urlscan.io logo urlscan.io
SecurityTrails logo

news.now.com Open in urlscan Pro
2600:9000:26da:8600:8:e4a9:2240:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2oIvDQR
Effective URL: https://news.now.com/home/finance/player?newsId=180275
Submission: On October 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 14 countries across 61 domains to perform 333 HTTP transactions. The main IP is 2600:9000:26da:8600:8:e4a9:2240:93a1, located in United States and belongs to AMAZON-02, US. The main domain is news.now.com. The Cisco Umbrella rank of the primary domain is 619899.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 20th 2023. Valid for: a year.
This is the only time news.now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 1 2600:9000:26d... 16509 (AMAZON-02)
50 2600:9000:26d... 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
21 219.76.112.42 4760 (HKTIMS-AP...)
1 20 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 18.165.201.12 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 8 37.252.171.52 29990 (ASN-APPNEX)
7 2a00:1450:400... 15169 (GOOGLE)
2 18.245.60.76 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 8 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 34.253.64.164 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
10 2.17.190.130 16625 (AKAMAI-AS)
2 151.101.1.55 54113 (FASTLY)
3 2400:52e0:1a0... 200325 (BUNNYCDN)
23 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
2 149.129.240.178 45102 (ALIBABA-C...)
3 108.138.37.209 16509 (AMAZON-02)
1 185.86.139.96 201081 (SMARTADSE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 52.17.114.157 16509 (AMAZON-02)
4 5 104.18.26.193 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 99.86.4.128 16509 (AMAZON-02)
1 18.173.159.32 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
4 172.217.16.130 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 44.206.40.57 14618 (AMAZON-AES)
2 8.218.26.252 45102 (ALIBABA-C...)
2 47.250.12.214 45102 (ALIBABA-C...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 21 216.58.206.34 15169 (GOOGLE)
7 104.18.27.193 13335 (CLOUDFLAR...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
1 35.227.252.103 15169 (GOOGLE)
3 4 198.47.127.19 3257 (GTT-BACKB...)
5 5 46.228.174.117 56396 (AMOBEE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.155.156.180 1299 (TWELVE99 ...)
1 2 69.173.144.139 26667 (RUBICONPR...)
2 2 76.223.111.18 16509 (AMAZON-02)
2 4 3.124.81.102 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 184.30.22.30 16625 (AKAMAI-AS)
2 23.213.164.238 16625 (AKAMAI-AS)
1 184.30.20.22 16625 (AKAMAI-AS)
1 23.213.164.226 16625 (AKAMAI-AS)
2 104.18.25.18 13335 (CLOUDFLAR...)
2 2 178.250.1.9 44788 (ASN-CRITE...)
8 198.47.127.205 3257 (GTT-BACKB...)
1 2 52.94.223.167 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 31.172.81.159 44066 (DE-FIRSTC...)
2 2 54.172.204.227 14618 (AMAZON-AES)
1 54.77.82.203 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.72.74.77 16509 (AMAZON-02)
3 3 37.157.3.26 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
2 35.71.131.137 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
3 3 54.83.166.127 14618 (AMAZON-AES)
1 2600:1f18:ed:... ()
1 2 52.46.151.131 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
333 85
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    2600:9000:26da:3c00:8:e4a9:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)
news.now.com
50    2600:9000:26da:8600:8:e4a9:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)
news.now.com
2    2600:9000:225b:c400:13:6c41:f5c0:21 (United States)

ASN16509 (AMAZON-02, US)
d7lz7jwg8uwgn.cloudfront.net
10    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
21    219.76.112.42 (Hong Kong)

ASN4760 (HKTIMS-AP HKT Limited, HK)
PTR: n219076112042.netvigator.com
images-news.now.com
20    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    18.165.201.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-12.lhr50.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:225b:4400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
7    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
2    18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.253.64.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-64-164.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
10    2.17.190.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-190-130.deploy.static.akamaitechnologies.com
cdn.innity.net
media.innity.net
2    151.101.1.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
3    2400:52e0:1a01::907:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)
cdn.insurads.com
23    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
2    149.129.240.178 (Jakarta, Indonesia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
as.innity.com
3    108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net
c.amazon-adsystem.com
1    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.17.114.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-114-157.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
5    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.173.159.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-159-32.muc50.r.cloudfront.net
aax.amazon-adsystem.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
37    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
googleads4.g.doubleclick.net
7    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    44.206.40.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-40-57.compute-1.amazonaws.com
services.insurads.com
2    8.218.26.252 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
optimize.innity.com
2    47.250.12.214 (Kuala Lumpur, Malaysia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
optimize2.innity.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mts0.google.com
21    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
cm.g.doubleclick.net
www.googleadservices.com
7    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    3.124.81.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2607:f8b0:4007:815::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
8    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
image2.pubmatic.com
2    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    54.172.204.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-204-227.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.77.82.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.72.74.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-74-77.eu-west-1.compute.amazonaws.com
a.audrte.com
3    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a05:d018:d29:3605:290e:3f93:cc5a:81f7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
3    54.83.166.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-166-127.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:686a:b20f:8598:8ecc (None, )

ASN- ()
i6.liadm.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
Apex Domain
Subdomains		 Transfer
72 now.com
news.now.com — Cisco Umbrella Rank: 619899
images-news.now.com — Cisco Umbrella Rank: 636698
3 MB
67 googlesyndication.com
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
770 KB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
635 KB
15 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
image6.pubmatic.com — Cisco Umbrella Rank: 1171
ads.pubmatic.com — Cisco Umbrella Rank: 837
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
simage4.pubmatic.com Failed
28 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
8 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
mug.criteo.com — Cisco Umbrella Rank: 1822
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
15 KB
10 innity.net
cdn.innity.net — Cisco Umbrella Rank: 29928
media.innity.net — Cisco Umbrella Rank: 55732
16 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
500 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
73 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
22 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 11
region1.analytics.google.com — Cisco Umbrella Rank: 2225
mts0.google.com — Cisco Umbrella Rank: 6671
35 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
363 KB
6 innity.com
as.innity.com — Cisco Umbrella Rank: 22578
optimize.innity.com — Cisco Umbrella Rank: 36342
optimize2.innity.com — Cisco Umbrella Rank: 909419
4 KB
6 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 21614
services.insurads.com — Cisco Umbrella Rank: 17723
52 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
65 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
14 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 1067
i6.liadm.com
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
1 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2190
google-bidout-d.openx.net — Cisco Umbrella Rank: 2191
rtb.openx.net — Cisco Umbrella Rank: 1029
939 B
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720
imasdk.googleapis.com — Cisco Umbrella Rank: 657
fonts.googleapis.com — Cisco Umbrella Rank: 113
157 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
1 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4243
c1.adform.net — Cisco Umbrella Rank: 954
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144
898 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
2 KB
3 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 76
www.facebook.com — Cisco Umbrella Rank: 109
628 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
12 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
75 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
91 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 821
868 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
297 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
3 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5981
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 713
953 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
643 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
207 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net — Cisco Umbrella Rank: 1062
10 KB
2 anymind360.com
anymind360.com — Cisco Umbrella Rank: 15334
179 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 3974
515 B
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 668
17 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 239
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
149 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com — Cisco Umbrella Rank: 687
31 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
3 KB
2 cloudfront.net
d7lz7jwg8uwgn.cloudfront.net
1 KB
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2779
424 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
187 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
610 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
588 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2803
173 B
1 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 7225
397 B
1 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10477
554 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724
3 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 2075
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2392
8 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6347
439 B
333 61
Domain Requested by
51 news.now.com 1 redirects news.now.com
ajax.googleapis.com
37 pagead2.googlesyndication.com news.now.com
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
23 tpc.googlesyndication.com a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
news.now.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
21 images-news.now.com news.now.com
20 securepubads.g.doubleclick.net 1 redirects www.googletagservices.com
securepubads.g.doubleclick.net
news.now.com
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
anymind360.com
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
19 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
news.now.com
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
10 www.googletagservices.com news.now.com
securepubads.g.doubleclick.net
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
media.innity.net
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
8 ib.adnxs.com 3 redirects news.now.com
anymind360.com
googleads.g.doubleclick.net
acdn.adnxs.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 s0.2mdn.net a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
news.now.com
s0.2mdn.net
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
6 cdn.innity.net securepubads.g.doubleclick.net
as.innity.com
news.now.com
6 gum.criteo.com 2 redirects static.criteo.net
anymind360.com
5 simage2.pubmatic.com ads.pubmatic.com
5 www.google.com 1 redirects a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 x.bidswitch.net 2 redirects 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
ads.pubmatic.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 media.innity.net cdn.innity.net
4 googleads4.g.doubleclick.net news.now.com
3 i.liadm.com 3 redirects
3 image2.pubmatic.com ads.pubmatic.com
3 sync.1rx.io 3 redirects
3 services.insurads.com cdn.insurads.com
3 googleads.g.doubleclick.net a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
pagead2.googlesyndication.com
3 c.amazon-adsystem.com anymind360.com
c.amazon-adsystem.com
3 cdn.insurads.com www.googletagmanager.com
services.insurads.com
3 a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 static.criteo.net securepubads.g.doubleclick.net
anymind360.com
static.criteo.net
3 connect.facebook.net news.now.com
connect.facebook.net
2 creativecdn.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 sync.bumlam.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 dis.criteo.com 2 redirects
2 ads.pubmatic.com anymind360.com
ads.pubmatic.com
2 eus.rubiconproject.com anymind360.com
eus.rubiconproject.com
2 csi.gstatic.com securepubads.g.doubleclick.net
2 www.googleadservices.com news.now.com
2 eb2.3lift.com 2 redirects
2 d5p.de17a.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 sync.targeting.unrulymedia.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dclk-match.dotomi.com 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
2 fonts.googleapis.com 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
s0.2mdn.net
2 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 optimize2.innity.com news.now.com
2 optimize.innity.com news.now.com
2 as.innity.com cdn.innity.net
2 region1.analytics.google.com www.googletagmanager.com
2 mug.criteo.com news.now.com
2 anymind360.com news.now.com
anymind360.com
2 www.facebook.com connect.facebook.net
2 www.google.de news.now.com
2 stats.g.doubleclick.net 1 redirects www.googletagmanager.com
2 oajs.openx.net 1 redirects news.now.com
2 ssl.google-analytics.com 1 redirects news.now.com
2 sb.scorecardresearch.com news.now.com
2 www.googletagmanager.com news.now.com
www.googletagmanager.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
anymind360.com
2 d7lz7jwg8uwgn.cloudfront.net news.now.com
ajax.googleapis.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 js-sec.indexww.com anymind360.com
1 acdn.adnxs.com anymind360.com
1 contextual.media.net anymind360.com
1 pixel.rubiconproject.com 1 redirects
1 s.tribalfusion.com news.now.com
1 a.tribalfusion.com 1 redirects
1 rtb.openx.net 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
1 tr.blismedia.com 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
1 mts0.google.com 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
1 www.gstatic.com 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 bidder.criteo.com anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 htlb.casalemedia.com anymind360.com
1 prebid.ad.smaato.net anymind360.com
1 fastlane.rubiconproject.com anymind360.com
1 prebid.media.net anymind360.com
1 prg-apac.smartadserver.com anymind360.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 graph.facebook.com ajax.googleapis.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 imasdk.googleapis.com news.now.com
1 ajax.googleapis.com news.now.com
1 bit.ly 1 redirects
0 simage4.pubmatic.com Failed ads.pubmatic.com
333 111

This site contains links to these domains. Also see Links.

Domain
now.com
finance.now.com
sports.now.com
www.viu.com
moov.hk
nowtv.now.com
media.now.com
images-news.now.com
Subject Issuer Validity Valid
*.now.com
GlobalSign RSA OV SSL CA 2018		 2023-02-20 -
2024-03-23		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-05 -
2023-11-03		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-24 -
2024-02-26		 a year crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2023-05-01 -
2024-06-01		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA		 2023-08-25 -
2024-08-24		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 45 frames:

Primary Page: https://news.now.com/home/finance/player?newsId=180275
Frame ID: B4040515787F74E699C097DD3B7B1721
Requests: 133 HTTP requests in this frame

Frame: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 131C253FA94E452CA504C0DE28868BF0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.now.com
Frame ID: 07713FF83CBA7F19043D9EB9DF333634
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDrviTK3-CvgydWFsDhDC59Lsw5VGxH6pz5tOFR-bLX-HgOcr3ey1vUaHDlIQccWkfQccY-OWDbeu-0Z8ryjfC_Tnnalnp5R-9a6cn6UYTGV59S3vO3BEIawQH-2kJO6zPFVdwnQnJ8bYxeDUTkVfcswha_aiG0-ddPFbCtdo7NZ7mxHUmbCFhYsFSscx-Nu2-7xbX7E8ERx-d9sPJOQ--tD7qKuE5pjlotVv3qj-ToyaC75Y0YZsl8uFb8WkL2ihlNrTlUhhTcsJiq8uCwETdl89kCejkniEOFZxA7AwvJg3W8m4TGCg5IgZuefVcXYmZCiJMMsxpwJAeT6g9Kfe_M4UvCepL07vqUM4Nd3eQKKM&sai=AMfl-YSLA7Hy5ViNKQWg4GQ7Jbo0uqzCSzRicbd7WxRWMWPgwSQd1IHiFQEtznXRKm_eW47EbPSoMxRXoaB_y6SbxeFJ_EJLf7HY4Zm81D0GDmnB15sWPBlB6hyDdNWqB_X8UHybzgGFjnFg4Tni-SIw&sig=Cg0ArKJSzBiL-UzxeqGlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B33AB4634DEC66AFF7D238E5FA9FD079
Requests: 13 HTTP requests in this frame

Frame: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 170D7C22638FEA29E21E560113B16BC4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5K_QIBMgsNPrs4EQrJSqe4ltoLKFD2y_Q2_b0ndh-HLBeBWO_3akwK0xED9aRnWJyEe5_dKvtY5XOLI8KhLGISbjyGe2gebxYQIFVEqC-9Hym0GTYf-nMtPEf2qQHwL9iYvkfAvVsrTzM8oWAiZe1NkM_xmZrz5a54kVMUsig_qbahLU32XQH1fUjXX6vO4zuLo4G4RDRDEzLyBWElsEILqVV9wwAGjKdKarMt2SoK6epA-ZVbMc8aGA7x8YSYdKu750lOLYBlLDJppOBj0DbreQf1toOIQqmLuirf-klJ_n7L4-37x1CP256CQFHHjDOlJvTUS7Eod6fEp3KH6FEY27feyY-23ekmoXO9DtVt6iZQe8&sai=AMfl-YTBlXlXFW1M3-lp_8Y6krO5QyIzXEkaxxsaCLihpxGDh1oAioCGiK_oNPPnFwFlJBatko7ckCEcsvc7nhOxT2zESYFPggcCxEmGnVvRb0_Nt-loTA9U29Bcjdl5ehZtNCxxeI9RxJHWaQHJAwCl&sig=Cg0ArKJSzA9ik4EaRNBjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 267A581DAE98C65A51034FB8F201C5C7
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpmZyn3Psk3Tu5_fO_m1C3vsaVuAgKV09VRxzxEEUTte-I5GqRh58koagMu_dihZcS_LkZQnORt4LSY8WQZgG1HsfWWaq4RK5c5AkJAdurXHKPhtc1JlCECpfGbGV-UkTSUVcfBpIv-XQYUPfD5NbB39-rBE4nr1RnR6swQHvPBjJWbcPRsHHxjXgw358FDMcijHuMBpL-FKTaRbJvGILTU-9h1GWLaDXGuAmp0CGyKWEMKXZ5Q9f-GvtS4Y71wtHMxrUnfeTLkGWlIsCTfacZjiVfxENhYq0QUQbBIc3d6sZOjx5AaDMqaT_SFH5u7IzYmf41ZyKGig&sai=AMfl-YSb9PrkGEMpgyTIMnTp0mZGHAh3tdCuz_pg3_2j_IC10HAWXMjhtwTI6GXeB7YjAe86BSifPY8OQBpelEMRrvjgNaP9Zx3VVBv9q_r_4pMwRVz0plMimzrCBIWxVQo4r4RhZEpw9jybJJYjGzwJ&sig=Cg0ArKJSzNXhkeW2OsQNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A41A9573F7131FA189AA42BD8C332846
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BFAD8D352B6F2D9EE86C57742302E15A
Requests: 1 HTTP requests in this frame

