6AB6XHg4AJopfc83HK_8ar-hGS46ygrj8QASCmuPtGYJWyqYKwB6AB5dyIvgPIAQmpAqy0mnhWNLI-4AIAqAMByAMKqgTSAk_Qv8nTQljLbopgGREJk_mGxAtCFwQueMNUQPtFp6wA42_SX8zBbpeO7Fh3MH73hZTo2VmG-4wSeASVcW6UCity-5yjAONWtsoCcIE2l4OKGIpFIfWDYBvQSHjAXuaHTcmAIOZFgUYNDYErGMCH7OgoqAeLMtOzJ0uuizkBf_53HbVEZmD7j5nWwCESNNVVFg2Q_tw9xV9jAvKOUxcUH8q39Zc9d_YSVFiG72XGZRfalrliorH1zvHGzXtaIyP1IHmL0hVY1E8eOMUfDGj4QTE6s3aY8xpfezwsLRuumfTFAsOag47O6ZZPEKEcu-8p-T5VNcR7HIrc_RMhKlq6oDIlHb_e7X6PG9O7kl20X9AZFHiumEIuvYW1kQdbqSxCgUL1JzTwM7k7IRmSfT67yPAPaFn40gkyjFguTZvtFaAcZxcQvrXppcoNUVGHTVamAJcPwASN8f-LqgTgBAGIBarRjf9LkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4Oj90GoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCX3h_SCBYIgOGAcBABGB8yAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01ODE3OTIwNTk3OTU1Njg0mgkWaHR0cHM6Ly93d3cueWFyZXRvLmRlL4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI0oXettHKggMVEgfgCh2l4wCQuBPkA9gTDYgUBdAVAYAXAbIXHgocCAASFHB1Yi0xNDM4NjQ3MTY2MzE2NTAzGObgIA&sigh=B_ZcLPkQMhI&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNLm0ILCUL2_6DZaQw4edqi8BFkXxKM1whp2DWiDlh_VHH9jLim5n6GEnnydkyReXaxh4q5--FGAE&template_id=484&cbvp=2
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame F0E2 16 KB
17 KB 167ms
83ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Nov 2024 08:40:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 519F 0
0 80ms
80ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtaRDACdXZe4sko6AB6XHg4AJyZ7SsVzVnZH3cMCNtwEQASAAYJWyqYKwB4IBF2NhLXB1Yi01NjI5NDQzOTQxMDc0OTAwyAEJqQKstJp4VjSyPuACAKgDAcgDAqoEsAJP0BVQb4ur9QhIijVXvtoQGk9nTff0cQfpM72bl7BXJa7XJF_8tHUcLcJK8dS8yH7Wo7U8xRy2IjN6GKdntzMIf5J3Bt9kAwkK0Vl_qVthrhG_pvBomZc6KsGD5FCHBk35DLlOB3NKSUB47VuKsQrOcwHIpGEm6x2UgelSJTiHq8Cy8AHQGUs1wkSXV-N9jKOaYL9ajCyo-SwI6SBZsPfLsVAVjSKDioZyGy6FIlIl9Ya-AFgd22OiGYR5h04aYMauugGN_KgeiaQAWmWZGAIa7JD7YhG4FIIxB4fUuCSRSJbD6aUuNgpAUMezxzwtgIB8aPx0GSrWb_7e11ZBoxb0-i7ZTGJNC6cl_DKkt1hy0XRI-vzLlJcebyUvJvy2w5ogi1g9qqkPQ__rTdhp-I6q4AQBgAar7t-w7t2U2ewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01ODE3OTIwNTk3OTU1Njg0gAoD-gsCCAGADAHiDRMI04XettHKggMVEgfgCh2l4wCQ0BUBgBcBshccChoSFHB1Yi01NjI5NDQzOTQxMDc0OTAwGObgIA&sigh=B7hxJalMcKY&uach_m=[UACH]&cid=CAQSOwDICaaNLm0ILCUL2_6DZaQw4edqi8BFkXxKM1whp2DWiDlh_VHH9jLim5n6GEnnydkyReXaxh4q5--FGAE&cbvp=2&vis=1
Requested by: Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 519F 0
126 B 150ms
42ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k-z_GMc1rAL6AZ2DYgICAAAA5niH__uWsjgLpHqwCTmO2xD_Jldl4ik9qXT4-XBRlQAAEgAACgpBUVVCQVFFUEFR&wp=ZVcnAAAAFm4K4AcSAADjpTrbwNnx2Jqt03wLzw&cbvp=2

Requested by

Host: 10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:33 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 161172
server: Kestrel
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CBBA 0
0 85ms
85ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9WnlACdXZY2GBJCI1PIPlemh8AaRjImHdMu--MPdEe6_i6nePBABIMvM_gJglbKpgrAHoAH75N-YA8gBAakCrLSaeFY0sj7gAgCoAwHIAwiqBLMCT9CvO2vvyEPiC6RMRsyHZITjt9MbbhdcS96TsZDET8cVniO4ikeEltqUk4y8hqSp6oI26bs4-FaxDjuzXzKLIlwgYOD4P_KVXZGrRUdAvieuBzYomiLQXuZCgeqYokcMofFlsZeVgvgLlKO1NRFD1LbSt_C30gRwICFLVrFjSlP_wA8Mt8Unq07hC-pynp-R9licy0XRT66AulUN6P_P3N3W81w8PpkE9T5yCOj8K_cSjju5g8i9Vq81Oimk9auvRMuDtzVU-T1tuGEyPuUrbgjsftkS0j3YeKZ60JKomHBt2ReB2s2WmK2_O7EyYjtckrSXAg1Rbx4iu9_U5IZuSdSF1Fm5OWqcK8uTvLt5b4108gIFRSM7slvK1DI3AxdQ8lWFDH0MAsxiwsdNCkzCClNaqMAEteLByK0E4AQBiAX2iOuvS5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAftmqBnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQvqkG0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJ6gFodHRwczovL3d3dy5lbnBhbC5kZS9hcnRpa2VsMi9zb2xhcmFubGFnZW4tdmllbGUtaGF1c2Jlc2l0emVyLW1hY2hlbi1kaWVzZW4tZmVobGVyP3V0bV9zb3VyY2U9R29vZ2xlJTIwRGlzcGxheSZ1dG1fY2FtcGFpZ249MjAyMzI5Nzk1NzQmdXRtX3Rlcm09MTQ5NjcwNjIxNDkzJnV0bV9jb250ZW50PTY2NzcxMTMyODg1NyZ1dG1fcGxhY2VtZW50PWthaG9rdS5uZXdzJnV0bV9kZXZpY2U9YyZkZXZpY2Vtb2RlbD2ACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLiDRMI_qTfttHKggMVEARVCB2VdAhu2BMNiBQD0BUBmBYBgBcBshceChwIABIUcHViLTI1NzcxODU5NzA2NTQxMDIY9b4m&sigh=Rh7jjciTcw8&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNyyWU4HmUePWuKtAQtaLdoiviSlq_akf6d1BG2PYwI93Ef2bno5gFbkykSGzs9N5O6kWQkrlgRxgB&cbvp=2
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 403 /
am.yahoo.co.jp/rt/ 0
0 1534ms
276ms Script
text/html 182.22.24.252
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: https://am.yahoo.co.jp/rt/?p=OT0EG8BX1E&label=&ref=https%3A%2F%2Fkahoku.news%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1700210434.5199752&pvid=vq98d35bixlp2de77q&su=0815406f-9aeb-4a70-82ab-1e1172d8ae4c&_impl=ytag
Requested by: Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.22.24.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2248 42 B
174 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviklETKAqIPnR6xLFz5DG03omQ9njHoVNS_zMh5cbz0U-7i6K4QSkQ73QFdSZpATw1yF8N29OMkC9QGoLqdH1rsbYMWY4TV5BHMVcqicsqEnbgu7f6D8qQ13SXygbv5uatAo0hx7X6hA&sig=Cg0ArKJSzOjxbEAXi-57EAE&id=lidar2&mcvt=1000&p=980,805,1154.4375,1108&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=7&adk=2844210596&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700210432675&rpt=688&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 recommend Show response
jp.popin.cc/popin_discovery/ 138 KB
41 KB 1176ms
609ms Script
application/javascript 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://jp.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fkahoku.news%2F&alg=ltr&media=kahoku.news_LMC&agency=cci_LMC&device=pc&extra=windows&topn=100&ad=25&uid=c483a6d74d73ba1ab0d1700206833841&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE5LjAuNjA0NSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU2JUIyJUIzJUU1JThDJTk3JUU2JTk2JUIwJUU1JUEwJUIxJUUzJTgyJUFBJUUzJTgzJUIzJUUzJTgzJUE5JUUzJTgyJUE0JUUzJTgzJUIzIiwidXNlcl90ZF91cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsInVzZXJfdGRfcGxhdGZvcm0iOiJXaW4zMiIsInVzZXJfdGRfaG9zdCI6ImthaG9rdS5uZXdzIiwidXNlcl90ZF9kZXZpY2UiOiJwYyIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE3MDAyMTA0MzM4NDQsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&r_category=all&ad_reserved=30&infinite=kahoku_LMC&infinite_domain=kahoku.news_LMC&callback=popInRequestCallBack0
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: f409af6a34ce7b0f3f8e9846e7311b197e8d22103123ba28f40a66ae4c11cba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 08:40:35 GMT
Content-Encoding: gzip
Server: nginx/1.13.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 286ms
285ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWlkIjoiYzQ4M2E2ZDc0ZDczYmExYWIwZDE3MDAyMDY4MzM4NDEiLCJtZWRpYSI6ImthaG9rdS5uZXdzX0xNQyIsImRldmljZSI6InBjIiwidXJsIjoiaHR0cHM6Ly9rYWhva3UubmV3cy8iLCJpZDVfdWlkIjoiIiwicG9waW5fdmVyc2lvbiI6OCwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExOS4wLjYwNDUiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYifQ==&t=1700210434429
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
last-modified: Mon, 07 Jan 2019 09:48:08 GMT
server: nginx/1.13.5
etag: "5c332058-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 287ms
286ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJ1aWQiOiJjNDgzYTZkNzRkNzNiYTFhYjBkMTcwMDIwNjgzMzg0MSIsIm1lZGlhIjoia2Fob2t1Lm5ld3NfTE1DIiwiZGV2aWNlIjoicGMiLCJ1cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsImlkNV91aWQiOiIiLCJwb3Bpbl92ZXJzaW9uIjo4LCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE5LjAuNjA0NSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNiIsImdlb19jb3VudHJ5IjoianAifQ==&t=1700210434431
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:34 GMT
last-modified: Mon, 07 Jan 2019 09:48:08 GMT
server: nginx/1.13.5
etag: "5c332058-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D9A7 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH_MEdPK5XQ6cI3HcRsjjf4YIj1cVPsRpNVWNDmkXPm5Os6gzRzD3M_hqXxmOVAgwltnvL3MXP4-BTQo5YaBnl5dxR62eGqIFRcZA904PTTPK1Fc1i3A3z9tJRN0qUDqmNwy2syvcPvA&sig=Cg0ArKJSzNxuZmTxcIO3EAE&id=lidar2&mcvt=1000&p=980,160,1154.4375,463&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=7&adk=922569641&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700210432660&rpt=903&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B2E 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZEUCHUT7wmPDxJau-xTS0kuigV_QnJ-5mm3E3pVN7NwChMhMo9y6uKIk67bEswy1idbWoiilAaMOytcFNV2h58Vp0sGaLUr-EbGL3fVaU7GJ480VLgYM5U8pO9PlUkre8gTqZAQzlrQ&sig=Cg0ArKJSzDrOZUIheIFYEAE&id=lidar2&mcvt=1000&p=980,482,1154.4375,785&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=7&adk=512919176&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700210432667&rpt=1001&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DF84 42 B
64 B 76ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBFSoNJ7cEHePcZh44e4H8PPrXZTpcZd5eRqrZtamMGTc_5GS9pBAWvTaqNhkgtO8DKrzj2bfhQI0oU3kx33BDePmd3Aqw5s5EDERLNefknSHWfZsQcmn9dfXk086fRxQX7FIvxNrv1Fkr&sai=AMfl-YRX2HvgKfvS0d5CZxc85WDrSIh-GHUhtmJXPN-XMYN3zRKZVarXkMXNucfiM_QIU2TCbkeWXZzAfGS355uJepjId-wftTXBR1GAedM1eVQYpGJLvakgq5Qssw8&sig=Cg0ArKJSzGearUM-7ZiHEAE&cid=CAQSOwDICaaNLm0ILCUL2_6DZaQw4edqi8BFkXxKM1whp2DWiDlh_VHH9jLim5n6GEnnydkyReXaxh4q5--FGAE&id=ampim&o=436,1105&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1573&tls=2573&g=100&h=100&tt=2573&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 23CC 42 B
64 B 77ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugfsKXSDlaD6FVI8mFykycVeP00ghhd4SloOoMdgwSvumUAduvFcEMzHAHz1XBJt7zclWj9O3VcMxhtM2e6On7iG0jwa4OC08-HerhSOgAh4pq1aX6jjoOrXc4e2b_HvXypiew_mXB7_p2&sai=AMfl-YR2kTWIIgXrp-fr3S7GZAHZ3uoAh_ioyjQrtE4DZeHPNRx54rdxoC_ugE72FxxIFLmMUBAvy-hrH13GwTKjr47ATXfPp21tj1EpoYpSasAntFYrw97VTkv2sFw&sig=Cg0ArKJSzGt0uELuz5enEAE&cid=CAQSOwDICaaNLm0ILCUL2_6DZaQw4edqi8BFkXxKM1whp2DWiDlh_VHH9jLim5n6GEnnydkyReXaxh4q5--FGAE&id=ampim&o=1140,529&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1626&tls=2626&g=100&h=100&tt=2627&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: kahoku.news
URL: https://kahoku.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET v1
lb.eu-1-id5-sync.com/lb/ 0
0