Frame: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C758D0F597E4FA9C16AF4413A2F38AE7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGIC1r_sBMAE&v=APEucNVba6EVCxjoaU_g159PWHkStkDcHjbwmlY4Iqilh9w8ud295WQGpcITaAxJcBsxbJNGGLzmQ-fVqZc6hNSx1DXbuo-aJg
Frame ID: CE9012706ACB1A60404A59FC70C68296
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 200EE4196C1E8CC83EA5CC4C326E35AA
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 8C6D74B694CCE293AFAE15AA6D282A69
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 03D75B300246B1BCF3203E8B37311215
Requests: 6 HTTP requests in this frame

Frame: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: B9DEF93B5C31E617176C00EB154459A8
Requests: 1 HTTP requests in this frame

Frame: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 70B1E0FD6BA9A6DC2D2B54BD5C52B313
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00ED11140E48A8AEA789987F576179A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AA51D2B930000B7EA70CFF88D3EF709
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB160B9BB211E20F28EB1F2376120601
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 736A80E5301E525B848BDC684D435219
Requests: 2 HTTP requests in this frame

Frame: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 763654722853128799C744329FEE6118
Requests: 19 HTTP requests in this frame

Frame: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 4911449AA6E7DD7A65913F6D42AC8C68
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGOW16PoBMAE&v=APEucNVpxZRsJPZXQLsp4YSuLWZjdpe9YOw9ALUGFT75yOUXtXmP01LQi4NZYOkSGZEKxvfe0vaX2Z8JpJXs-b0-P7sixK2sF44nELYS2PrlxCK8Wmr9m04A-ecAPiMvR4J-3rPT6zOuMcHm7FCgi8ZR5WtU1es_JVitISqbtWjhnS3gtxKrTTI
Frame ID: 845342FC17BB8029AD9F540D918981D9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C32A0B540D360B919711B90F4FCAAED5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF27CEF4AD47086CB35DADBCD859B9A1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0E531DC4B3BA1D06939CDA523B67C220
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iReuXNJrLQNwx4hwZhnhj1hAEnrQ9LYCnPEKm4B4abc.js
Frame ID: 6B8BF7E14EDB120BC37DAFA684D0492F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
Frame ID: 87A88115D7F2A86508F5738751A427B7
Requests: 7 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1546&requests=[{%22eaUp%22:%22/29746187,94348418/hk_now.com_desktop_RightSticky_300x250_Finance%22,%22eoId%22:2788556564,%22advId%22:18961627,%22w%22:300,%22h%22:250,%22eId%22:%22main_hk_now.com_desktop_rightsticky_300x250_finance_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_LR02%22,%22eoId%22:2604461729,%22eolId%22:5181489535,%22advId%22:289699738,%22ecId%22:138288748646,%22w%22:300,%22h%22:250,%22eId%22:%22main_nownews_web_fin_lr02_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_LR01%22,%22eoId%22:3012214987,%22eolId%22:6032896793,%22advId%22:223740178,%22ecId%22:138451396154,%22w%22:300,%22h%22:250,%22eId%22:%22main_nownews_web_fin_lr01_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_SB%22,%22eoId%22:2604461729,%22eolId%22:5182368892,%22advId%22:289699738,%22ecId%22:138289048723,%22w%22:728,%22h%22:90,%22eId%22:%22main_nownews_web_fin_sb_0%22}]&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&ts=1698342016116
Frame ID: 01107832F20F8B709FAED713BC6692B1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/comments.php?app_id=515076798590105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bc1289942911c%26domain%3Dnews.now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnews.now.com%252Ff298da9df92048%26relation%3Dparent.parent&color_scheme=light&container_width=520&height=100&href=http%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&locale=zh_HK&numposts=5&sdk=joey&version=v2.9&width=
Frame ID: 7D0859C0D51AE1FECA29B03949B648E0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.now.com
Frame ID: 7DDFB9A0533FDE2026A95B691497A2B4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69DD130154F2809D223EFC9949FB5C7D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B32B1EB8C3D85DACCD645AE01C5B802B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F3DC9D777850CAEAE8E0F7E84B37DF1A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: E412ACCC1409AA1E4A1CD02273EC1381
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C2099%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: CFFBC030BB924CA3264CB10687A79C1E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C97FF11E6C23EFFE71E09AB62E6A52B2
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 00F8D6AB362BA6AABB12D0BAB5747B61
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: EF4AD35090C21F03D9E281796E793153
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BFCEFC0768C20CC6DB6642AAC47D7EC3
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2D0F69F052CE44E951FC9B4B3B5608FF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS
Frame ID: 84F0EB615F4394AF656B9569354EF159
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=607162672804343453&gdpr=0&gdpr_consent=
Frame ID: 1C2545C9E683C85BBE9075961D4ECFFB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294323411853768851&gdpr=0&gdpr_consent=
Frame ID: E86842C17203238D2C0033938A9CB63E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=476&user_id=bacd5b46-7426-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=7aac2e20-a45a-4291-89ec-64d9f40d4fdd
Frame ID: 86322A6C745805FAD4AF94082D4A0680
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&gdpr=0&gdpr_consent=
Frame ID: B15B4EA7C8DE0D7979B420E59189C3DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zalora:期間限定店無助銷售 | Now 新聞

Page URL History Show full URLs

  1. http://bit.ly/2oIvDQR HTTP 301
    http://news.now.com/home/finance/player?newsId=180275 HTTP 301
    https://news.now.com/home/finance/player?newsId=180275 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

333
Requests

91 %
HTTPS

39 %
IPv6

61
Domains

111
Subdomains

85
IPs

14
Countries

6233 kB
Transfer

12519 kB
Size

84
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/2oIvDQR HTTP 301
    http://news.now.com/home/finance/player?newsId=180275 HTTP 301
    https://news.now.com/home/finance/player?newsId=180275 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
Request Chain 94
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1502734636&utmhn=news.now.com&utme=8(deviceType*newsTitle)9(desktop*%23180275%20Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE)11(1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&utmhid=321619123&utmr=-&utmp=%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&utmht=1698342011304&utmac=UA-34166611-1&utmcc=__utma%3D262549139.1627611075.1698342011.1698342011.1698342011.1%3B%2B__utmz%3D262549139.1698342011.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=462188186&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636&slf_rd=1&random=2596601051
Request Chain 110
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=now.com&sn=ChromeSyncframe&so=0&topUrl=news.now.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=bXfdLXx3d2hLN1BEQUV1NDE5TzJvaThqaW9hNnNEN0NJZWp6bHJkNXFQVFdadk5jU1ZNaGhHWm1PUm55Mzc1TjR1T0s2R3ZoUG9FOG5Xd1QwQnBJWTFKc0hJYmRYVWVWeU5KNHZ0a1cyQnhaUWpDRngwWG13VXZtNUhkRHN0M3pzS1pvMnp2UmpLWnRHMEpxSTlrYkJuRlExekJwOUtJMmcxL2w2QUE4Wkc2eEh1ekRHRE50RTF0MEllWGJPb0lHNWNLM1Z6bHJFVVduTmo4SEpsSDRBQTFibThKcDZyY3I2Mmp2bHZ3d2FVU05nSHM2VEgyVWhqWG9VRGVnLzZyeVVtK2poamdQVmY0MGJ0ZGJ1dmlsekJTWTgwQT09fA&cppv=2
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTqkfwB2SO5BprpB3UViPwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJpd8HvYfJfEacJaQWlij9g&google_cver=1
Request Chain 232
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3MTYyNjcyODA0MzQzNDUz
Request Chain 235
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF966jHVoQswd-AU0NLJbLo&google_cver=1&google_push=AXcoOmSvb9hNJrCRdHrEPSZSVs61DxT1Ffhh2-ziGNmgILV7ZLeqKlRGEw5aRVKsaTgxPJ8g8FEA-ykIafc5keEG7VxbQHv0fc1d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDMyMzQxMTg1Mzc2ODg1MQ%3D%3D&google_push=AXcoOmSvb9hNJrCRdHrEPSZSVs61DxT1Ffhh2-ziGNmgILV7ZLeqKlRGEw5aRVKsaTgxPJ8g8FEA-ykIafc5keEG7VxbQHv0fc1d
Request Chain 237
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDTlV8Y-slPmHS_RUgBNAOY&google_cver=1&google_push=AXcoOmSAD2KD9-iuNyA5mc5FNTvfBvRH5xXm-CDdG0VYN2wVaON02jhhHyaUv0NjEPGjhN2WdZGXiVE6waSdUE7yFdiINNykHgdO HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDTlV8Y-slPmHS_RUgBNAOY&google_cver=1&google_push=AXcoOmSAD2KD9-iuNyA5mc5FNTvfBvRH5xXm-CDdG0VYN2wVaON02jhhHyaUv0NjEPGjhN2WdZGXiVE6waSdUE7yFdiINNykHgdO&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O8TChM_iRJSg0KoglLqwYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSAD2KD9-iuNyA5mc5FNTvfBvRH5xXm-CDdG0VYN2wVaON02jhhHyaUv0NjEPGjhN2WdZGXiVE6waSdUE7yFdiINNykHgdO
Request Chain 238
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_cver=1&google_push=AXcoOmS4v_1f2oPdCkfXNL2s5ESR2wTIkKwzpedFMxeMbKlRm_Wk8fNkRin70nfa84p9Pyjy95W8h9VRh76Ytxw03CGYAF5E7Q3Q HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_push=AXcoOmS4v_1f2oPdCkfXNL2s5ESR2wTIkKwzpedFMxeMbKlRm_Wk8fNkRin70nfa84p9Pyjy95W8h9VRh76Ytxw03CGYAF5E7Q3Q&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_hm=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&google_nid=index&google_push=AXcoOmS4v_1f2oPdCkfXNL2s5ESR2wTIkKwzpedFMxeMbKlRm_Wk8fNkRin70nfa84p9Pyjy95W8h9VRh76Ytxw03CGYAF5E7Q3Q
Request Chain 239
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEYvUQkwkf5E-oqcBfSn7tw&google_cver=1&google_push=AXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698342015187 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2590339b-5791-46c6-a4b8-ff440c35f3e6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9%26google_hm%3DAyWQM5tXkUbGpLj_RAw18-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
Request Chain 254
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPeSZ6ERsXxlCwojuLnvcm4&google_cver=1&google_push=AXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeSZ6ERsXxlCwojuLnvcm4&google_cver=1&google_push=AXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 255
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECvdEcQw7J3U4tmdK80ZUfk&google_cver=1&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_gyVepw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECvdEcQw7J3U4tmdK80ZUfk&google_cver=1&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_gyVepw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_gyVepw
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF4d2H_FHQXzgsJHLwf0g4I&google_cver=1&google_push=AXcoOmS7JjL003_0N0VjWf_KsibBZ9tQvL9ejLKIm1zlX2ZSIUA-zdnCzw7B94dXddMPdZT7GITZYBFy5Su2i2FoBWEjSgP4fQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83R1pGRVEtMVMtRzI2RA==&google_push=AXcoOmS7JjL003_0N0VjWf_KsibBZ9tQvL9ejLKIm1zlX2ZSIUA-zdnCzw7B94dXddMPdZT7GITZYBFy5Su2i2FoBWEjSgP4fQ
Request Chain 257
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEYvUQkwkf5E-oqcBfSn7tw&google_cver=1&google_push=AXcoOmQNj9VAZIq5DLHKwqCtVux7xq3pAyQ0HJfc7k2YKTclHxQJNuqxWETb35X_9yZErtoC55PppqQ4QcJxHz-ukUMLVAYOLHk HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2590339b-5791-46c6-a4b8-ff440c35f3e6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQNj9VAZIq5DLHKwqCtVux7xq3pAyQ0HJfc7k2YKTclHxQJNuqxWETb35X_9yZErtoC55PppqQ4QcJxHz-ukUMLVAYOLHk%26google_hm%3DAyWQM5tXkUbGpLj_RAw18-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQNj9VAZIq5DLHKwqCtVux7xq3pAyQ0HJfc7k2YKTclHxQJNuqxWETb35X_9yZErtoC55PppqQ4QcJxHz-ukUMLVAYOLHk&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
Request Chain 258
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKBFYSLdS734v_zdNrfZJLE&google_cver=1&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aHpUuX-6gWHN2puGP_rvCIX4UyaLq6rjjOi0jLoVv6w4I HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aHpUuX-6gWHN2puGP_rvCIX4UyaLq6rjjOi0jLoVv6w4I&google_gid=CAESEKBFYSLdS734v_zdNrfZJLE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODM2NjcxNTc1NzAwODUyODA2Ng%3D%3D&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aHpUuX-6gWHN2puGP_rvCIX4UyaLq6rjjOi0jLoVv6w4I
Request Chain 262
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CKftRfqQ6Zb_kH5aA9u8Pn4Sn6A6e-qbDc-yB7c-2Esf43Zi6ARABIKK2oylglcKpgrAHoAG5ysWKA8gBCakCxy3vrC-1sT7gAgCoAwHIA8sEqgTcAk_QyxK-ZeK3-xWL3mT06x6GkCmjVMzwziGATqUcFz91OvlajaEKIr18smyHTGTQj_VmLchCP64ePMyoV0CpnWNw6bIPyHpJTARteey9FI0LnYy81sK63l5XzrEG0iu2iyC__XRM1KFG3VGWtBUe61Z3QeYxqYzbusCOx0mEcXNjlmYHDe-S2GHzfMT2thVQoT7DK4Ti_Wne0uMeB1S292ZB34Wv6xXAEk9E-H4HJb541htq5rgE2fGti4b3f6isLaRbAaqByWKJWzxqnc8VI5rZcWY5LJz6vQMf-3yg--zZxHbPW5IJE28IRWoHttfYHf3gqh38tciWTGRALwXsvKbfCfLgNuhmJE64T8TR1y72OLUFLjsC0Fs1d5Sz90bBVcHilT-uyh__i9TYLEB3-unQw6SrEUBJJQHDuo1f9qkHw91WTdwFOCePFuQKPgWmBezpqXwIX2bHz8pk08AEip69vL0E4AQBiAXp0YiXTJIFBAgEGAGSBQQIBRgEoAYugAe1o8B1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQou0k0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJH2h0dHBzOi8vd3d3LnBvY28uZGUvYy9wcm9zcGVrdGWACgPICwGYDIjAr7PMBKIMDCoKCgjktLEC7rWxAuINEwiN9OyDoZSCAxUWgP0HHR_CCe24E4ME2BMO0BUBgBcBshceChwIABIUcHViLTIyMDExMjE5MDUwOTA3MDEY4o0Y&sigh=r93vZJZlung&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNgdvbIZp9K7cMdozC7R_MbozDPg567H-npiwqe_BMT5E-TxlrnInsWAvsI6tfvhADlpQaawIEyhgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224900255985545672250%22,%22debug_reporting%22:true,%22destination%22:%22https://poco.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827417913%22],%224%22:[%2210-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223765623889962958577%22}&andc=true
Request Chain 289
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=now.com&sn=ChromeSyncframe&so=3&topUrl=news.now.com&bundle=mW0NPV8lMkJPUWdoY1hTMmprMVkzZTAlMkZWcmlLM1FTY0FvbnUzZlZiS3M0dWFzTHRYa0lGVjFCcUgydHNnMWxKeEFCV1NNTEk3SmdTamUwSXU5UXFaOEkzMU45N3FGcm91diUyRlVKeVdKUDFjNFNwQ0M2R0RwOSUyQklBMWw3Z2FNb25BbiUyRnpqN1JQSDQxRjI3MUlDaExGc2l5RTAyTERRJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=1oXaEHxTNWRCdFBybGEzSmRKVnpLdnN2ZnFGbXUrVjgxRUJqTENvZFBJVG42d0VaMFJ6UFhFMlAvek9OaGI5WXZyU01BNHlGUHZYV0xqWmlSUzZYdS9VMkpjMHBlWUZ0NWxwU1hRZTFKOGZmSmRnbjR2ekM1bDltQjNMNUdIWFk1bnBtcnFKVFY3R3hzN3k2cDRLOTRjT3pSSTNDSkV1aUw4SGJIbEh3bGxZWVhIeFEzWGRYQ2NwNmhXaGxYeGg5MmZUSzlCN2VNQmViaEVQanNmMkpPUVc5elNMdWMvemlnL0dGUXpqSTllN1RleEc2OFBYdmJnWGhURk1pQjN4UTVPMlhudFduYmhKOWVPbklXa0dSZ3pNWkdMUT09fA&cppv=2
Request Chain 311
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 312
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 313
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS
Request Chain 314
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=607162672804343453&gdpr=0&gdpr_consent=
Request Chain 315
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294323411853768851&gdpr=0&gdpr_consent=
Request Chain 316
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=7aac2e20-a45a-4291-89ec-64d9f40d4fdd&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARiCyeqpBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBELrNW0Z0JhHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJDdhYWMyZTIwLWE0NWEtNDI5MS04OWVjLTY0ZDlmNDBkNGZkZA** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=bacd5b46-7426-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=7aac2e20-a45a-4291-89ec-64d9f40d4fdd
Request Chain 317
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&gdpr=0&gdpr_consent=
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O8TChM_iRJSg0KoglLqwYQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 320
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3105973160 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3BC4C284-CFE2-4494-A0D0-AA2094BAB061
Request Chain 321
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3BC4C284-CFE2-4494-A0D0-AA2094BAB061 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZThsb0kweWhPTlNUc3k4N3RUVVZ2VlZkdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=203178507029476429&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0JDNEMyODQtQ0ZFMi00NDk0LUEwRDAtQUEyMDk0QkFCMDYx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECj5rqes7Ta7RQwyLih1pAQ&google_cver=1
Request Chain 325
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=203178507029476429
Request Chain 330
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTqkfxrxa4-9s94V3BXI2AAA%261218&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTqkfxrxa4-9s94V3BXI2AAA%261218&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6a9a565b21ee464e93ab924cd5480557 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-BWK0AJsXCbrmbLxuCG098dhFjWSj7o5JxUP55A HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-BWK0AJsXCbrmbLxuCG098dhFjWSj7o5JxUP55A
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_cver=1
Request Chain 332
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 334
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714153218&external_user_id=3a965bda-47a5-4959-96b5-8abe50934f4e
Request Chain 336
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q
Request Chain 337
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hYYVdyFNTHv22ChCeyjK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218&tc=1