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 503ms
132ms Script
application/javascript 54.166.239.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1700210435893&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjI1LCJyaWQiOiIiLCJhbGciOiJsdHIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjgsInNtamFkIjowLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImthaG9rdS5uZXdzX0xNQyIsInVybCI6Imh0dHBzOi8va2Fob2t1Lm5ld3MvIiwicG9waW5fdXNlcl9pZCI6ImM0ODNhNmQ3NGQ3M2JhMWFiMGQxNzAwMjA2ODMzODQxIiwidWlkIjoiYzQ4M2E2ZDc0ZDczYmExYWIwZDE3MDAyMDY4MzM4NDEiLCJzbWpJZCI6IiIsImlkNV91aWQiOiIiLCJsb2dpZCI6IjgzYzAzMjk3LTM1YjQtNDRmNi1hMmI5LTBjYjQxNWUzMzcwNSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijc4NDUyMmRmLTJjNGItNDhkNC04ZWZmLWQyZDJmY2MwNTA1YiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoia2Fob2t1Lm5ld3MiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiNzg0NTIyZGYtMmM0Yi00OGQ0LThlZmYtZDJkMmZjYzA1MDViIiwicG9waW5fdmVyc2lvbiI6OCwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.239.48 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-239-48.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Fri, 17 Nov 2023 08:40:36 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 288ms
286ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJ1aWQiOiJjNDgzYTZkNzRkNzNiYTFhYjBkMTcwMDIwNjgzMzg0MSIsIm1lZGlhIjoia2Fob2t1Lm5ld3NfTE1DIiwiZGV2aWNlIjoicGMiLCJ1cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsImlkNV91aWQiOiIiLCJwb3Bpbl92ZXJzaW9uIjo4LCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE5LjAuNjA0NSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNiIsImdlb19jb3VudHJ5IjoianAifQ==&t=1700210435885
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:36 GMT
last-modified: Mon, 07 Jan 2019 09:48:08 GMT
server: nginx/1.13.5
etag: "5c332058-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 843ms
276ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-jp&uid=&url=https%3A%2F%2Fkahoku.news%2F&t=1700210435885
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:36 GMT
last-modified: Tue, 10 Sep 2019 08:21:36 GMT
server: nginx
etag: "5d775d10-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 s.gif
rlog.popin.cc/ 35 B
186 B 870ms
283ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fkahoku.news%2F&uid=c483a6d74d73ba1ab0d1700206833841&type=pc_pv&nid=pc&media=kahoku.news_LMC&r5=cc_NONE&t=1700210435892&tz=jp
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:36 GMT
last-modified: Tue, 10 Sep 2019 08:00:29 GMT
server: nginx
etag: "5d77581d-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 288ms
287ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImV4cGVjdGVkX2FkIjoyLCJyZW5kZXJlZF9hZCI6MiwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJrYWhva3UubmV3c19MTUMiLCJ1cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsInBvcGluX3VzZXJfaWQiOiJjNDgzYTZkNzRkNzNiYTFhYjBkMTcwMDIwNjgzMzg0MSIsInVpZCI6ImM0ODNhNmQ3NGQ3M2JhMWFiMGQxNzAwMjA2ODMzODQxIiwic21qSWQiOiIiLCJpZDVfdWlkIjoiIiwibG9naWQiOiI4M2MwMzI5Ny0zNWI0LTQ0ZjYtYTJiOS0wY2I0MTVlMzM3MDUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3ODQ1MjJkZi0yYzRiLTQ4ZDQtOGVmZi1kMmQyZmNjMDUwNWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9rYWhva3UubmV3cy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6ImthaG9rdS5uZXdzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTkuMC42MDQ1IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijc4NDUyMmRmLTJjNGItNDhkNC04ZWZmLWQyZDJmY2MwNTA1YiIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MCwiZ2VvX2NvdW50cnkiOiJqcCJ9&t=1700210435892
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:36 GMT
last-modified: Mon, 07 Jan 2019 09:48:08 GMT
server: nginx/1.13.5
etag: "5c332058-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1155ms
284ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJkb21haW4iOiJrYWhva3UubmV3cyIsInZfZGlzaF9sYWJlbHMiOiIiLCJ2X2Rpc2hfdGxhYmVscyI6IiIsImtleSI6ImtleTE3MDAyMTA0MzQ0MjkiLCJjbGllbnRfaWQiOiI3ODQ1MjJkZi0yYzRiLTQ4ZDQtOGVmZi1kMmQyZmNjMDUwNWIiLCJ1cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsInVpZCI6ImM0ODNhNmQ3NGQ3M2JhMWFiMGQxNzAwMjA2ODMzODQxIiwicG9waW5fdXNlcl9pZCI6ImM0ODNhNmQ3NGQ3M2JhMWFiMGQxNzAwMjA2ODMzODQxIiwic21qSWQiOiIiLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJpZDVfdWlkIjoiIiwibG9naWQiOiI4M2MwMzI5Ny0zNWI0LTQ0ZjYtYTJiOS0wY2I0MTVlMzM3MDUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3ODQ1MjJkZi0yYzRiLTQ4ZDQtOGVmZi1kMmQyZmNjMDUwNWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9rYWhva3UubmV3cy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6ImthaG9rdS5uZXdzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiODAuMjU1LjcuMTA0IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExOS4wLjYwNDUiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9tZWRpYSI6ImthaG9rdS5uZXdzX0xNQyIsIm5vdyI6MTcwMDIxMDQzNTg5MiwicG9waW5fdmVyc2lvbiI6OH0=
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
rlog.popin.cc/ 35 B
186 B 870ms
284ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fkahoku.news%2F&uid=c483a6d74d73ba1ab0d1700206833841&type=pc_channel_pv&nid=pc&media=kahoku.news_LMC&r5=ch_ranking_pc&t=1700210435892&tz=jp
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:36 GMT
last-modified: Tue, 10 Sep 2019 08:00:29 GMT
server: nginx
etag: "5d77581d-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 288ms
287ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJjaGFubmVsX2lkIjoicmFua2luZ19wYyIsImV4cGVjdGVkX2FkIjoyLCJyZW5kZXJlZF9hZCI6MiwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJrYWhva3UubmV3c19MTUMiLCJ1cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsInBvcGluX3VzZXJfaWQiOiJjNDgzYTZkNzRkNzNiYTFhYjBkMTcwMDIwNjgzMzg0MSIsInVpZCI6ImM0ODNhNmQ3NGQ3M2JhMWFiMGQxNzAwMjA2ODMzODQxIiwic21qSWQiOiIiLCJpZDVfdWlkIjoiIiwibG9naWQiOiI4M2MwMzI5Ny0zNWI0LTQ0ZjYtYTJiOS0wY2I0MTVlMzM3MDUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3ODQ1MjJkZi0yYzRiLTQ4ZDQtOGVmZi1kMmQyZmNjMDUwNWIiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9rYWhva3UubmV3cy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTU5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6ImthaG9rdS5uZXdzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTkuMC42MDQ1IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijc4NDUyMmRmLTJjNGItNDhkNC04ZWZmLWQyZDJmY2MwNTA1YiIsInBvcGluX3ZlcnNpb24iOjgsImludGVyYWN0aW9uX251bWJlciI6MCwiZ2VvX2NvdW50cnkiOiJqcCJ9&t=1700210435892
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:36 GMT
last-modified: Mon, 07 Jan 2019 09:48:08 GMT
server: nginx/1.13.5
etag: "5c332058-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
223 B 288ms
288ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjI1LCJyaWQiOiIiLCJhbGciOiJsdHIiLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjgsInNtamFkIjowLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImthaG9rdS5uZXdzX0xNQyIsInVybCI6Imh0dHBzOi8va2Fob2t1Lm5ld3MvIiwicG9waW5fdXNlcl9pZCI6ImM0ODNhNmQ3NGQ3M2JhMWFiMGQxNzAwMjA2ODMzODQxIiwidWlkIjoiYzQ4M2E2ZDc0ZDczYmExYWIwZDE3MDAyMDY4MzM4NDEiLCJzbWpJZCI6IiIsImlkNV91aWQiOiIiLCJsb2dpZCI6IjgzYzAzMjk3LTM1YjQtNDRmNi1hMmI5LTBjYjQxNWUzMzcwNSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijc4NDUyMmRmLTJjNGItNDhkNC04ZWZmLWQyZDJmY2MwNTA1YiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2thaG9rdS5uZXdzLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0Ijoia2Fob2t1Lm5ld3MiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExOS4wLjYwNDUiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiNzg0NTIyZGYtMmM0Yi00OGQ0LThlZmYtZDJkMmZjYzA1MDViIiwicG9waW5fdmVyc2lvbiI6OCwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ==&t=1700210435894
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:36 GMT
last-modified: Mon, 07 Jan 2019 09:48:08 GMT
server: nginx/1.13.5
etag: "5c332058-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 287ms
287ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: kahoku.news
URL: https://kahoku.news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 08:40:36 GMT
x-amz-version-id: null
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.44
Content-Type: image/png
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2316
Expires: Fri, 17 Nov 2023 09:40:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 90ms
90ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4d37de72c71d6d58ccac23fb1c166cf1b97999c74d57692fca49f7a288b48db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12421
x-xss-protection: 0

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/17/20231117khn000002/ 7 KB
8 KB 982ms
982ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/17/20231117khn000002/001_size3.jpg?timestamp=20231117173635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e348205c0ef98c66e0540040abcfb1f1d85735055b2f696f146dd27d7c7dede2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:38 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 00:45:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "35e751779f1b918100331ab439782a06"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7449
x-amz-cf-id: 30akPhJmsVrzsoYSWA91Gf4sVltRPTMNKJL372LPGn9VdRq3KVbfSw==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 08:40:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AA1 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A4A 829 B
560 B 50ms
50ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b2ffb146740e525a01d29888221f77ceae14f9434fe814ab0447e950709a95bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bv6BknH_uW7KOBIw9yiZmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kahoku.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bv6BknH_uW7KOBIw9yiZmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 08:40:37 GMT
expires: Fri, 17 Nov 2023 08:40:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 001_size3.jpg
kahoku.news/images/2023/11/16/20231116khn000049/ 29 KB
29 KB 966ms
965ms Image
image/jpeg 143.204.215.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kahoku.news/images/2023/11/16/20231116khn000049/001_size3.jpg?timestamp=20231117173635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-77.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c58bc4004f5ffc252ce9fc72d742b63c40da522d3d34e4efc21e9d2d335539cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:39 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 13:52:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "38e85e039d2cc6f1f10e6b79527a2c80"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 29770
x-amz-cf-id: Ok7xmsmDmyr85Udj4fasQN_l_hzPHnNjVLpK2lhHK577Gnmot_oRxg==