333 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request player
news.now.com/home/finance/
Redirect Chain
  • http://bit.ly/2oIvDQR
  • http://news.now.com/home/finance/player?newsId=180275
  • https://news.now.com/home/finance/player?newsId=180275
75 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
6ccee20949b19bff02e82f51f20cb28b61a24b0f1abab6c887065aa9e027e593

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 26 Oct 2023 17:40:08 GMT
server
nginx/1.13.3
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
x-amz-cf-id
UDDI5hXTuCOFBNldM3pvvq6RuFlEcrebQ9MN3r75Ha2JJ_yK6Vn95w==
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 26 Oct 2023 17:40:07 GMT
Location
https://news.now.com/home/finance/player?newsId=180275
Server
CloudFront
Via
1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
X-Amz-Cf-Id
QqjkMasj3PbDeOgjv9If0nd8O8PT2XX-uSWZmtHvjWOLVoTebd72Cg==
X-Amz-Cf-Pop
MUC50-P4
X-Cache
Redirect from cloudfront
news2014.css
news.now.com/revamp2014/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/css/news2014.css?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
1ea1219ed6ec3c76cf953f0e0ea3732219e214f66a85447a81fa6bd5426df759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:36:03 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 05 Sep 2023 03:03:11 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
531
etag
W/"64f69a6f-3a14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
T-mnHeat1eEcJgeYZEjNua9JkxThH7wqdC2ItxSsZRD9mZjRMrdIew==
for_dark_mode.css
d7lz7jwg8uwgn.cloudfront.net/apps_resource/web/ 		650 B
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d7lz7jwg8uwgn.cloudfront.net/apps_resource/web/for_dark_mode.css?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:c400:13:6c41:f5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
18af810bde060d9088e801deb820b04346316b9b0c8f62e60c91530e6edfeb1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:11 GMT
Content-Encoding
gzip
Via
1.1 2551fa016e0e39646c40c584001d7b4e.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Sep 2023 04:17:49 GMT
Server
Apache
X-Amz-Cf-Pop
MUC50-P1
ETag
"28a-60480cb14a92b-gzip"
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
271
X-Amz-Cf-Id
PxbgpyJB_KTGOp8yoOF-YD38t4njjMrR1rw397aSe_EpEtJF1qYc3Q==
details2014.css
news.now.com/revamp2014/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/css/details2014.css?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f3cbc4e1f72dbf1eaf4a2fac1e4a3127c856fca42456fd6fa6fd3e8026d8454d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:58:58 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
6
etag
W/"5b1f4502-3245"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Nj-uK9Mvf6LqXZwLxTwH0kSk9P86ENIhGQAhD6QTcYb6bh0v0gtzYQ==
gpt.js
www.googletagservices.com/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92337e7cc6af0ec0dd3bb341878264a8454b5a1525a094bdc167b4ba0b233cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29844
x-xss-protection
0
server
cafe
etag
657 / 19656 / 31079134 / config-hash: 18294707092208642472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:10 GMT
prebid7.39.0.js
news.now.com/revamp2014/js/ 		262 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/prebid7.39.0.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
5a22f4b8a01844ce4ece06b04e9d534e15559a8ed8f2ae3bef9ad1dd81a71048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 06:22:35 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
74
etag
W/"64097b2b-41759"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
3TV4KDaSdG-2UwNloxo_OWXA3ERAjForyDHQEbDgDdUXSt67x4Q_oQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 23:02:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
585485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 23:02:05 GMT
jquery.sticky.js
news.now.com/revamp2014/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery.sticky.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
cb9c05d4b62c00e9fdd2d17b82f330d5904a4564d6595c3c6b3b02c2407a7237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:09 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
293
etag
W/"5b1f4509-1565"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Ijtx9vUl9ydlmS5a1M5dS5jC1oRJ9cr6c6VHQUNxmMJJnEE1u1DE1w==
jquery-ui-1.10.4.min.js
news.now.com/revamp2014/js/ 		223 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery-ui-1.10.4.min.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
600759407fde32ff7bd3acc8db8a41f170a137c8bf48d2a2ede342111776c027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
56
etag
W/"5b1f4508-37cbb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
elVYS16WwyhhAV1TuWssi83_4irg3Gg1R5CHYmNOLAQtdC8i6P-zVA==
dfpAsset_prebid.js
news.now.com/revamp2014/js/ 		28 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/dfpAsset_prebid.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a95b5bcef02399a965578cd460191a02c965331e2e4ba57e2de228c41fafd175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Fri, 13 Oct 2023 02:04:23 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
105
etag
W/"6528a5a7-70b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
-CGxFgT6NBXtWu7bmR5NOkscaMjNsi7TcOaX_Kwj9JP9ilhRNjusKw==
NowDataService.js
news.now.com/revamp2014/js/ 		1 KB
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/NowDataService.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a431ec20ecf46b014126e17830d94b90642cfc90b55f4142988683a4557b4e86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
294
etag
W/"5b1f4509-459"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Hie2w7V-uwoSpq-QPUBFGbVp-aY8tUm8tjNnIAr0BRJDXG5PhexZLA==
fbSDK.js
news.now.com/revamp2014/js/ 		699 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/fbSDK.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
e10ad5cbaa8e43bdde1151ae38bfe94d5514476e4302aacd8c8bfd9f7e60228c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:09 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:01 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
293
etag
"5b1f4505-2bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
699
x-amz-cf-id
IPMwItPukN0nY1_oUnk4NYVXgV-eqTpdWmcQ8WCNqXE7SksIWlL1iw==
jquery.fancybox.min.js
news.now.com/revamp2014/js/fancybox3/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/fancybox3/jquery.fancybox.min.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f2ab01fbf0fd27972b021b33e66c9fe6af549750db2e466be42c03bda4aa337f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:16:40 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
60
etag
W/"64f5ae88-fc9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
SP1nhtau4xL9sEFwZXh0vHViXV5toWlmzFpgelBRLjMXI82rTPo8Pw==
jquery.fancybox.min.css
news.now.com/revamp2014/js/fancybox3/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/fancybox3/jquery.fancybox.min.css
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a02fd0f27a964a5a756e48b71edf6044259a7b0e67ebf1cd935d074f86845f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:15:19 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
42
etag
W/"64f5ae37-3664"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
v9OsMXHzqy0Aq3Tk07cYHsIv0PNURh3VdeihPbIvdxWtJiHlvgWLiw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fee81bbe8f12f8d0482c38cba7ec2682ffc6d4a9c84756dee0df14c30bb7bb58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127080
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:10 GMT
PrerollManager.js
news.now.com/revamp2014/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/PrerollManager.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
c9344b8a1ead8004c66b22b3b928fc366feecf1190c9076b742479b381869e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Thu, 12 Aug 2021 09:15:24 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
199
etag
W/"6114e6ac-1a35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
T5GWb4N2rwOcV_Ft6aMm9EZVCfyNVdZSUYFRD5xwFZofjHHnFoNZfA==
hls.min.js
news.now.com/revamp2014/js/ 		192 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/hls.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
e7608a6ef5ee8696f943b03e4484d31e88f4477122b8b07ac90bb4cd0a5d6d87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
225
etag
W/"5b1f4508-2fe07"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7FNR6BFuZubANBXNyoo2JCY-aJA_KTore0enh_ph4YWpOZkFV-15mw==
galleria-1.4.2.min.js
news.now.com/revamp2014/js/galleria/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/galleria/galleria-1.4.2.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
343faa4d06dd00d04cd6632c215c96302faf1525f82be005a14959f71e68d383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:02 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
42
etag
W/"5b1f4506-123fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xqokF57jpBTouL7upCJ9belZLsb8MmckHJBDFN7qtZonaX5OIIufmg==
purl.js
news.now.com/revamp2014/js/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/purl.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f2147f9733c2bce48a9ff4d3119d9b49ae937f5ddb668dc995c069213b80ff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
60
etag
W/"5b1f4509-517a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
jAi0pGYZPV9cjZcv8NdMhuAj0854dS8HJopxZQtJ0D_RgKHWdPib8w==
jquery-scrollto.js
news.now.com/revamp2014/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery-scrollto.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
4ee077691591a1f8bd7da317ec4a6eda9012731327c257d9e420a51d0ce4f738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
42
etag
W/"5b1f4508-1e1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
5xUqD8meER_ERVrJCG7yLWbbQSnGPQ_71_mX-d4FREhtc26C0SUTGw==
jquery.ba-resize.min.js
news.now.com/revamp2014/js/ 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery.ba-resize.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
199
etag
W/"5b1f4508-44a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
odwhC7qmr4vvzLODdSh4Mc4kUol69lydLmN4fIw3nD1bl2eFQJm3Mg==
common.js
news.now.com/revamp2014/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/common.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a6e32ba84c2ab8c848dd6eae7947339165a698c673ba7d89f9a9221623c63322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:36:03 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Fri, 28 Dec 2018 01:27:00 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
294
etag
W/"5c257be4-13cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TWqmMB5qzzlWfxXnKzMUXq1_Ht7r72QcHHr27zMLyMDGP9FLk2wvKQ==
swfobject.js
news.now.com/revamp2014/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/swfobject.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
202a07bd11e26895b9365d248e422b15e17f3e3c96908c2211d21cefe9bbcfa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
5
etag
W/"5b1f450a-66df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
HAoku1dVCyiIV34uJ2mrsrXR5-hTgzpoqqlxxmX-VO08yUNJTC0FsQ==
jquery.ellipsis.min.js
news.now.com/revamp2014/js/ 		1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery.ellipsis.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
88b9f6d2a1527d6ce7f2c0566829c0cf993cb82bc5592c4cc61bf86d3eeffebd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
294
etag
W/"5b1f4509-472"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
rTViluY9hZFrYdvkPEDIfGTc197PNzUMcIxlvEceqYWDYxVZoM3kLg==
details2014.js
news.now.com/revamp2014/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/details2014.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
8a34b787192eae0468e950876215956570551db61dd60b4b2b86a79e29e06125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Mon, 16 Nov 2020 08:18:23 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
42
etag
W/"5fb235cf-581d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RvgxL0e1IAQKSlMRD7Xtr6jEalHHL5E24CaomKeaPBvnTGaTrgGprA==
logo.png
news.now.com/revamp2014/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/logo.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
30927b9d1159b5b5ce3a27acf00240b57b057edf55f13d2311e5bf3d36e7caf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 09:41:57 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
87
etag
"638f0e65-16fc"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5884
x-amz-cf-id
JZgglOYipcEBc49h-gvyTTFmg2sYcFc8EPlF5P3pUhoPorBhVt6ZPQ==
news_logo_s.png
news.now.com/revamp2014/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/news_logo_s.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
2da32cb1008ba22bdd6897e5d4dac7d8347ccea5232c2857be197fd12dbf42c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:07 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
468
etag
"5b1f450b-9f2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2546
x-amz-cf-id
Bm2pyalTZ3-19AFgexYVa4TfoOWuta4SGNYgcyNDV8nKg7PHSqlf_Q==
nav_tvIcon.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_tvIcon.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
760d46c5a3ddd5fa22deaf6d8b0b5dd24b52b6d238d723249ce3acae5d36363d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:36:03 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
468
etag
"5b1f450a-644"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1604
x-amz-cf-id
J4xslfTQWEqyHrJy72S8XDlADTMgZQFnX3CCxL-3DXXJZ-HU89mnzQ==
nav_live.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_live.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
ba48cf7d98447c8fcc814530db8c3a11c304c6fbb58e08025d0c1e969299f468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:36:03 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
468
etag
"5b1f450a-69e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1694
x-amz-cf-id
SA25U6i6hUYxu_W3fn54pHArebqk0NrbEsFkqnVKvc9qRYXmUfCi2Q==
nav_local.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_local.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
00542816b8dd2f88975870804e28037af26018be56d344b511bba5f702c885d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
468
etag
"5b1f450a-597"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1431
x-amz-cf-id
CX8ITXDok8caezVf8f9RHO95U3bf14lJABt6dMIZAc9mYGxkA0MLNw==
nav_inter.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_inter.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
047e1939c455d37c4b116cd710a2db7595e9e99e53ceed4debe089f5784a181d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
468
etag
"5b1f450a-6bb"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1723
x-amz-cf-id
hjbaHMZsh-WYjCLaY1LYTaJK_zpmUeITRPnwgnd9BurQ89maeJ0J7Q==
nav_entertainment.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_entertainment.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f2ace50bb25918dc9ec3d527747a6e05797178501634deedc88cb2b66ee42743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:36:03 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
398
etag
"5b1f450a-61c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1564
x-amz-cf-id
wZ6KK2sYXJyw0aSrAdYCq8hEMDxcRu0TEpzZS1syvtvCJWejOuEmRg==
nav_life.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_life.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
67a5a9bfa7f03d99269c5fbed8d183e39682380c2d54061778676e46b64588d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
361
etag
"5b1f450a-58c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1420
x-amz-cf-id
c8_yexRQvT5ZvSZtGYG5J9NUPogUD9QQDqJS0RVM_PHoby8DXkpWwA==
nav_tech.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_tech.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
2a05843c975829b9363d4d2ee2a03bf6a0d078710a50e312eaee55a274ff396d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
361
etag
"5b1f450a-6f3"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1779
x-amz-cf-id
j58Sd56WTlmB2-UaVNCBMzV_q5S6NxBWImOSRB4pnxuA1WOUTxPikQ==
nav_finance.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_finance.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
5e373ba1aca5167b4fb0fc7d897d6af3267c7317028d5e8559f96783fe4df689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:36:03 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
361
etag
"5b1f450a-5b7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1463
x-amz-cf-id
xs7nqlREucjq7P6dnlZEbLKlJXZSPKA3LmfH94htsSdnN6ZfLUaf1A==
nav_sports.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_sports.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
bd5e9ffd9078578f0283d3fbc784cafa65d577342664c3feaa305ba978b67549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
361
etag
"5b1f450a-57d"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1405
x-amz-cf-id
O3N0P15K4aLUM8W5zyIOvR_tGksk-Y1wF693lICBhPNSc9989XROKg==
nav_tracing.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_tracing.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
41e77d4a4b376a0e685421f0955f9c9f24f058476cf04d42862f483d16c91db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Mon, 07 Sep 2020 08:41:12 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
398
etag
"5f55f228-8a7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2215
x-amz-cf-id
UbPenBChANV2V-DPPLNkNgaf9ejjJK-2KONy0mfuKMMtL74ZOptlCA==
nav_feature.png
news.now.com/revamp2014/images/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_feature.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
5c71f73f83722c55e8af961cb99bcd5f1af29f9561b143c2f86f456ba326c581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Mon, 07 Sep 2020 08:41:15 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
398
etag
"5f55f22b-36c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
876
x-amz-cf-id
kpV4fyaWvjoYU2nWtekksl0WSYJbhDWEGpTtSi4NL_OfSacnNxaY4w==
nav_opinion.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_opinion.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
930422fbcaea60d7e46c7f00093c6a082e3425b8118e176659c334b5b8599a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Mon, 07 Sep 2020 08:41:19 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
398
etag
"5f55f22f-5a8"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1448
x-amz-cf-id
_PhnudWlsc_5o6AzFkoL-mhx3FG48H0OINIORNMgUt5YsMcLl-8I5A==
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c803095488b70db29af99f10d32d108b2103f26f94645f2cf2506811d23fd071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://news.now.com/
Origin
https://news.now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 17:40:10 GMT
content-md5
9PWHxWkJqP8OK7sYrPdjkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
EBQ1bgNELi4eFQxIZeGotZjHOUgUg4zpvJ90JiqwARzaSNcZInyba4QgTwf0EZgQ0xE+TOwJae5pTC9AISm6Dw==
x-fb-content-md5
d9d7efe8cfea4f3fce80231a4313f095
cross-origin-opener-policy
same-origin-allow-popups
etag
"afa5eb3b1a766e1c46acf62cf9cdc807"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:47:44 GMT
logo_12.png
news.now.com/revamp2014/images/providers/ 		169 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/providers/logo_12.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
1e6d31cd37b39297deea85d991eca951f1bf094f9c711149b50b592b4c2d21c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:12 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
312
etag
"5b1f4510-a9"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
169
x-amz-cf-id
6bOq44Tqmjrwoia3l97rUPIU1e2RFZdJikuFJ1w3eP-72fwYB39KxQ==
ESTORE.ZALORA.1630.260516.jpg
images-news.now.com/newsimage/NewsImage/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/ESTORE.ZALORA.1630.260516.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
299a37af4de83d9057d9045fb0b3d3dc2c5f9fca67576b901f0d3291fe3374fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:12 GMT
Last-Modified
Thu, 26 May 2016 09:15:22 GMT
Server
nginx/1.6.0
ETag
"5746beaa-11932"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
71986
CN.DATA.SOT.1310.140318.jpg
images-news.now.com/newsimage/NewsImage/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN.DATA.SOT.1310.140318.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
0a96478c58865df9360779cb314e3509454415fbe301fb4532e871cfc9417db4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:12 GMT
Last-Modified
Wed, 14 Mar 2018 05:33:49 GMT
Server
nginx/1.6.0
ETag
"5aa8b43d-1caf2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
117490
HYSAN.CNY.1310.230218.jpg
images-news.now.com/newsimage/NewsImage/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/HYSAN.CNY.1310.230218.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
d326c6ac9a57ce1f12c37ef462f21a0259e5c66cfa812b741a613dbe1d2798e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:12 GMT
Last-Modified
Fri, 23 Feb 2018 05:50:38 GMT
Server
nginx/1.6.0
ETag
"5a8fabae-121de"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
74206
ECON.OUTLOOK.SOT.1310.150218.jpg
images-news.now.com/newsimage/NewsImage/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/ECON.OUTLOOK.SOT.1310.150218.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
4f44c40f9c1d3406d9b18f2d75def6d376f77efa606cc40cb21ffb1d3a0889b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:12 GMT
Last-Modified
Thu, 15 Feb 2018 05:56:16 GMT
Server
nginx/1.6.0
ETag
"5a852100-12534"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
75060
GPAPER.310118.2.jpg
images-news.now.com/newsimage/NewsImage/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/GPAPER.310118.2.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
0d808b75fb4b708cc7d9becc395df04dc12edadf0f43cdc10e969a13c5f9e734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:13 GMT
Last-Modified
Wed, 31 Jan 2018 05:36:00 GMT
Server
nginx/1.6.0
ETag
"5a7155c0-12603"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
75267
RESULT.HANGLUNG.SOT.1900.300118.jpg
images-news.now.com/newsimage/NewsImage/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/RESULT.HANGLUNG.SOT.1900.300118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
8a4aff713622487b6e5611dbeb85bb308cc3b1980661c59770c9034dce1c2864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:13 GMT
Last-Modified
Tue, 30 Jan 2018 11:13:09 GMT
Server
nginx/1.6.0
ETag
"5a705345-17721"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
96033
GPAPER.120118.2.jpg
images-news.now.com/newsimage/NewsImage/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/GPAPER.120118.2.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
803fa5e667cec8cd38fbfa095952c91f6bcb24f912941511b4f8cd49568abbf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:13 GMT
Last-Modified
Fri, 12 Jan 2018 05:45:30 GMT
Server
nginx/1.6.0
ETag
"5a584b7a-112b7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
70327
ANN.XTEP.1645.090118.jpg
images-news.now.com/newsimage/NewsImage/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/ANN.XTEP.1645.090118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
351fcf881cc7cc86fd9d042fc943123f76abf6f3d944238563a5d4f36788bcb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:13 GMT
Last-Modified
Tue, 09 Jan 2018 09:37:17 GMT
Server
nginx/1.6.0
ETag
"5a548d4d-114d6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
70870
HK.RETAIL.1900.030118.jpg
images-news.now.com/newsimage/NewsImage/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/HK.RETAIL.1900.030118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
c783365c8b336d69f3135b35654e1b5c81ed021135387f33f341d7768d63f1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:13 GMT
Last-Modified
Wed, 03 Jan 2018 11:11:19 GMT
Server
nginx/1.6.0
ETag
"5a4cba57-df7d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
57213
MARKSNSPENCER.HK.1900.020118.jpg
images-news.now.com/newsimage/NewsImage/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/MARKSNSPENCER.HK.1900.020118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
3e6ac4147f1b6f455ac26b38fea6c2da6b67068db8f3b449ba309edcbddcae2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Tue, 02 Jan 2018 11:19:43 GMT
Server
nginx/1.6.0
ETag
"5a4b6acf-18864"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
100452
CN-SPACE-231026-22.jpg
images-news.now.com/newsimage/NewsImage/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN-SPACE-231026-22.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
8a1b671b1bb68101c2de7b74af27f0fad0fb0af17d17875f60ca923916a06a58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Thu, 26 Oct 2023 14:12:48 GMT
Server
nginx/1.6.0
ETag
"653a73e0-352eb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
217835
TRIAD-TM-231026-23.jpg
images-news.now.com/newsimage/NewsImage/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/TRIAD-TM-231026-23.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
3611f719dbff1f691cc50b0b2929364b9041cd8fc8c06084684ee05fdf7e7985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Thu, 26 Oct 2023 15:22:57 GMT
Server
nginx/1.6.0
ETag
"653a8451-ca03"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
51715
2023-10-27-00-26-46hnbOjyJf.jpg
images-news.now.com/newsimage/NewsImage/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/2023-10-27-00-26-46hnbOjyJf.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
6a0af38d4f493107ae69ee350f5235fac3dfb45b0ec5747bda308c7b6d11b3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Thu, 26 Oct 2023 16:26:15 GMT
Server
nginx/1.6.0
ETag
"653a9327-2869c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
165532
MEX-STORM-231026-23.jpg
images-news.now.com/newsimage/NewsImage/ 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/MEX-STORM-231026-23.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
b0c32e4eb27dbd3be54ba520539f71a70113e85214ebb75cf1570cc74228a6bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Thu, 26 Oct 2023 15:28:31 GMT
Server
nginx/1.6.0
ETag
"653a859f-37e50"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
228944
DINE-WINE-231026-23.jpg
images-news.now.com/newsimage/NewsImage/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/DINE-WINE-231026-23.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
82e8ef66e73e23973d7b68a3ccdf85ce6ce77e286d6f2273b48d0de333dce1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Thu, 26 Oct 2023 15:18:27 GMT
Server
nginx/1.6.0
ETag
"653a8343-2c630"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
181808
CN-NEWSOM-231026-22.jpg
images-news.now.com/newsimage/NewsImage/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN-NEWSOM-231026-22.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
d7425db8bd4bd78e2ed69f590bbdcd3ff644fd3b50350b92fb526eee6bf4251b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Thu, 26 Oct 2023 14:07:47 GMT
Server
nginx/1.6.0
ETag
"653a72b3-2a933"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
174387
2023-10-26-22-36-49FMEI8f78.jpg
images-news.now.com/newsimage/NewsImage/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/2023-10-26-22-36-49FMEI8f78.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
2e389356fbc2ee46542598aa455caf9615a6098a34163de7e12b462f0e53e6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Thu, 26 Oct 2023 14:36:18 GMT
Server
nginx/1.6.0
ETag
"653a7962-2a00c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
172044
CN-LAUNCH-231026-22.jpg
images-news.now.com/newsimage/NewsImage/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN-LAUNCH-231026-22.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
3f1311e529dc988c4a95d30691d60e13252db95299eeb8732041e40357b56601