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AA1 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A4A 0
0 74ms
73ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1608245757115682&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7AA1 0
12 B 39ms
39ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zZuomQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 08:40:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1608245757115682&bg=!q6ilqOfNAAZxrfrxUa07ADQBe5WfOFlwxZstAGZYguo_39u9roT50d2tkuwu8NXbp2yxv1Mkw5a-hKzuZuJpsjdWJDTlAgAAAEFSAAAABGgBBwoAzWIMwNzbHVwdVG_sGFhMKIIGZBJ-MDNlq0bx-Pkoj6kVxTD5wKeuUohFu_GHGcl8tup1nBrdSHe3sVlOZW6BVB1raJl_hg0IIqvllzKVpi_LqlwTBcVwh_QyGM-LJeOekauLcY5jOrrsujrzs97weGvM9bD5O3nC2PsC8ZN2oudU7WTDLG34DCkqK5gtgJGeTSBJHhp_bpdiEvrFuxrj4P0jlXHpLaq1k0ELET5Fx7KkrzJjhbkVVkMYuHXMg-m5rJvDF9ezKfax0QGgsDiZArHz8fjwPV8j4nJ2Ezolbrk3VRIJJZRYHHs88USu-0dLYvAHbYwu5KaSDPU4Kxj8-kITdf0Yt8MqtDLBde-UGM3WXmGsd3UExxILSoDP_stawe4PkiCMjF6BOjbPRWu89bxJ4_Vo3vSiJMqajaDmHuDtCG4b0IOTHvbRWndKa8DpjKIjXBVJxnMgApYJ6zkhrFIPcz8sLzxUAfn_Eodl_gbBEEqRuOXfkOZRWqtw-3FxB_fIpAnO1uKBpAR-vbctnWV_09Bez6Ov9YBPZK5kfvRtpAW0MZmD8RTnXkBdKJV8BNBaOstQ19dK60MRWLtmifE8rqGQfqm_bXoiZClEViZo5XZ74QE-HmndxYvzvmxlt3T4aK48D_UcN9suwX1r_CKJ7D8an0B1mia9lQAO6lbGeWbuxKrFIkl1IAb4pUQj5NBv4tYLWQzqyw2nujwudj7qm9tHzOsF6bNTbMw5GG6J3P5OP3NeWA9OHYEcALCCcbeaJXD7y3oIviFJexxWzc1qu8jR6eusXQ8Ap593xJ4O8n6fj0CExoUPoioNxXaLaUjA0Dw-3JwTOsaWd7tBEuYN1KktC6FtrRf5s3eRpRnfuE6u2zluKmKKJdzQ8CAZZgHSbn3_6ZyvLzy8RR46pvYPvi59v0DKOjGqVF3vI4B5VR9NetldtpjLFc2czFQMIGpSoT32z2txb3UwR3oE0yo48Nd_6FZsqiY2dfvuBaNesqNvxkq8_pcM3_vABm2Q6D3stLQ_Nta7aHuMPnMDzI_8NY5I9VDDIQGf3buKMYJrsXbW7xrs60M_h00i6WuAvvuPb0DAd33lxdt2QsSQehhoiIId7__oZgdfNm29F_m9w-2iHiTeJZFAF3NbLBh4Eeqn0dqMvMmWf-F9PwIXNncFcc6kD7vnuQ_PQlwcxWHk9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kahoku.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-38CM5WJRN0&gtm=45je3b81v874519667z8893022068&_p=1700210431271&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1733892707.1700210432&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1700210431&sct=1&seg=0&dl=https%3A%2F%2Fkahoku.news%2F&dt=%E6%B2%B3%E5%8C%97%E6%96%B0%E5%A0%B1%E3%82%AA%E3%83%B3%E3%83%A9%E3%82%A4%E3%83%B3&_s=2&tfd=11067
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38CM5WJRN0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kahoku.news/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 08:40:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kahoku.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lb.eu-1-id5-sync.com
URL: https://lb.eu-1-id5-sync.com/lb/v1