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:15 GMT
Last-Modified
Thu, 26 Oct 2023 14:07:27 GMT
Server
nginx/1.6.0
ETag
"653a729f-13c57"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
80983
CNTW-CARRIER-231026-21.jpg
images-news.now.com/newsimage/NewsImage/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CNTW-CARRIER-231026-21.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
f011c6e9cd89df9239e1faa2b250d61d662a58b1cb01ad1c350520e6d4716dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:15 GMT
Last-Modified
Thu, 26 Oct 2023 13:34:14 GMT
Server
nginx/1.6.0
ETag
"653a6ad6-1e601"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
124417
CNUS-DEFENSE-231026-21.jpg
images-news.now.com/newsimage/NewsImage/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CNUS-DEFENSE-231026-21.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
542ef50029ccae2d686ee82b4fa08838d498798cd52ed33055859ac5f4c0702b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:15 GMT
Last-Modified
Thu, 26 Oct 2023 13:30:21 GMT
Server
nginx/1.6.0
ETag
"653a69ed-12f8c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
77708
ad-MiniBanner-300x60.png
news.now.com/revamp2014/images/ad/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/ad/ad-MiniBanner-300x60.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
dd0cd96175da0d806a3d8617f2b562e7acafcc8493d1105f40a3ce29e07c3f1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:01 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
199
etag
"5b1f4505-2221"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8737
x-amz-cf-id
yZDelmUwY4AXL9efoIotXv06jggNjOxvPe12btdayPQfSa5vXhTqWw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 26 Oct 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
25424
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134989
x-xss-protection
0
server
cafe
etag
2612702921649259081
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 25 Oct 2024 10:36:26 GMT
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/js/fbSDK.js?v=20221206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c803095488b70db29af99f10d32d108b2103f26f94645f2cf2506811d23fd071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 17:40:11 GMT
content-md5
9PWHxWkJqP8OK7sYrPdjkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
EBQ1bgNELi4eFQxIZeGotZjHOUgUg4zpvJ90JiqwARzaSNcZInyba4QgTwf0EZgQ0xE+TOwJae5pTC9AISm6Dw==
x-fb-content-md5
d9d7efe8cfea4f3fce80231a4313f095
cross-origin-opener-policy
same-origin-allow-popups
etag
"afa5eb3b1a766e1c46acf62cf9cdc807"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 Oct 2023 17:47:44 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 18:17:52 GMT
content-encoding
gzip
age
170539
x-guploader-uploadid
ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 23 Oct 2024 18:17:52 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 25 Oct 2023 08:33:57 GMT
server
nginx
etag
W/"6538d2f5-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 17:40:11 GMT
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
258330
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81c47ba26caa9a1e-FRA
expires
Sun, 29 Oct 2023 17:40:11 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-12.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 04:01:06 GMT
content-encoding
gzip
via
1.1 ad6a59dd9fdc1afb57f7131fcd96bf20.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P3
age
49146
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
u-6VfQqg1C5uoA-ziyJh6c60l4Cr9Bh_7fjCr3PC0aDLrtbl4rpGBA==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40951
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qp2E5Qug8zW9AerNNUmpySX82I63t%2BIrNmSXB%2FQT1wm%2F2ErBUBJg7xYsMLJji0fORukykOinIzXoKhs4GcH8WdnMZy0l3%2ByNpNIvx4xYMynOb6mU09b%2FQsyxhv%2BDjPM7fm0miToZu81xl38QTkY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81c47ba2485a18d5-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
JWJDAN1XR6GATQDQ
age
1354
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81c47ba299213a86-FRA
x-amz-id-2
Ef+zRSY5m1l5O/qNEP9qXrov5kpci+PWBE+duOZn8RfWRfK8fxpzs/23mChcD+sxFKSVyfSeJCnE1vDWU3gxhg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:4400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 26 Oct 2023 05:50:54 GMT
Via
1.1 c414bd1a4ce7ace94cbfdfa8efcbe5a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
Age
42558
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
dmDDKviDGCf6UmF8VIeYGQ9SDr8vMOFNrKuFGQ5ZCmnyBkkoEc6h9A==
gtm.js
www.googletagmanager.com/ 		185 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF2BBNJ
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2d9f218d6df31e1bc66cb7ecb1779ec7a2172c61060f0d00e16d8ccf3f8e9dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66515
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 16:24:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 17:40:11 GMT
MediaPlayer.js
news.now.com/revamp2014/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/MediaPlayer.js?v=20201116
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/js/details2014.js?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
bf967bff3592ef6bf5a82056456fd56519db1e4face88a7eeaaa982997c1f632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:10 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Mon, 16 Nov 2020 08:28:08 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
225
etag
W/"5fb23818-17bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hfa0W-CtVT7q_yLAvY742syJTzanlia16cROIAbVbmHAata0uzq1Uw==
prebid
ib.adnxs.com/ut/v3/ 		19 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/js/prebid7.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:10 GMT
an-x-request-uuid
72e451cd-f988-4290-b21d-7b46f46b301d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.100; 80.255.7.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3977195431966550&correlator=2420235486658261&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fifs&iu_parts=94348418%2Cnownews_web_fin_SB%2Cnownews_web_fin_LR01%2Cnownews_web_fin_LR02%2Cnownews_CP_LR03&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698342010967&lmt=1698334810&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=1627611075.1698342011&ga_sid=1698342011&ga_hid=321619123&ga_fc=false&dlt=1698342009953&idt=789&cust_params=pathname%3D%252Fhome%252Ffinance%252Fplayer%26Now_newsLive%3Dfalse%26Now_newsCp%3D12%26Now_newsId%3D180275%26Now_newsCat%3D121%26Now_newsTopics%3D&adks=494382883%2C319731832%2C2582627014%2C3588068213&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40348bd2a8261eeb5c334f3a76952b89d9239b85dcc56014f8bc0091f551750b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17967
x-xss-protection
0
google-lineitem-id
5182368892,6032896793,5181489535,5750743861
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138289048723,138451396154,138288748646,138358299502
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 131C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:11 GMT
expires
Fri, 25 Oct 2024 17:40:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nav_shadow.png
news.now.com/revamp2014/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_shadow.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/news2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
d8214cdea5dae097d6cfae256ea88ba7df3ad9a84235b78a1a9d055f36737ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/news2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
141
etag
"5b1f450a-290e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10510
x-amz-cf-id
zp_RBonTWcgJB1EiXZAkU97QixDOlpK3X-eYEba_2EdPgXQ3rPtAlw==
btn_close.png
news.now.com/revamp2014/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/btn_close.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
110137320b8035098fb7a7ee65363c448392049b9924832025b7c8aeb8cabaa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:03 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
547
etag
"5b1f4507-d03"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3331
x-amz-cf-id
itbzkxX_V_7CctqLhCJZ8pq_Tx79Bk89UnB3rQQHIjqoZ7PGbUls3w==
btn_share.png
news.now.com/revamp2014/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/btn_share.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f1d574e210335ebe4eb6ee518dfe3ed13ba764af2f32bc5bd6e1747d524208f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:03 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
6
etag
"5b1f4507-18d7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6359
x-amz-cf-id
HHcI6_omAW7YeVy1xLXE_Ijn1s-35Nw3cJvIfKkAqdN777NnDwbKWA==
bottom_gray.png
news.now.com/revamp2014/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/bottom_gray.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
65b9dd8264c39b633050dc5c331690dfceddc682d0c2fd3b85743a8c6c27b937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:03 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
6
etag
"5b1f4507-b5e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2910
x-amz-cf-id
pFLfzqhN6ARowetGHivj0MM8Kx86N-VpNmUSA0SrE4RucLVnW364mQ==
icon_arrow_down_blue.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/icon_arrow_down_blue.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/news2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
cf741a07d523ba87d5f3aa15491f5a4e7053ac7697ced9cf34c6bfc53b8c5bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/news2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
547
etag
"5b1f4508-558"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1368
x-amz-cf-id
HyugrE12Ru3jrg5B554ka-dGUz24ZFC-eUXkvZCrsljfX4JDUmMpMA==
fb-ajax-loader.gif
news.now.com/revamp2014/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/fb-ajax-loader.gif
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
354
etag
"5b1f4508-c88"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
3208
x-amz-cf-id
w2lQ7WZkvnHQ5YH1gJ0vvZD0tdwgMajyI840v2qnZM3Fmb8NFuPK0g==
sdk.js
connect.facebook.net/zh_HK/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js?hash=5f0323de152f9cdf1ef87306ce1cd6ba
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a9fa4e26745ca6df42cb672d6173aaf4d9bbde301a69780ae0d68d008a31665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://news.now.com/
Origin
https://news.now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 17:40:11 GMT
content-md5
VaPXjpdltHIkOuN+rSLTUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88461
reporting-endpoints
x-fb-debug
bLtnR3pQxJpVdTROSuVYjhnzNek6DA3p/MVyzF1CvRb4siEXRQdfDl6VlEyCk9wdb8w0sHAmLM5oBETEUy+x4g==
x-fb-content-md5
fb6201b18747dfe6958b50636d42b578
cross-origin-opener-policy
same-origin-allow-popups
etag
"3c174bcbc616c01d77cb13104a3e5261"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 25 Oct 2024 16:21:11 GMT
5
d7lz7jwg8uwgn.cloudfront.net/apis/getWidgetById/ 		90 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d7lz7jwg8uwgn.cloudfront.net/apis/getWidgetById/5
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:c400:13:6c41:f5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
a954a21036c289c48db4f3ffc3ad140fe3f975b542b0804db27cfed2844d1ad7