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kahoku.news/	1970-01-21 01:45:38	Name: _cb Value: De7sfCB7Q19ICaHQRD
.kahoku.news/	1970-01-21 01:45:38	Name: _chartbeat2 Value: .1700210431597.1700210431597.1.ByzmQKCrrPXZjndgoBWcbwwVeE9t.1
.kahoku.news/	1970-01-20 16:16:52	Name: _cb_svref Value: null
.kahoku.news/	1970-01-20 18:26:26	Name: _gcl_au Value: 1.1.220736091.1700210432
.kahoku.news/	1970-01-21 01:52:50	Name: _ga Value: GA1.2.1733892707.1700210432
.kahoku.news/	1970-01-20 16:18:16	Name: _gid Value: GA1.2.997690534.1700210432
.kahoku.news/	1970-01-20 16:16:50	Name: _gat_UA-172006598-1 Value: 1
.kahoku.news/	1970-01-21 01:52:50	Name: _bdck Value: BD.1jp6pA.oLss5vA.2
.kahoku.news/	1970-01-20 16:16:52	Name: _bdsid Value: BD.1jp6pA.oLss5vA.1700210431972.2
.kahoku.news/	1970-01-21 01:52:50	Name: _bdnvf Value: YmQ0X3Ny0TPMKjArcNTL9ykuNi1z1DM0NzAwMjQwMTa0NDfSMwIA
.kahoku.news/	1970-01-20 16:16:52	Name: _bd_prev_page Value: YmQ0X3Ny0csoKSkoVjV2VDVyA6LsxIz87FK9vNTyYiBPzwgA
kahoku.news/	1969-12-31 23:59:59	Name: _bd_reception_request_timestamp Value: YmQ0XzM0NzAwMjQwMTYysLQAAA==
.doubleclick.net/	1970-01-21 01:38:26	Name: IDE Value: AHWqTUmUrpGbk-QiZx2RbSAs9s8gR4Bs7V_7Du17Op0pS09mVC_QZ3yNSOf42-GdXvI
.kahoku.news/	1970-01-21 01:38:26	Name: __gads Value: ID=877f70510603a06a:T=1700210431:RT=1700210431:S=ALNI_MZ5PbK4iJhhroqbJGZome9K7nzGDA
.kahoku.news/	1970-01-21 01:38:26	Name: __gpi Value: UID=00000cca4077e232:T=1700210431:RT=1700210431:S=ALNI_Ma6aPtngxyHL_iLmM1n9DUUzRc99w
tracker.smart-bdash.com/	1970-01-21 01:52:50	Name: bdid Value: bd-8ef9f8ae-9dc8-4e9a-b8e3-67b61ee20cf2
.doubleclick.net/	1970-01-20 16:16:54	Name: DSID Value: NO_DATA
.kahoku.news/	1970-01-21 01:02:26	Name: _ss_pp_id Value: c483a6d74d73ba1ab0d1700206833841
.kahoku.news/	1970-01-21 01:03:52	Name: _yjsu_yjad Value: 1700210434.0815406f-9aeb-4a70-82ab-1e1172d8ae4c
.kahoku.news/	1970-01-21 01:52:50	Name: _td Value: 784522df-2c4b-48d4-8eff-d2d2fcc0505b
.popin.cc/	1970-01-21 01:02:26	Name: uid Value: c483a6d74d73ba1ab0d1700206833841
.in.treasuredata.com/	1970-01-21 01:52:50	Name: _td_global Value: 354ec6ad-ce15-4926-b295-77470cc7dc2e
.kahoku.news/	1970-01-20 16:16:52	Name: _bd_prev_page_ex Value: YmQ0X3Ny0csoKSkoVjV2VDVyA6LsxIz87FK9vNTyYiBPzwgA
.kahoku.news/	1970-01-21 01:52:50	Name: _ga_38CM5WJRN0 Value: GS1.1.1700210431.1.0.1700210437.54.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://am.yahoo.co.jp/rt/?p=OT0EG8BX1E&label=&ref=https%3A%2F%2Fkahoku.news%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1700210434.5199752&pvid=vq98d35bixlp2de77q&su=0815406f-9aeb-4a70-82ab-1e1172d8ae4c&_impl=ytag Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10aff647f4e27896a87361aedce38141.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.eu.criteo.com
ajax.googleapis.com
am.yahoo.co.jp
api.popin.cc
bousai-parts.kyodo-d.jp
c.amazon-adsystem.com
cat.nl3.eu.criteo.com
cdn.activity.smart-bdash.com
cdn.ampproject.org
cdn.id5-sync.com
cdnjs.cloudflare.com
config.aps.amazon-adsystem.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
img.youtube.com
in.treasuredata.com
inrecsys.popin.cc
jp.popin.cc
kahoku.news
lb.eu-1-id5-sync.com
log.popin.cc
mab.chartbeat.com
pagead2.googlesyndication.com
ping.chartbeat.net
r.popin.cc
receptions.smart-bdash.com
region1.analytics.google.com
rlog.popin.cc
rtb.nl3.eu.criteo.com
s.yimg.jp
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tracker.smart-bdash.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
lb.eu-1-id5-sync.com
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.176
119.63.198.188
143.204.215.34
143.204.215.77
178.250.1.6
18.66.110.17
18.66.122.71
18.66.138.185
182.22.24.252
2001:4860:4802:34::36
2600:9000:2646:4e00:18:1fcd:353:c61
2606:4700:10::ac43:266a
2606:4700::6811:190e
2a00:1450:4001:801::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a04:4e42:400::714
34.193.19.100
35.190.27.55
52.222.214.6
54.166.239.48
54.199.101.239
99.86.4.71
009ac93a0533c6f4caff30fb4721e1e9adb919e901d87f990f441bceac6e2502
048d5a78eea99e7fa1c97668994f8a7979e9c7145421ff1625280905300d49a5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070e7efe2f13a04c1d5c23ff1e7062d112dfb3e2de56712f511441f3d4dbac9c
075551ef3eab5745e78f42450bcdc9b63f257554b2c741f6f61c6ae942df064b
079b2f8ac33e70f1f61cd02222b7a9c3bf50717e7b84251ba9be78c89c0185e2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac6f1f9eb176490e2c763046b8dc80459e295dd1952b228426760d0f0fbe317
0c82a6ff436966415eb2feb7d8cfa6864ee85f6c58b4a2124e8dcfadc41b01f2
104144ca50f36c94149b2fc6bf84ea7bf8c6b14a1dec2c915b25f3218bd533b5