Request headers

Accept
*/*
Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:12 GMT
Content-Encoding
gzip
Via
1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
98
Pragma
public
Last-modified
Thu, 26 Oct 2023 17:40:12 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, public
X-Amz-Cf-Id
ZtxHRIVzpwjAxQGot8F3ddyXJQMsG-Owhifunb3U5XUZI5aw4PQIgg==
Expires
Thu, 26 Oct 2023 17:45:12 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 06:02:50 GMT
content-encoding
gzip
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
41842
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
74cajicGQwyEUjHRBy0dxBa-OxDw79Sx5zPOIc4vG_ZMySZ_zBr6Hw==
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 15:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6513
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 26 Oct 2023 17:51:38 GMT
getNewsList
news.now.com/api/ 		341 KB
93 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.now.com/api/getNewsList?category=121&pageSize=200&pageNo=1
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
b267eadfb3fd669a735ed0e272d8ad19e0544952a5da3431b758f4dac14477a5

Request headers

Accept
*/*
Referer
https://news.now.com/home/finance/player?newsId=180275
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:36:55 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
196
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
x-amz-cf-id
JkmMWePJpXb-ZwKipSBJXi2Tf3IUtzPE2CVsXHEHwuwyQn4oyTh1Bw==
/
graph.facebook.com/ 		252 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=jQuery3210030568243704033993_1698342010769&id=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&_=1698342010770
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:10e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6fbd39e50f759d76dd3d8d693c5f37168daeede57a6436568f2f929b3444bd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Thu, 26 Oct 2023 17:40:11 GMT
x-fb-rev
1009499837
alt-svc
h3=":443"; ma=86400
content-length
193
pragma
no-cache
x-fb-debug
a0rT1Ec5eH51omWNG9zsNdQvtoRsOrqvpfMjJa+FL9jGAyiGm7xhp/5TkCIumhWbBuGsMWo79BXYhqVLCr5UlA==
x-fb-trace-id
FZTQgaIClAm
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ACZKcfZqQw6T47ZoNV3zLNS
cache-control
no-store
facebook-api-version
v12.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
getLocalWeather
news.now.com/api/ 		824 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.now.com/api/getLocalWeather
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
00b66b4a0c5343e330f7dbcc66a763db6c5abe359ace3d9c060f9dfa9b9d8378

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://news.now.com/home/finance/player?newsId=180275
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:37:06 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
185
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
x-amz-cf-id
SVuYFFu1n6zEeKcy66leR8OpHKVGehC_GoIHo0cfYPDvIAIxgvfhsw==
addNewsViewCountByNewsId
news.now.com/api/ 		18 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.now.com/api/addNewsViewCountByNewsId?newsId=180275
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8

Request headers

Accept
*/*
Referer
https://news.now.com/home/finance/player?newsId=180275
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
x-amz-cf-id
QBgwMrj5Mk-w7c2DprlpXhJda5yPXUlLLDeeMMWZtfs2rExvgtbPGA==
getRankNewsList
news.now.com/api/ 		43 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.now.com/api/getRankNewsList?pageSize=10&pageNo=1
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
aa32625250b10ba8e01407f121191c9a14ddf2e82308953523ba6a12c2bb77cb

Request headers

Accept
*/*
Referer
https://news.now.com/home/finance/player?newsId=180275
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:38:30 GMT
content-encoding
gzip
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
101
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
x-amz-cf-id
pY6jiRRFgKTnf8xoO1VNuWpPXuzgoxwobr91rUEMdL8KRfY6lTUoFw==
MF.png
news.now.com/revamp2014/images/wearther/50x40/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/wearther/50x40/MF.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
cc95151ccc5e1da65516dd8e94e0766e134f32174a017b163fd2ffcefd4fb143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:15 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
511
etag
"5b1f4513-dc9"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3529
x-amz-cf-id
IUWlp4SyIVv0aX03jyp89k7gHcb3se64CcbdDfjXzTJtvrhBXHHtIw==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
85 B
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4551d77570ecbbedc886c24f2691a37f18c737f2f8f51030459784b5b4aee8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-z27R7lqfY0R8IzG+9PbSyZ5s+4Q"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://news.now.com
location
/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 0771 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.now.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:11 GMT
server
Kestrel
server-processing-duration-in-ticks
284245
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9612192&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698342011292&ns_c=UTF-8&c7=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&c8=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&c9=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
vkn2MnwnIU4X1QYyGxKNbraalf_wcjj6Eqlz9Y1nkajg2vSITWIe5w==
x-cache
Miss from cloudfront
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1502734636&utmhn=news.now.com&utme=8(deviceType*newsTitle)9(desktop*%23180275%20Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636&slf_rd=1&random=2596601051
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636&slf_rd=1&random=2596601051
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=1627611075.1698342011&jid=462188186&_v=5.7.2&z=1502734636&slf_rd=1&random=2596601051
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=515076798590105&input_token&origin=1&redirect_uri=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=5f0323de152f9cdf1ef87306ce1cd6ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
8BmEjT32yVDz27qIxoG/5tXejiNw4hJBqXPcUKMvMhhuDHqyiPy1++JWXbSa80pxxikqojGqhHkz9im6dU4kcw==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.64.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-64-164.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d006fbf009f067caf9254b634031264deb27d91606167c9304022ff65eaf19c0

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://news.now.com
cache-control
no-cache
x-server
10.45.26.106
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.now.com
date
Thu, 26 Oct 2023 17:40:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
btn_R_arrow.png
news.now.com/revamp2014/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/btn_R_arrow.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:8600:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
36441a620ddcfb86a6e6be9e2d50a239fa803b2c9e2f0703604a867389ecd9bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
via
1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:03 GMT
server
nginx/1.13.3
x-amz-cf-pop
MUC50-P4
age
597
etag
"5b1f4507-d21"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3361
x-amz-cf-id
7iN5flnXnZXpiVPw6MtH-Xs6m7tIFGb8plaFr5pj7-NNO8jtcBmVOg==
FIN-CRLAND-REIT-231026-1900.jpg
images-news.now.com/newsimage/NewsImage/ 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/FIN-CRLAND-REIT-231026-1900.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
2244114c0a3e483eb225679cbc5ca9751d9f93de0e0d5a01546fa00e140ff3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:12 GMT
Last-Modified
Thu, 26 Oct 2023 11:28:01 GMT
Server
nginx/1.6.0
ETag
"653a4d41-27a0a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
162314
view
securepubads.g.doubleclick.net/pcs/ Frame B33A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDrviTK3-CvgydWFsDhDC59Lsw5VGxH6pz5tOFR-bLX-HgOcr3ey1vUaHDlIQccWkfQccY-OWDbeu-0Z8ryjfC_Tnnalnp5R-9a6cn6UYTGV59S3vO3BEIawQH-2kJO6zPFVdwnQnJ8bYxeDUTkVfcswha_aiG0-ddPFbCtdo7NZ7mxHUmbCFhYsFSscx-Nu2-7xbX7E8ERx-d9sPJOQ--tD7qKuE5pjlotVv3qj-ToyaC75Y0YZsl8uFb8WkL2ihlNrTlUhhTcsJiq8uCwETdl89kCejkniEOFZxA7AwvJg3W8m4TGCg5IgZuefVcXYmZCiJMMsxpwJAeT6g9Kfe_M4UvCepL07vqUM4Nd3eQKKM&sai=AMfl-YSLA7Hy5ViNKQWg4GQ7Jbo0uqzCSzRicbd7WxRWMWPgwSQd1IHiFQEtznXRKm_eW47EbPSoMxRXoaB_y6SbxeFJ_EJLf7HY4Zm81D0GDmnB15sWPBlB6hyDdNWqB_X8UHybzgGFjnFg4Tni-SIw&sig=Cg0ArKJSzBiL-UzxeqGlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:11 GMT
admanager.js
cdn.innity.net/ Frame B33A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/admanager.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e5fdcb3ad3efab0d8678817b02ad5ae82c2199420dec06e01b33a8999f3283ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 04:08:47 GMT
Server
Apache
ETag
"298a-60896ba7af1c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3510
Expires
Fri, 27 Oct 2023 17:40:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B33A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:11 GMT
container.html
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 170D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:11 GMT
expires
Fri, 25 Oct 2024 17:40:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 267A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5K_QIBMgsNPrs4EQrJSqe4ltoLKFD2y_Q2_b0ndh-HLBeBWO_3akwK0xED9aRnWJyEe5_dKvtY5XOLI8KhLGISbjyGe2gebxYQIFVEqC-9Hym0GTYf-nMtPEf2qQHwL9iYvkfAvVsrTzM8oWAiZe1NkM_xmZrz5a54kVMUsig_qbahLU32XQH1fUjXX6vO4zuLo4G4RDRDEzLyBWElsEILqVV9wwAGjKdKarMt2SoK6epA-ZVbMc8aGA7x8YSYdKu750lOLYBlLDJppOBj0DbreQf1toOIQqmLuirf-klJ_n7L4-37x1CP256CQFHHjDOlJvTUS7Eod6fEp3KH6FEY27feyY-23ekmoXO9DtVt6iZQe8&sai=AMfl-YTBlXlXFW1M3-lp_8Y6krO5QyIzXEkaxxsaCLihpxGDh1oAioCGiK_oNPPnFwFlJBatko7ckCEcsvc7nhOxT2zESYFPggcCxEmGnVvRb0_Nt-loTA9U29Bcjdl5ehZtNCxxeI9RxJHWaQHJAwCl&sig=Cg0ArKJSzA9ik4EaRNBjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:11 GMT
admanager.js
cdn.innity.net/ Frame 267A 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/admanager.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e5fdcb3ad3efab0d8678817b02ad5ae82c2199420dec06e01b33a8999f3283ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 04:08:47 GMT
Server
Apache
ETag
"298a-60896ba7af1c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3510
Expires
Fri, 27 Oct 2023 17:40:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 267A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A41A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpmZyn3Psk3Tu5_fO_m1C3vsaVuAgKV09VRxzxEEUTte-I5GqRh58koagMu_dihZcS_LkZQnORt4LSY8WQZgG1HsfWWaq4RK5c5AkJAdurXHKPhtc1JlCECpfGbGV-UkTSUVcfBpIv-XQYUPfD5NbB39-rBE4nr1RnR6swQHvPBjJWbcPRsHHxjXgw358FDMcijHuMBpL-FKTaRbJvGILTU-9h1GWLaDXGuAmp0CGyKWEMKXZ5Q9f-GvtS4Y71wtHMxrUnfeTLkGWlIsCTfacZjiVfxENhYq0QUQbBIc3d6sZOjx5AaDMqaT_SFH5u7IzYmf41ZyKGig&sai=AMfl-YSb9PrkGEMpgyTIMnTp0mZGHAh3tdCuz_pg3_2j_IC10HAWXMjhtwTI6GXeB7YjAe86BSifPY8OQBpelEMRrvjgNaP9Zx3VVBv9q_r_4pMwRVz0plMimzrCBIWxVQo4r4RhZEpw9jybJJYjGzwJ&sig=Cg0ArKJSzNXhkeW2OsQNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:11 GMT
ats.js
anymind360.com/js/2193/ 		187 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/2193/ats.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b44c75bbe2ff7009ee3693779e7b5fc44067657f74b186b7fe2756e3a88dfb33
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 08:31:03 GMT
date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
32948
x-guploader-uploadid
ABPtcPq5MkqGdY7rrjfrKWN_KxtA5mXHtENw-3JcD7wpLQpUspnnRT0b8NZlbUxUO4T3AZ3Y8ecmrRQ_Xw
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42512
x-served-by
cache-tyo11983-TYO, cache-fra-etou8220066-FRA
last-modified
Fri, 13 Oct 2023 04:27:17 GMT
server
UploadServer
x-timer
S1698342012.729871,VS0,VE1
etag
"11e3f02bab676389f0ea1bb895e982b1"
vary
Accept-Encoding
x-goog-generation
1697171237393736
x-goog-hash
crc32c=eq5S6g==, md5=EePwK6tnY4nw6hu4lemCsQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
42512
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
6, 1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A41A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:11 GMT
sid
mug.criteo.com/ Frame 0771
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=now.com&sn=ChromeSyncframe&so=0&topUrl=news.now.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=bXfdLXx3d2hLN1BEQUV1NDE5TzJvaThqaW9hNnNEN0NJZWp6bHJkNXFQVFdadk5jU1ZNaGhHWm1PUm55Mzc1TjR1T0s2R3ZoUG9FOG5Xd1QwQnBJWTFKc0hJYmRYVWVWeU5KNHZ0a1cyQnhaUWpDRngwWG13VXZtNUhkRH...
430 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bXfdLXx3d2hLN1BEQUV1NDE5TzJvaThqaW9hNnNEN0NJZWp6bHJkNXFQVFdadk5jU1ZNaGhHWm1PUm55Mzc1TjR1T0s2R3ZoUG9FOG5Xd1QwQnBJWTFKc0hJYmRYVWVWeU5KNHZ0a1cyQnhaUWpDRngwWG13VXZtNUhkRHN0M3pzS1pvMnp2UmpLWnRHMEpxSTlrYkJuRlExekJwOUtJMmcxL2w2QUE4Wkc2eEh1ekRHRE50RTF0MEllWGJPb0lHNWNLM1Z6bHJFVVduTmo4SEpsSDRBQTFibThKcDZyY3I2Mmp2bHZ3d2FVU05nSHM2VEgyVWhqWG9VRGVnLzZyeVVtK2poamdQVmY0MGJ0ZGJ1dmlsekJTWTgwQT09fA&cppv=2
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44379cb7f862b97ead06b3a439ccfc8b18767a9b466c3b373333ea20971d0c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1087273
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=bXfdLXx3d2hLN1BEQUV1NDE5TzJvaThqaW9hNnNEN0NJZWp6bHJkNXFQVFdadk5jU1ZNaGhHWm1PUm55Mzc1TjR1T0s2R3ZoUG9FOG5Xd1QwQnBJWTFKc0hJYmRYVWVWeU5KNHZ0a1cyQnhaUWpDRngwWG13VXZtNUhkRHN0M3pzS1pvMnp2UmpLWnRHMEpxSTlrYkJuRlExekJwOUtJMmcxL2w2QUE4Wkc2eEh1ekRHRE50RTF0MEllWGJPb0lHNWNLM1Z6bHJFVVduTmo4SEpsSDRBQTFibThKcDZyY3I2Mmp2bHZ3d2FVU05nSHM2VEgyVWhqWG9VRGVnLzZyeVVtK2poamdQVmY0MGJ0ZGJ1dmlsekJTWTgwQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
316284
content-length
0
expires
0
3R6YIGVY.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/3R6YIGVY.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF2BBNJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a01::907:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-LA1-907 /
Resource Hash
b5067e032363589d65b0bd4a9480ab1136a7a6f29b8095abc01281f717039b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:12 GMT
content-encoding
gzip
cdn-edgestorageid
996
x-amz-request-id
TE8ZW42X0C89BVW4
cdn-cachedat
09/26/2022 01:50:53
cdn-pullzone
55316
x-amz-id-2
40RVYYC/cnNTgEoA4mpjH+95Q05DCOo1wwzbC1Lc5cGjPe3w9SAjh940mjdBxcUua7tEEyp4G2o=
last-modified
Tue, 01 Feb 2022 19:20:13 GMT
server
BunnyCDN-LA1-907
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"61c3d9199ce8b76667425b6af7672058"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
26ca080bff0f80e2db5a905604bd3f9e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF2BBNJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9edd17b9cfe246d54771ab1483b2a11ec027b88eb3deef2f48d2b6af6374fff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85625
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 17:40:11 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 170D 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
92071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Oct 2024 16:05:40 GMT
17358319621575740401
tpc.googlesyndication.com/simgad/ Frame 170D 		418 KB
419 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17358319621575740401?
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ce57f6a15d32c5a9a4440a9c7415c7880bcd46d217016b0e0c99725b068c2c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:45:41 GMT
x-content-type-options
nosniff
age
89670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
428469
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 08:36:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Oct 2024 16:45:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 170D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:11 GMT
truncated
/ Frame A41A 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f7c711b6a8e816e0a71ceda6abd52b8307fdea8f759c0b7286ce32b000d57fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A41A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvveHgDjNBDlThGTZil9o-eysFV-36eR1u68YsFgxIh8lDKkAEJgBCps3aphOAF2LbKReh_t0_zQU7zYVietstY0QKJpDR48VIm81mpABp4XcwBwa_FsX1R92uZAvyA0bZJKdqja7S6qnWrnvaHQtD6FHTfVmlnsuAUHQOmsXeQkP25Lcd8Aeh-u8h_aKJJn95GzPfOIAMkxixqntWHlpfgIYVp6z5OWhdkevV2mhDc3cWoLoiU5TPfr9crVeTlHU4-PpsyAZNVLogrk7JeDpRtPKWtH1KsDtB441oi1u8zD1Tfcd1mV3Uk3HC4Fs5xPpsLLGT7XuZ-rZaU&sai=AMfl-YRSdQcNKJC0UrTEzXywNrI3xt5VkjWl51lD6gV2OhakqQNqJSX_QqUjc0vK_nLtP5O4jMtR-kbie6Dr19U3iJLr3z5ROAaZJiy15m7wxIERJY2WGvFl5KPzPD4K0uavb54oSAz12G4rRhK1FJcq&sig=Cg0ArKJSzJnOzIG0uhxgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:11 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DGFECMB23C&gtm=45je3an0v893189895z8830088854&_p=321619123&_gaz=1&gcd=11l1l1l1l1&cid=1627611075.1698342011&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698342011&sct=1&seg=0&dl=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&dt=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&en=page_view&_fv=1&_ss=2&ep.now_platform=web_desktop&ep.now_page_lvl1=finance&ep.now_page_detail=180275&ep.now_page_path=finance%3A180275&ep.now_page_cp=Now%E6%96%B0%E8%81%9E%E5%8F%B0&epn.now_page_has_video=1&ep.now_page_title=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
98 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DGFECMB23C&cid=1627611075.1698342011&gtm=45je3an0v893189895z8830088854&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DGFECMB23C&cid=1627611075.1698342011&gtm=45je3an0v893189895z8830088854&aip=1&z=339795270
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame BFAD 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 26 Oct 2023 17:40:11 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 170D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-0eUmjAhwM9R0G-J4pSENM-sR6NZFEosiCUEwCLLfeHK8a8n5lXOMJ7sbcPsweSSgNRlR6HX1RTww4NRVCKwxfdQtdquOCpNdGgUH7PXLf5WEFterkc_Q5_oThJvooadWhsHW2fDKSP-I4qad9FV7dOXeHm0Ww6ioX9ZdcFZZYekiq0haVAuXGqUqavUyMMV6CXm3qjZrO7RnfoljRmYmfZINZZfQG9s43We-L5rcG5LZ_iBxQgzb66AYtvOXFSERjK-DMX3zyC0Isa7KwDM3ISxCPTwxmEaLAT0yC5kQAvgDTsqc1Iii4b0fxsiG0DxjibC4lz83-hsdhi-oV48t8Z-kq-1oUjQ2OYQNo3c6aA&sai=AMfl-YQmQaGb5zsXhVed1ETul3Hq6XFnMxesl8O4ijDCTEKu7TKj982UnopWcK1aS5-qBl_0VWDCinnxE4swecnglH_OssxD3XrxyQ0P1qjGCFEFqz-o23PkxylOzRafX5jNG889KrNPF5Q7GUfAuGQM&sig=Cg0ArKJSzHqKQQRx7gRREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 170D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx1_8K7qakAZpV0sl2wSULJ4LrRr_epD0ASAo_QDEelqZyC9lJwZvZEvCyUSyskbtmtMv-Ws0Hm_V3TqDLpK3GW4lv9BYGn2hxsWuXLAQg3iHDMDhbiekl0xaP_ytSemmq1YCv8KQkrdf_jrESgiP7rJHDxk91wxJFs1vqbfhXZSv2OqaW1RszM17PJSxeHdf3-2aPdMnN1wzxvrIwcsmnDavelCZTAA5wsB3lPPaxhiFQr6vsEygh2Did_lwSavq0IcTiH2612aKKEuAwP6_wr6laZHlO_pXxVHl59AFuNgpjyDRQGtFq4-aJAYq68C6rlXeamNLsr4crqzPcJt90O_bWsmUUz8WHBQhV4QjuVzDQ&sai=AMfl-YTzIK4nqor8O8VRTc48LhuZKJai0YzWB5E7ve4ulhyo7ZgZnZteHfa0qaGQZpy6GW_hW2jLmh0Jm9geAzGecdo3Sjlb1zSn92PD8OmY_3dgHQn-a3bljNu0_J7t6fxQ7N6BDp83g0Jw3gokYR2q&sig=Cg0ArKJSzGli4bwApvyyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:11 GMT
/
as.innity.com/synd/ Frame B33A 		811 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1698342011787&ver=1&pub=4ee78d4122ef8503fe01cdad3e9ea4ee&zone=56315&output=js&flash=0&url=news.now.com&width=728&height=90&vpw=1600&vph=1200&auction=c65fbb5-f7d79ec
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
682d4a76eb84a7829df8e65927f84c5099f7eae2cd8c87581f44aece66ba72c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:40:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 17:40:13 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
450
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
as.innity.com/synd/ Frame 267A 		811 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1698342011803&ver=1&pub=4ee78d4122ef8503fe01cdad3e9ea4ee&zone=56316&output=js&flash=0&url=news.now.com&width=300&height=250&vpw=1600&vph=1200&auction=84d47ed-ae17a5a
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
6ef34753459923e6186f543867dd712218846ff98e066e5619949d0987f45278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:40:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 17:40:13 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Length
450
Expires
Sat, 03 Sep 1983 02:00:00 GMT
truncated
/ Frame 170D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c6467bc96e6433cd5305b9ba003f41a3c2060d959a06a013891b277a5ad2ddd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db63d9a8bcd1ea002610c245935b2f3f92691bfe98894759ca41abf36c4e0dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29838
x-xss-protection
0
server
cafe
etag
493 / 19656 / 31079073 / config-hash: 18294707092208642472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:11 GMT
prebid_2023_10_13_4_27_2.js
anymind360.com/js/2193/ 		430 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
564913ca7c425cc7027417fb4b74fb43802ccb43158b25f1d177063c5c8b2549
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 04:27:17 GMT
date
Thu, 26 Oct 2023 17:40:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
217768
x-guploader-uploadid
ADPycdvwn9hxKEJ0q0-j4rVMlIwnIfCXFqeG3QmBTZTSJ2bKuBNpRaWmocge6qmqbWpLXlzTaxn2ro8H-A
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
139932
x-served-by
cache-tyo11949-TYO, cache-fra-etou8220066-FRA
last-modified
Fri, 13 Oct 2023 04:27:17 GMT
server
UploadServer
x-timer
S1698342012.847555,VS0,VE1
etag
"b5d3ad44ebe003944f23fd4f6c360404"
vary
Accept-Encoding
x-goog-generation
1697171237389747
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=/+aLeA==, md5=tdOtROvgA5RPI/1PbDYEBA==
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
139932
accept-ranges
bytes
x-cache-hits
39, 1
apstag.js
c.amazon-adsystem.com/aax2/ 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:21:01 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
1150
x-amz-server-side-encryption
AES256
etag
W/"f90f24d20b0a1f80ef986c97a9726a2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
QG5gOCUI8eJcn620Qa48_127PzynowDPdiTLWQtFwsULKRhATrGe5g==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c793300f13fd3a34856f726d769507dac3a8390ea7c58088620b7572ce0336
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 17:40:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5963
x-jsd-version
1.0.1855
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230124-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"62a-PI0kzeXrISkjC0NV6wo0PrgaJ+0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlY3X%2BBTVU9nNkyer3us4TCpYgbMy80LJ8PMjnS8Q8U%2FNSBsgf8oDzhC2CBgov5koivy1ui5rxjlvqF2ZlaqSbfhpo0QrW3olao4enusHtY%2FOx0eFXT87xRSnZ6Zdbct2aMNrxiiMe8XDzom6eU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81c47ba708879106-FRA
prebid
ib.adnxs.com/ut/v3/ 		53 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:11 GMT
an-x-request-uuid
fd9b52e9-16a9-464b-ad4c-3a8385e69e96
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.100; 80.255.7.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
53
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg-apac.smartadserver.com/prebid/ 		171 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:12 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.now.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
82a618c1cbf6a242a52f1d2a679dc6edff80e79f5deb371a650975964eafc85c

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:12 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 17:40:12 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		461 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=439118&zone_id=2575352&size_id=15&alt_size_ids=67&rp_schain=1.0,1!acquamedia.com.hk,A1439,1,,,&rf=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tg_i.domain=news.now.com&tg_i.page=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tg_i.pbadslot=%2F29746187%2C94348418%2Fhk_now.com_desktop_RightSticky_300x250_Finance&tk_flint=pbjs_lite_v7.54.4&x_source.tid=3f2c8cf3-068a-4ebe-964c-effe66c9c365&l_pb_bid_id=84a5f92030c75d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3f2c8cf3-068a-4ebe-964c-effe66c9c365&rp_maxbids=1&p_gpid=%2F29746187%2C94348418%2Fhk_now.com_desktop_RightSticky_300x250_Finance&slots=1&rand=0.7402281027634223
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d535d476003a21250fc86665fc40c1a89280bb1639036cdc33a1837681bb24a1

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
461
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.ad.smaato.net/oapi/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.17.114.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-114-157.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 17:40:12 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/d6ea097ec66ea1f5aedd70600ebeef3d?prettyPrint=true
access-control-allow-origin
https://news.now.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
81097619-4bb2-09fd-c1c5-416a4d522411
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=713044
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c7ea851b0b92716bc0cd901da4ca0842c705cf51c5d6253be084376e372571