13267b1062a8e54f6f78424e5f33ab3e7112c1694367b052f6eef9f787513672
15e051deb35374b15f4ac4dc57f500891688464a5ab57f94a96a6e0050a207c1
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1ac8194f618f9023e8eee3c179a1f834efefd04657be0924ce560b0caf230f94
1b07d57ba673e54fde9861034facadd6fae3c56e32b5d301ba9a35a57bf54eca
1d563861ea6d8ad023f895371517e3f9d7f361e42bf67159790f9c604e224deb
1f2df6a1a501a0922a976d878630ff43bc46ed73b4b3355d548390a16f58dbf5
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
224a951debca209ee019ab64a09e5d86e134f898abbd2aa23e212b9a41ff73f3
281d4c29f5c2caa38a9341eedeff4dd389cc39a195f567d7dbf4474c3adfef58
289f7ff4c84342ccd83dedb5c5e38cddb22e87f46b2dda40b7483eff28067b3b
2b75b52882be2ba7bb212214af5d5895bf8fa72c5550b6aacb1af429e18f0687
2c994105a9d6127da09d24b2f746ad5fe09e22014714c64f021ae0daadf4d24a
2d94e1d5bb84989f38e3924c860a6532a3002592356fdc65ab8c0392adb15d53
2dda22e34a2d0d66745bc52d3e60349184160e2ab437fb906a4130f78ce74e43
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32d1a7f31630c56fc8d5092a3a7d51e9ae086b57ee8a0bb42fe438b1d075de50
330e673f9146dd263552d6145d2aa6b252be8ef55be5df273577ecfc2ecb3cca
3420052137ae9e3e3cdaf56200d8fc532886dcee550ee56f00c2572b1cc3e8fa
35056c04492985dee7df9e1569cd09ee835e2bdc0320e59b93f92c5db8b1e775
35807d641f302e0136f70811c27696dc8596ffce89ced14a2cc9060639bb9ca9
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39d3f4f8ab39040cda41ab4d7fb37cfd14d1c67e2259879266b7983bf1797fac
3a28646c3df8221a34c3bc1b9d9e6456a502e790a8b10677aeb2bee4e730290e
3a306f7a7dafbf0e04ac1bd7a7523ad9f27994da72d90557d24c9fff97c7e8ac
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c35a56b136d9f871b531f8f71306331b9799a6eea4d9d389959de29e6d2a13c
3ca416027ce24f8929d176aca9c1d2269e041214483a24ab621454fa470aef00
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3fe7285a1169eeb269e67c54ce955be26daa180637005928e5caedac1d311006
4228c2726ca923a09224bccdf3bca009931b2ae2df698a208b933e5967e30e6d
4451cd73599d5cb74d07b4c0efc9214fcfd1c649d24c301b4900d1100f921623
44e59fa896a9f12fb6295a81e1697b6a272047d6f10ecbd168f175ff13964588
456d3ecf334af8195546d0b6c59c74d9b169cba69d6e5c6033639c520d7383fa
46107a47f83483eab39af1d10f49a2285ef82d04565776df0ccc380e9663284c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d6c679ab6fbb598035ac632bdaf230aa8085c378c0471b2baef4e19d4515e
4834a45914bdcec504cc6e6cd06dc74fcf1611833d2f129c0a152fd84b6b7d61
4abf006c30b5d3de1a139a0f1f12ce6b97b7661e1e4db4aa2b8bbe6f76835d2e
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4ced3053046432f2e13d701b1b60d0117530bf4e0704958b576ce77ce6bcaf18
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
5242c5dc50574145a166605d6c7e18cdea0b821a00b015daa29e843ec696e038
52fef6d4a29866a6ea39cb83673768f7622a5a198e1e96c7f5100dbe847a1c48
539614698484c01d86cbd1deff95ec79c842245587abc2b12292f6e1eddc8fe8
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5409b00c1531cf7e989e59f50a440f3a70c019dbefd5379327661fcb8d16bdc3
559c86f9472c691f9f02473b5b2a9b50a1511044e245ba660e94cbd2444340c1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bfc0860e8272ed74f216b1db0fdeffcf90f45672027e693f764f54deb0e0ac
580699e12fdc335a9545f5ecc2039a3de9eff1c19de55132b24193aa0bccc56c
5f0ae1726ce2ab79c4f76a3709c496386c79e967f9eeac8abdc2066d8f2a4388
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6a8542630c020e05326ac2e014ac3a8a0ba96a78d795c36ec53fa98c6a70ffb8
6b46e819264e9be360212cd651bcd5da2fbe3cd6853f60ad2a4a47ce67747498
6db666c018f794eb6034e316e72fc7bb03a79237281ce5927f6672d66533d4fe
6f11d9ee1fe1b56410a084b2176744efd01469a29a55bf9eac1355a81a6da17a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75408ada0a7482fb508e3b272017828e9c177db49e261a851491a4cc6e2dbb51
762f2b9c9d00b67d61739c625c710236414ae92d2183d2f167d2fc363599caa0
775e99e46d6f0fdd1af6a6f4b23d106d64b5f1a8cc61f0f96f3932f27bedc12a
78abba991c67583113f81ccccf2f9f2c0978fdeaec6a66b84b1e3603e7075a4c
7d381c59363794b6ecc688dfe83704f5fdb9a948d811c0d6dacff3b8bad31ba9
8334a111af9c13dfd14b2229191dda4f4537360ba7a96d4f9c0e116abf92894c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b1196518339ac96647f549019d8adee90dfc1d4dd812bb7254740414fd44e3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
893c828b5448887838d429716d440f1e77ce6fb72a600c1b87a7600dd1c97a0a
8bc182d1d57cb57e95a0df5978cf0815b31d97cc665bd1a5e750890592ffdc68
8d898e9540556bbfcb7c70f16c5360dc46c17f13726e3d57dd64570cf1e4326c
8e114141954f7241d6603e96662b215b45dd7d79215c584677676328b18987a3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92216270872c0920a5b6c3f4cf5e17f0ec15ed1597d8d0d6577b4aa04282f4bb
93cda287211ce71dd8b080774d2930e6981cff2ef937ff726a0c8082bbe1696b