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Bgt%2Fugo8gevDG2KNm4RGeJLmU4T%2B9X3D0mS41EKil5NNzrlwZlovEjefA6FABoI8SoX9Ky791pMem%2BuqmyeMiSMi1nTjhtgQCK%2FtpoUZXgRbjAJmFoVL%2B3e8QeDCvguAPvVaQN8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://news.now.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81c47ba77d4091ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.now.com
date
Thu, 26 Oct 2023 17:40:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=4317299405&lsavail=0
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.now.com
date
Thu, 26 Oct 2023 17:40:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
db25e772-a50a-4abc-826c-f029cd5364e4
config.aps.amazon-adsystem.com/configs/ 		537 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:38:55 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
77
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
tgCd4WabW70aSpWBKxuzQMxJ-qlz_Fb3O28lo4hRCBr5o0CMkuBcuw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnews.now.com&pubid=db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:19:13 GMT
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
8458
x-cache
Hit from cloudfront
access-control-allow-origin
https://news.now.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
bUJYCXlBGFoASJrj-_bWMdUi0ud76ETxCwqN6bLEqj-cIcCgKm7r1w==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&pid=jeWwFxVEENQ1o&cb=0&ws=1600x1200&v=23.1020.1619&t=2000&slots=%5B%7B%22sd%22%3A%22ats-insert_ads-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x480%22%5D%2C%22sn%22%3A%22%2F29746187%2C94348418%2Fhk_now.com_desktop_RightSticky_300x250_Finance%22%7D%5D&schain=1.0%2C1!acquamedia.com.hk%2C2193%2C1%2C%2C%2C&pubid=db25e772-a50a-4abc-826c-f029cd5364e4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.159.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-159-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:12 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P3
x-amz-rid
W9Q4R1G3GVEC77T7HKY8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://news.now.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4yz4q-9jTQSiyeoBuSQc_kQvAwOAa-6QFfbtbRdQZS9BSX2I8BXVAQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
date
Thu, 26 Oct 2023 01:24:11 GMT
x-amz-cf-pop
MUC50-P2
age
58562
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
L08mx43PKL2XmMLk9Fb96a54CCvp4AUes-td88Shce4vtpt1UKgq9w==
ads
securepubads.g.doubleclick.net/gampad/ 		90 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3977195431966550&correlator=2420235486658261&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fifs&iu_parts=29746187%3A94348418%2Chk_now.com_desktop_RightSticky_300x250_Finance&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x480&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db277b0d61cae1971%3AT%3D1698342011%3ART%3D1698342011%3AS%3DALNI_Majw8jKvnEGGSitIrE6ZEVsTjMaIQ&gpic=UID%3D00000ca9e78a55ce%3AT%3D1698342011%3ART%3D1698342011%3AS%3DALNI_MaHiElD4HgK8qG8hb0VajmruDfidA&abxe=1&dt=1698342012220&lmt=1698334812&adxs=925&adys=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&vis=1&psz=300x30&msz=300x0&fws=128&ohw=0&ga_vid=1510969399.1698342011&ga_sid=1698342011&ga_hid=321619123&ga_fc=true&ga_cid=1627611075.1698342011&a3p=EhwKDWNyd2RjbnRybC5uZXQYpP_J6LYxSABSAghkEhsKDDMzYWNyb3NzLmNvbRik_8notjFIAFICCGQSGQoKcHViY2lkLm9yZxi2g8rotjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YpP_J6LYxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVYyNDJiV0ZqVnpoVFRESkRTMjg1Y2tkdVFXeFBRVDA5SW4wPRizhsrotjFIABIZCgp1aWRhcGkuY29tGKT_yei2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5oTK6LYxSABSAghq&dlt=1698342009953&idt=789&prev_scp=Audience%3Dfinance%26Campaign%3Dmanulife%26amznbid%3D2%26amznp%3D2&cust_params=pathname%3D%252Fhome%252Ffinance%252Fplayer%26Now_newsLive%3Dfalse%26Now_newsCp%3D12%26Now_newsId%3D180275%26Now_newsCat%3D121%26Now_newsTopics%3D%26url%3D%252Fhome%252Ffinance%252Fplayer%26ref%3Dnull%26param%253AnewsId%3D180275&adks=2886535119&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1ebf0070c19cba534674efbeed0c1e7deaa82702ce54b2ca73b19ab1b29d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43164
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C758 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:11 GMT
expires
Fri, 25 Oct 2024 17:40:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE90 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGIC1r_sBMAE&v=APEucNVba6EVCxjoaU_g159PWHkStkDcHjbwmlY4Iqilh9w8ud295WQGpcITaAxJcBsxbJNGGLzmQ-fVqZc6hNSx1DXbuo-aJg
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/ Frame C758 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/abg_lite_fy2021.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 02:02:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/ Frame C758 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 02:02:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJeaXPEFwweEPcCUICfMo1j-AsQJDTt23pFwpsqEEe1iPip_IYYdLfuvjl3nKH-AF6VzIRu2BeVVZDOlfOry4QYE5fjY8IYc5uXQNyzgBr5TQTqdi3SoWATuhROXTYp9qKTFYOCpW0vBpThjxKOI4EZp7HsWURbO16hlty7YH5ZcasHWTbsgeR2eza_6MStzUQsKpta2__6XsGl3zzZZd4M11eK442-zBGYRjjXrQSPch4B9Exths30gydgyJk8dbNEidv46uiJrgesgpiDNbhJEqAU6CxWSZQ_efcla1N47VKSVH0Fh1XnQUs9wM2Nn5NyIVnnfvQAWKpQw3tMOYydnKVCzLwrZ-HqwBZR_bUznhuHeYrarmVU0rgN2a1D4GANGSFYBHl9fjoPiKs7BNC943y9IeZWDcUMIKkIaFTO8d6C7131DXYlnCtBJGHGzMKchmP0B7hRb7Zh41XK2rvPA-9Iv_-KDLmcuhUDm9LoVR-rwBytWOdx2rNOdQOcXNEiJra9NdWsai_AD2XOW7nKLtFLlTpXzi8X9DoobcnynMC8mj5FZv309yFf3TLQT9qUXpMqpKNVDQ5P0zSasICX8RZQ5V5nlfGvHmVGwTgZz9XGW5sG2itgYv7RIqzSHCWJvXAcfgPIFp_rhxVhopTaYMMuZTpy9DTl1WytI9a3CDlj2IiJF3GGUMIzIb4FSwmFUi6MdsndLMgxUvglYdVEKzQ_5oWmrsCIJkstwMchLQals8FtLeR64EwbGju_ZeoruUoBY67NBVC9Aeg9ZoFsT9PsifWccyElqOlWWtBVdFXkQvSdKJ3ff20IL3OWxlXhc2ohnrYxpIMd8kLR1fJuVAogy9BFidbAk_wd061NGRs3ritxThN_rzaMf-x21zWZqrnPLGYBSEKjnx-z23haalrDB60xWY0mBJn3CeNeD3sbulM1iRZ78rwImbX20EPJSPzTKWxfOjOKU4YT5lxo6MwTO29P0TEDQ0pTivWxA0_Ka0s0CgNPvx9dsdYBI47A1fB4FB7i5gVU-gHWDt10OfyB9TQIr3LuIuDKBuVVdF0_ENt4LuI2M550tpMTqisZb7386gal5xa9Bz0cTwoLObs9pmm8Msoebh7RRFgSDRfskoNdOkNDxQcWOSNNw13rWGdK5nCoZOde3_9ofFCgm5mcbsM1aRL3MoyXzFbCATG0DWlDw8qjt2r1MTcS1uEnfic6qU7LtbMWTLjMnSP_Zn_i0nWJItyB8HAJ1pn6Y3VYDRrCD6-eSDTmmE1ATVxC-DLlkSfPWmOMrsfa2oLJqMFY8-kAiKPUtbyVGMtgT0-lRI4ylokKFd9PuPsRw5MY74rlJZX7oxxwSFxZB2lVYxlVfBAWKngbIzaRu0XeSwKCNvHTVV5bNu3hf_5tsbIljpBwkBQI1E_hINGAIEHqjJRZD17WaENdfu0Dli4tWnP7lw&sai=AMfl-YRCg1HAS3W6tQymLzRmZvs1aJmsPfJIL0LFNXxrAfnVJcJ_BQS9NlEozAKGXxJfeiQFJr_ZtsXjNYnVJJriOzSc3BeFHONAw2xG50gqH5bOktnPJLr9zf_V39WA0--r40x9gc1qbKtb3-RkpUHKV0nZpxMxA3Rf3heKUBQWsj_T4Pl6DNv-AMlO6WK8MDzb4bKVCMTOnEN-uJoMRkupBVF8AdRu3-D3Y6EakWPMuKQmCi2-2DSAA-SMJnzjQzApADKwHeci5aYkom9HhcxoeaBfWMa8gcziEG0JEos0Z8pN82TFbeHOouXOPqKVxmNlf2PZa7dl7ycIX-Q4PcqHTwDRIEQ8Rp2kXxsx2PSP92icJGPPwCqLJsh6qAO3PLzanvG1Jjv_PJ4z9OzD4U7cFexaxiGu&sig=Cg0ArKJSzI6qlsjAqCnSEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231024.50217&arae=0&ftch=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 26 Oct 2023 17:40:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C758 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
55066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 02:22:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame C758 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
9988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 14:53:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame C758 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
56566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C758 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAMyrlAQ0AjT1Saufl-F9RikeIQpDCWx3CHl5gYJXxRU9jVo7nat5IGnmDcrT0lBuiB67TZv8CTTWeBsE-W_rLh1xeIVEV6Y2DBet8htkIQyHuiho
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame C758 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQidnLQgiyvGMhAtFK5agtvcdSSR6O5HCkiB_3DjffijRPwyIDvdkeOkCgTPvLEVXhIhn5_
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C758 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:12 GMT
15749102191683886952
s0.2mdn.net/simgad/ Frame C758 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15749102191683886952
Requested by
Host: a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
URL: https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79bb5b51794e25493a5bfea4bc817d2595d415f9636d88f254002f08b31564c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:16:34 GMT
x-content-type-options
nosniff
age
199418
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83610
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:19:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Oct 2024 10:16:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 170D 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvueuSI5UR9c_o3-kiuwUxn-oM5cMkL6NyJFt35x2Mrm6QY9rFpxXI4L0blQWMd_0ufUxbglMvqsFcQCFg6pSgBeyrOwc7No8cl_fl_tlcfvdpa9JiMm8h_FQI69Nh-&sig=Cg0ArKJSzI_TdxWTDcxfEAE&id=lidar2&mcvt=1013&p=421,925,671,1225&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=319731832&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698342011461&rpt=321&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=3R6YIGVY&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&t=1698342012828
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/3R6YIGVY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.40.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-40-57.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e63a060267f3c44ab3439c1084acb780d2254499ee9d7b1cf5a1bdfeaac4d92b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:13 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 200E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 02:22:26 GMT
expires
Fri, 25 Oct 2024 02:22:26 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C758 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
611fc8a9f2f404813291b38b342b3325a3723b17137d64adbfa6cbaf139697a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
iReuXNJrLQNwx4hwZhnhj1hAEnrQ9LYCnPEKm4B4abc.js
pagead2.googlesyndication.com/bg/ Frame 200E 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iReuXNJrLQNwx4hwZhnhj1hAEnrQ9LYCnPEKm4B4abc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8917ae5cd26b2d0370c788706619e18f5840127ad0f4b6029cf10a9b807869b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
142828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19635
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:59:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJeaXPEFwweEPcCUICfMo1j-AsQJDTt23pFwpsqEEe1iPip_IYYdLfuvjl3nKH-AF6VzIRu2BeVVZDOlfOry4QYE5fjY8IYc5uXQNyzgBr5TQTqdi3SoWATuhROXTYp9qKTFYOCpW0vBpThjxKOI4EZp7HsWURbO16hlty7YH5ZcasHWTbsgeR2eza_6MStzUQsKpta2__6XsGl3zzZZd4M11eK442-zBGYRjjXrQSPch4B9Exths30gydgyJk8dbNEidv46uiJrgesgpiDNbhJEqAU6CxWSZQ_efcla1N47VKSVH0Fh1XnQUs9wM2Nn5NyIVnnfvQAWKpQw3tMOYydnKVCzLwrZ-HqwBZR_bUznhuHeYrarmVU0rgN2a1D4GANGSFYBHl9fjoPiKs7BNC943y9IeZWDcUMIKkIaFTO8d6C7131DXYlnCtBJGHGzMKchmP0B7hRb7Zh41XK2rvPA-9Iv_-KDLmcuhUDm9LoVR-rwBytWOdx2rNOdQOcXNEiJra9NdWsai_AD2XOW7nKLtFLlTpXzi8X9DoobcnynMC8mj5FZv309yFf3TLQT9qUXpMqpKNVDQ5P0zSasICX8RZQ5V5nlfGvHmVGwTgZz9XGW5sG2itgYv7RIqzSHCWJvXAcfgPIFp_rhxVhopTaYMMuZTpy9DTl1WytI9a3CDlj2IiJF3GGUMIzIb4FSwmFUi6MdsndLMgxUvglYdVEKzQ_5oWmrsCIJkstwMchLQals8FtLeR64EwbGju_ZeoruUoBY67NBVC9Aeg9ZoFsT9PsifWccyElqOlWWtBVdFXkQvSdKJ3ff20IL3OWxlXhc2ohnrYxpIMd8kLR1fJuVAogy9BFidbAk_wd061NGRs3ritxThN_rzaMf-x21zWZqrnPLGYBSEKjnx-z23haalrDB60xWY0mBJn3CeNeD3sbulM1iRZ78rwImbX20EPJSPzTKWxfOjOKU4YT5lxo6MwTO29P0TEDQ0pTivWxA0_Ka0s0CgNPvx9dsdYBI47A1fB4FB7i5gVU-gHWDt10OfyB9TQIr3LuIuDKBuVVdF0_ENt4LuI2M550tpMTqisZb7386gal5xa9Bz0cTwoLObs9pmm8Msoebh7RRFgSDRfskoNdOkNDxQcWOSNNw13rWGdK5nCoZOde3_9ofFCgm5mcbsM1aRL3MoyXzFbCATG0DWlDw8qjt2r1MTcS1uEnfic6qU7LtbMWTLjMnSP_Zn_i0nWJItyB8HAJ1pn6Y3VYDRrCD6-eSDTmmE1ATVxC-DLlkSfPWmOMrsfa2oLJqMFY8-kAiKPUtbyVGMtgT0-lRI4ylokKFd9PuPsRw5MY74rlJZX7oxxwSFxZB2lVYxlVfBAWKngbIzaRu0XeSwKCNvHTVV5bNu3hf_5tsbIljpBwkBQI1E_hINGAIEHqjJRZD17WaENdfu0Dli4tWnP7lw&sai=AMfl-YRCg1HAS3W6tQymLzRmZvs1aJmsPfJIL0LFNXxrAfnVJcJ_BQS9NlEozAKGXxJfeiQFJr_ZtsXjNYnVJJriOzSc3BeFHONAw2xG50gqH5bOktnPJLr9zf_V39WA0--r40x9gc1qbKtb3-RkpUHKV0nZpxMxA3Rf3heKUBQWsj_T4Pl6DNv-AMlO6WK8MDzb4bKVCMTOnEN-uJoMRkupBVF8AdRu3-D3Y6EakWPMuKQmCi2-2DSAA-SMJnzjQzApADKwHeci5aYkom9HhcxoeaBfWMa8gcziEG0JEos0Z8pN82TFbeHOouXOPqKVxmNlf2PZa7dl7ycIX-Q4PcqHTwDRIEQ8Rp2kXxsx2PSP92icJGPPwCqLJsh6qAO3PLzanvG1Jjv_PJ4z9OzD4U7cFexaxiGu&sig=Cg0ArKJSzI6qlsjAqCnSEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=230&vt=11&dtpt=229&dett=2&cstd=0&cisv=r20231024.50217&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 200E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bd8zUfKQ6ZZaZEbyA9u8PjJuI0AMAAAAAOAHgBAI&bg=!lJell9jNAAZazIPFesw7ADQBe5WfOLzpNu54i6yND66BxS7NOtYbri97dBuywvxA9xuEgeWysXmx9hTZFLkbf0xInub_AgAAAFNSAAAABGgBB5kDBFLh2QEy3futwSox-gTk2B1WqTUsaD8M-cxj_nZc-W5JFqB26lPiaY0C2LIwvBIp_JTASLrP3Fxja3PCnpjbL8IZ9sJi_GfeAqxtriY5_1-moSZYBxKfGCaeSawt1uRvtwK5SZDILCzK_hkM1UZNS7Oua04I31mxDt3GhR9AGVM417kw88JqqvMFH-1ZyQaWv6AHGy1_x9Vjx9IazRLE_YhDz53CZjn0UiGSNqzRYAbiBxaM87nB8ahJZwXQ2qHmRAfqcB0Ep4DU2OfhJlodNVMl_lSS5cifIXGQenrRovjNMV_6cudB66rUML7EUB5pTy9uRvfYeKPyH0K6MEaulQrCp3FFeQwqfoe2wkXdoy2AfamLowmGH_RaXxLNCkSV17Ad5TT_deDatGpkAqgIKpE8k06SIH4n0HgyK4PltuLXg1R_cClAVtyUAxVtqj8T68Od5SeAkjWyrb9RETLRpFCrtNEwAxvJuv3QQmh3dngFT1kFHc3n20tm-cpY7Vpe_JXXSzDvqytH2u6FMTCZyfuCBB0kxB28WwMGrf_r6aoQ6CgcN9DepLp30YzNXrXcnPVUfsW8nR7K1lrIFs-RoXAUQxa2EHqPHySBereqAKgrf7KJiXEqY5BrN1La9-jSl41cuM8pe_A36m9W105xxelpfsmGYSUvK3wccdlKsLXhFPzjGm2ItG0tuGCzgDwJjKQfp2V1O8yIILa6Y6cKFZqFARfR68gkM95cD6r2IKl9DaHSJAjbV6LcQf5R7LsHKYXNceTU1pG4XpWBo5Sp4SE_jtXfiofUHGg6YmQt4Lsnly0597k53KOqGx8p3BHjql2iXaWkYtrQC7rTEo2ls72686zQAhTCwgpHjpMcjWH7iak_DoaN6i3RYRomXO_n9TPgswXRc75HbgGILxxlMnvO4XmLSRp6pV12o3eVEV6J4Z3LaJGdgzjdwDNQdVU5M3U0NLX7noorZMtDmg_j9q1iDU2NmTi5r85Dsx7dh-_JeDilJWhmhSgUXGY9Y_D1Iqc3Y48
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iat-realtime-7.0.11-ws.js
cdn.insurads.com/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-realtime-7.0.11-ws.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=3R6YIGVY&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&t=1698342012828
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a01::907:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-LA1-907 /
Resource Hash
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:13 GMT
content-encoding
gzip
cdn-edgestorageid
1113
x-amz-request-id
7FD7RS63MBWPZVZY
x-amz-server-side-encryption
AES256
cdn-cachedat
09/19/2023 10:27:00
cdn-pullzone
55316
x-amz-id-2
qCjXaZ4i6pIcrQ8MamrBhxJJvODKa91MOljZLaWWr43AFrs4ZxhaxQ3DAg9hs+Q1zttJF3InKis=
last-modified
Tue, 19 Sep 2023 08:22:46 GMT
server
BunnyCDN-LA1-907
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"75857c4fac071c7c848bbe0f76263cf8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
fbb419cb5043c097d2b5810310725e7b
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
iat-1.14.20.js
cdn.insurads.com/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-1.14.20.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=3R6YIGVY&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&t=1698342012828
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a01::907:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-LA1-907 /
Resource Hash
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:13 GMT
content-encoding
gzip
cdn-edgestorageid
986
x-amz-request-id
8RWQJC1KDS42BW7Z
x-amz-server-side-encryption
AES256
cdn-cachedat
10/24/2023 14:39:32
cdn-pullzone
55316
x-amz-id-2
Q1uJ+13prIX+viR919xg9oWZhcu/3q9v0DtXwmOLuegHmcnep1/mbnmM0UDx+MlPjaWAO2olNdU=
last-modified
Tue, 24 Oct 2023 14:38:13 GMT
server
BunnyCDN-LA1-907
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"2b9d33be45a640fc410b9057606a5237"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
677da975759d0e33eb331a9fd79f6804
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		138 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?v=1.0.12&appId=1546&vId=5F1976C52E912DA5&s=1873&fpc=1&nv=1&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&lts=0&ts=1698342013279&iatId=f95d2bb0127b88e30df1f5400d2f4cc7&iatIdB=8410635557c667c5af9d067d25eccd79&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=UUUEIZEBOM
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/3R6YIGVY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.40.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-40-57.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:13 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
global.js
cdn.innity.net/ Frame 267A 		1 KB
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/global.js
Requested by
Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1698342011803&ver=1&pub=4ee78d4122ef8503fe01cdad3e9ea4ee&zone=56316&output=js&flash=0&url=news.now.com&width=300&height=250&vpw=1600&vph=1200&auction=84d47ed-ae17a5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dbae926e137826db2872fb3395b97511dbda8eae59ae39683c1cd64a86c033b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 04:20:37 GMT
Server
Apache
ETag
"4f8-60882c6f54f40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
430
Expires
Fri, 27 Oct 2023 17:40:13 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-17e57"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 17:40:14 GMT
innity.js
media.innity.net/lib/ Frame 267A 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.innity.net/lib/innity.js
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cea68197ad58b6802f8a1735646931eda8e76702b12d90f7df88d537f62b987a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2017 06:07:08 GMT
Server
Apache
ETag
"116f-55cf9cc509b00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1073
Expires
Fri, 27 Oct 2023 17:40:14 GMT
proxy_252011.js
media.innity.net/adnetwork/house/pub_4113/ Frame 267A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.innity.net/adnetwork/house/pub_4113/proxy_252011.js?ord=[timestamp]