9447d8d599fddf9ad80179c0c0bc55b7c0ece35aea3859abb505e6b388a3736d
95428f9ffb52bfdc49d6cde9c7d2215f247a2feeb76630081451bc0ed0699625
97bc2fdacb6911749d06c22b469468e02a0ffcbd04b4eaca0a03ec3ba5be573b
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9c3372657b3ea254c500414b7fd8e40e3622b8ffa17ce3b753de469bca6ec2a1
9c9822471365b39702b8c8fbd99c328c0a73e482b230bf925816a81499474baa
9d0bb7c5ded56f5bdc05cbcd0e3bbd3b015e640b6d841578f323fc2a9d912ae8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b3a1fd7ae0dbda85fc6d8c0f5f169e3966c5db27b445de6ffc102a0c9abb31
a23c86eef886c2e76245a7320318b00e14aaaeff7fbbfb5fb1794952f824a58b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a384e00bc6e180bdfb08fbd45d5fb82d23cdddb36ebdd2901528d07c061b342a
a4d37de72c71d6d58ccac23fb1c166cf1b97999c74d57692fca49f7a288b48db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8f227ba667bb4b2491ec17f432a51de5252a1289f9995d8fc89d3e9e4b3fa54
aae049d567bc0e7d2996ca1540ea1736411ec97bd7fcb65b3f0bf652a90f24f6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b2ffb146740e525a01d29888221f77ceae14f9434fe814ab0447e950709a95bc
b3eefb3e372fc2c884fc841effd93343ada2577e3ed7680d6274999df67a3597
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b96c9ad16b83bf43d922be6d716dd84d8c7803bec36b645e00cdb138d49275f9
bc38b4ff7084f66dc04585ddcf8973974f6a6a5a4d4dca392042848e789b3b73
be8df3fbd7c7e4bbf33244b282f9fdc78787694549dc01d5890b4e88d06e5221
be9edd901938f350b900ad0243d7b2f8620ea562f14a81654aa483d755692730
c576b722faa8bb0af734fee664fb88849fb60561b5f10c3fc5821dc1813adb68
c58791aefddfe2b0e059c7f1e59de552ea94789156f08c15dbf4d79a9f0b3bc3
c58bc4004f5ffc252ce9fc72d742b63c40da522d3d34e4efc21e9d2d335539cf
c5f62973df6cf9c6ec566fd21629ba7c2667a93765cb24417b427834dae9f4e7
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c62a471538d0be212771364e36f944df6b27b2b6fc0449ee11eb816ab10469ad
c80303ca2530da3dd16e07e653249cca7507a432e1aa7e3cf85893de64475f5a
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc19704da7054e1adeaf4a10f55e6b756da32538fd7ddce296bb025eff807bca
cd3773827402b903bb474c4848e29ab51c7c3e57a02dd32bf42b8b8bf3977c51
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
d863583204dce53ed7e1a7d2c06d000e193aa94cb42bf1265f0b24314c519d74
d86fca859cdbabe9b5169a2c48e25dffe01c2c19f624257052ade77433c386e4
d8712fbd2888b6ffc60a6a0dfdbc0434a698f5ec4f6eba4ced60e09f41ede046
dc8a16cc129b419f03c8b157852209e003ce9f8f6d408aecb0f46029da982bf5
dd73f4e1f4316b52955d52de613c5cbb1034124faf6657ceb6d1e1799979790a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1b23668877d718b66e5c6b1c88d8f1b01daebf309f5e93c9d1040e1d63a9d6a
e21b73671087f9af017ea7a958020b7b064fe530efe1a186ca516e2a0fb4bab7
e348205c0ef98c66e0540040abcfb1f1d85735055b2f696f146dd27d7c7dede2
e3a1469692801aa1c38de51dfc26be8d5317e5951675a79d62f24b798af34b0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6af4d00985609bee1de367271c3a70bff329864c60121067ee07bf051209d1f
ec129c035da9abfda075e92566ae869f2da30427058eae169c3fee23fff26671
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
ec91b1d393870af074f1269597f15663607840b592ce389f9223468e09a27c6a
ed095f6683a2b03f2ae0f23e48193c3c370cb54252c790ed49f5aa812f438b1a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f279e7a019762fe2a39fb792d5e6030de90f9d94e4da54b68da31c734692b843
f409af6a34ce7b0f3f8e9846e7311b197e8d22103123ba28f40a66ae4c11cba3
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f6d95c281d4a1a71473394b0a1ff3388dc04e777ac326aa18d6d90e399dfa0f4
f6efa02a4bbd4e6defd0bb781800d539410bd1422221f4331eee0b112753edc5
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fa0eae5773067fe93f81f7b4ec126c9a9dcedf493ebb3100356167bccdc5650c
faeff7481b825698e09dd4518b24a72a09d627658e2a00eb0dc25786761a4af9
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5
fbcc0e532c58fbbb6758fc080317236616e2c2b7eb3f7f09c444633b9b00e318
fc67035c0ab13cc2c50c94ad42103cc1972da2cf5255bd78f35ff7afea2ab98c

kahoku.news Open in urlscan Pro 143.204.215.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

314 Requests

99 %HTTPS

59 %IPv6

26 Domains

46 Subdomains

44 IPs

5 Countries

5514 kBTransfer

13327 kBSize

24 Cookies

39 Outgoing links

Page URL History

Redirected requests

314 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 28 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kahoku.news Open in urlscan Pro
143.204.215.77 Public Scan

Screenshot
Live screenshot

Full Image

314
Requests

99 %
HTTPS

59 %
IPv6

26
Domains

46
Subdomains

44
IPs

5
Countries

5514 kB
Transfer

13327 kB
Size

24
Cookies

314 HTTP transactions
28 data transactions