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9900cdd68b7106c35a1f93f2e2bbe826d7c8e77160f938fa2ef19ba0b104ac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Mon, 30 Sep 2019 08:54:20 GMT
Server
Apache
ETag
"95e-593c161adfd3b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1012
Expires
Thu, 26 Oct 2023 18:10:14 GMT
global.js
cdn.innity.net/ Frame B33A 		1 KB
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/global.js
Requested by
Host: as.innity.com
URL: https://as.innity.com/synd/?cb=1698342011787&ver=1&pub=4ee78d4122ef8503fe01cdad3e9ea4ee&zone=56315&output=js&flash=0&url=news.now.com&width=728&height=90&vpw=1600&vph=1200&auction=c65fbb5-f7d79ec
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dbae926e137826db2872fb3395b97511dbda8eae59ae39683c1cd64a86c033b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 04:20:37 GMT
Server
Apache
ETag
"4f8-60882c6f54f40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
430
Expires
Fri, 27 Oct 2023 17:40:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C758 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss34NZ4iuHzyB4cKDm3LZKRKnGnU_h0QpZCj1-TE_do7wuVp7jrjtCJCCj3y0R-QIVsTs2eTL838qAtnjXlDX-K8DguFss6vThbR2JrzHZu2dNI1j6MnQgIz-fhXN97t6uMt8zvW7VUAouL&sai=AMfl-YRZN0J_CIY17P2nlxnBj7RFLtiBGj8samXfhQ40GEFRn3zbqjD6CkpZvxCdbbCSYHTp1YyqndpZv8rfWeuNMA00f72-BkhDQIL8WR5GoALgV2OQGGgfSwW4II1G&sig=Cg0ArKJSzK8jLmszVlR8EAE&cid=CAQSPADICaaNwxxe8IE_tUKZ-tP4_AYXnpnH19lSLG3fv9hLWPMQi6LDj-Au2YW8B4PFHw2osUH6GJIZHuF-3hgB&id=lidar2&mcvt=1000&p=1049,925,1299,1225&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&vu=1&app=0&itpl=20&adk=2886535119&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698342012715&rpt=310&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
innity.js
media.innity.net/lib/ Frame B33A 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.innity.net/lib/innity.js
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cea68197ad58b6802f8a1735646931eda8e76702b12d90f7df88d537f62b987a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2017 06:07:08 GMT
Server
Apache
ETag
"116f-55cf9cc509b00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1073
Expires
Fri, 27 Oct 2023 17:40:14 GMT
proxy_251995.js
media.innity.net/adnetwork/house/pub_4113/ Frame B33A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.innity.net/adnetwork/house/pub_4113/proxy_251995.js?ord=[timestamp]
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f686b633afa9cf54befcf9ea46d5cbbb13e9ceef4d6de6adbab879433afb959a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
Date
Thu, 26 Oct 2023 17:40:14 GMT
Last-Modified
Mon, 30 Sep 2019 08:40:14 GMT
Server
Apache
ETag
"95b-593c12f3cd893-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1013
Expires
Thu, 26 Oct 2023 18:10:14 GMT
publishertag.prebid.143.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.143.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-17e57"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 17:40:14 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 8C6D 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: media.innity.net
URL: https://media.innity.net/adnetwork/house/pub_4113/proxy_252011.js?ord=[timestamp]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d94545125b879d6274c4c21ca1a52e643b7bd83b953c79040409c8be70bc567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29464
x-xss-protection
0
server
cafe
etag
403 / 19656 / 31079072 / config-hash: 18294707092208642472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:14 GMT
analytics.js
cdn.innity.net/ Frame 267A 		301 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/analytics.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 08:05:30 GMT
Server
Apache
ETag
"12d-606df78894680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
175
Expires
Fri, 27 Oct 2023 17:40:14 GMT
truncated
/ Frame 267A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccb8da07338314cbbc5a6f8d13a5662117883c590af48e6fdcc587c43ec09e5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
/
optimize.innity.com/ Frame 267A 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimize.innity.com/?pubid=4113&zoneid=56316&cb=1698342014212
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:40:16 GMT
Last-Modified
Thu, 26 Oct 2023 17:40:16 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
optimize2.innity.com/ Frame 267A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimize2.innity.com/?pubid=4113&zoneid=56316&cb=1698342014212
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.250.12.214 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/ PHP/8.2.5
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
last-modified
Thu, 26 Oct 2023 17:40:15 GMT
x-powered-by
PHP/8.2.5
content-type
image/gif
p3p
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sat, 03 Sep 1983 02:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 03D7 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: media.innity.net
URL: https://media.innity.net/adnetwork/house/pub_4113/proxy_251995.js?ord=[timestamp]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
373a89d5357110e883e97c4dc2367cf0194309de2f3418f9229626fe07405ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29838
x-xss-protection
0
server
cafe
etag
519 / 19656 / 31079073 / config-hash: 18294707092208642472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:14 GMT
analytics.js
cdn.innity.net/ Frame B33A 		301 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/analytics.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.17.190.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-130.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Oct 2023 08:05:30 GMT
Server
Apache
ETag
"12d-606df78894680-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
175
Expires
Fri, 27 Oct 2023 17:40:14 GMT
truncated
/ Frame B33A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26e71265038697288323a4f7e30d2928de47296b1785c8acb2394755fc75acf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
/
optimize.innity.com/ Frame B33A 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimize.innity.com/?pubid=4113&zoneid=56315&cb=1698342014285
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.218.26.252 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:40:16 GMT
Last-Modified
Thu, 26 Oct 2023 17:40:16 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
43
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
optimize2.innity.com/ Frame B33A 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimize2.innity.com/?pubid=4113&zoneid=56315&cb=1698342014285
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.250.12.214 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/ PHP/8.2.5
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
last-modified
Thu, 26 Oct 2023 17:40:15 GMT
x-powered-by
PHP/8.2.5
content-type
image/gif
p3p
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Sat, 03 Sep 1983 02:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ Frame 8C6D 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 05:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
44283
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135316
x-xss-protection
0
server
cafe
etag
9779678222609117831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 25 Oct 2024 05:22:11 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ Frame 03D7 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
9984
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135211
x-xss-protection
0
server
cafe
etag
17495413759700775962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 25 Oct 2024 14:53:50 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 8C6D 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f08cd9319dede0985a9f221040db4aec1825dfd27bffae15860802c095bdde95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
762
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23577
x-xss-protection
0
server
cafe
etag
13906420075785680935
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 18:27:32 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8C6D 		166 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=540934388131266&correlator=3441991541312156&eid=31079072%2C31078979%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=94348418%2CPassBack_Now.com_Innity_Display_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=2&sc=1&cookie=ID%3Db277b0d61cae1971%3AT%3D1698342011%3ART%3D1698342011%3AS%3DALNI_Majw8jKvnEGGSitIrE6ZEVsTjMaIQ&cdm=news.now.com&gpic=UID%3D00000ca9e78a55ce%3AT%3D1698342011%3ART%3D1698342011%3AS%3DALNI_MaHiElD4HgK8qG8hb0VajmruDfidA&abxe=1&dt=1698342014455&lmt=1698334814&adxs=925&adys=711&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=h5s85ayfuykq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=2&url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&top=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rumc=540934388131266&rume=1&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1510969399.1698342011&ga_sid=1698342011&ga_hid=659096599&ga_fc=true&ga_cid=1627611075.1698342011&dlt=1698342014160&idt=267&adks=588128196&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d854e832b4ecf65fcdae68fe5e4ffa3d11e3815f88633e3ea07bd9d77d30052a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50549
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:14 GMT
expires
Fri, 25 Oct 2024 17:40:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 03D7 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2617216174833715&correlator=1376622022952640&eid=31079073%2C31070233%2C31078979&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=94348418%2CPassBack_Now.com_Innity_Display_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=2&sc=1&cookie=ID%3Db277b0d61cae1971%3AT%3D1698342011%3ART%3D1698342011%3AS%3DALNI_Majw8jKvnEGGSitIrE6ZEVsTjMaIQ&cdm=news.now.com&gpic=UID%3D00000ca9e78a55ce%3AT%3D1698342011%3ART%3D1698342011%3AS%3DALNI_MaHiElD4HgK8qG8hb0VajmruDfidA&abxe=1&dt=1698342014531&lmt=1698334814&adxs=562&adys=71&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=1u16cglln65t&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=2&url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&top=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&vis=1&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1510969399.1698342011&ga_sid=1698342011&ga_hid=808036141&ga_fc=true&ga_cid=1627611075.1698342011&dlt=1698342014237&idt=257&adks=132357472&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6d5947f7fc439abd881a78b0365c3bf52623277db5668cb542b1388d597f025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 70B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:14 GMT
expires
Fri, 25 Oct 2024 17:40:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8C6D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6689e700fbd974e21acb517ec1a1f78e68384882e14a76cfed45de1e83554940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12335
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 267A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthTAhmSKcOm324cim5jRgvK9MP8W4xS_pOqTmAMlM--pDFw_Zw1041JYrCmZ83uvWBHHfjTeWUfnTWwAmJ5cvR4Gep1OwMA6H9g3q46TnBgeAHEegj2biS4zr8T-Y0reCd8bECB8azZwUyysYT5-7NlTkgodsg53z0uSfx3VGWcjpKHYTVLUs5d_4kUhASphXAZi6dwkEUmQ4aflItmGmJxMzrX9EkUfX1Tl6IrHpxhrzLJHHHvDxHZKhAHzmicipCRGO1A1oJz3QR3XRNwMReqoxmw7R5YuZNokNS6lXWuyEKKDvn8PVycPjlDd_EhnSmoIco5CrcEIne-iAR1YT11h6iAyAFz8wy-ftrCNGzf8MRURZc1Q&sai=AMfl-YRquNrLSKOY91vtqmnKAF2MtIfWjxyIKECkc8QSWEMg7BttHyAOTHiNbhdzAEwCN9dzTJrnm9wHCKh27TgYOjKO6OKlLJtcBtl5JpTlCImilYgYcv4Hb9xCluEBg4FGfPJork3klZryYzxpJwr1&sig=Cg0ArKJSzGpfSIEr1k2gEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C6D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=news.now.com&doc=complete&pg_h=250&pg_w=300&pg_hs=250&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 03D7 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310230101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55dbe77f372ec933fad71d8e90381ea03bae7cdfd61e60542bb8ffef38ecf74b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12274
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B33A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8UAKdR8BJ7t6lxRQUH8k_VlxweOdB9lzB7Anrkk8XlYk1GED6reY3sJfBaQ560EJnn2p-4eXce-oBBa-fAqilB2na1Fj5hthzU1iM1UXG78l8M-8DWISuwvR3Fh-ow40eHbu87cJZbU2P7RmExIjTU-Vw_1-diYoXxB08saaFZ38Ki8heP-kojmhwf9Sp_3loPLoe9BH_oD3ozW4fzD_8fg_TJMaeKrhAMpIWq94gRRv3UfNC3P9_w-oSeF9RSCduthoVOvfmmlBwnX2G5IuyR0VEMWglNKiwu2SmO21U3Wk_v9F3uyIzYZeP8elT5I-6GY-KCfwWN_OHQuNWylsQOBPVqOuun0KNwefFTFLdzfxdsw&sai=AMfl-YQ-5IJ9USVqrp2I1rdW8Rhn5FOHtmvdfmE6-ciVIei_p8SbsFbYW5-lkRqlyotT7ZMnONjdGITs6WGptr9mFHSTAhR4TlN3Wf3wm3i6qr4kpzI3mxchjO4ybABc_4MnFElc5WxKndDwWgjPJoAC&sig=Cg0ArKJSzOOkQYX07bHOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8C6D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:40:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 03D7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:40:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 00ED 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9534
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:01:20 GMT
expires
Fri, 25 Oct 2024 15:01:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5AA5 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bae61251fe0ab7fc5703e064ea621caed4b6155adfc9fe4919dac8eab4d736c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BCFV6QKowONsfcFpa-Hrow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BCFV6QKowONsfcFpa-Hrow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:14 GMT
expires
Thu, 26 Oct 2023 17:40:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB16 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9534
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:01:20 GMT
expires
Fri, 25 Oct 2024 15:01:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 736A 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f02d9caa98f4c98d14db14be429bed8c4d86ef4a10c624e1445c349a794dae1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1cgX2mUWZ_w5UBK2j-w0Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1cgX2mUWZ_w5UBK2j-w0Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:14 GMT
expires
Thu, 26 Oct 2023 17:40:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
pagead2.googlesyndication.com/bg/ Frame 00ED 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
2246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15202
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 17:02:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5AA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=540934388131266&rc=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
pagead2.googlesyndication.com/bg/ Frame FB16 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
2246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15202
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 17:02:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 736A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310230101&jk=2617216174833715&rc=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
container.html
070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7636 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:14 GMT
expires
Fri, 25 Oct 2024 17:40:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4911 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:14 GMT
expires
Fri, 25 Oct 2024 17:40:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8453 		624 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGOW16PoBMAE&v=APEucNVpxZRsJPZXQLsp4YSuLWZjdpe9YOw9ALUGFT75yOUXtXmP01LQi4NZYOkSGZEKxvfe0vaX2Z8JpJXs-b0-P7sixK2sF44nELYS2PrlxCK8Wmr9m04A-ecAPiMvR4J-3rPT6zOuMcHm7FCgi8ZR5WtU1es_JVitISqbtWjhnS3gtxKrTTI
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7636 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7636 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BghTMgOsCMrKd7eIf9R3lsfrVfe91S-ejt7YnmN1PMgqfm8hxLA1Ciowm6Df1aDIuSHDvwXdvHO8wxpy6R2AeDv4fKuq7cdwIJWVnKUAvVjEO9I8E
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7636 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15489620897831389616&x=1&ct=119
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 7636 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
9990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 14:53:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 7636 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
56568
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7636 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 00ED 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UYZZwg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
css
fonts.googleapis.com/ Frame 4911 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 17:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 16:58:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 17:40:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 4911 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
56569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/ Frame 4911 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/abg_lite_fy2021.js
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
56569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 4911 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
9991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 14:53:44 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C32A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 02:22:07 GMT
etag
48472445140208031
expires
Fri, 27 Oct 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame 4911 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
56569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:57:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4911 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 17:40:15 GMT
b043ffb3bb2c6d533211f24c7a1dfd38.js
www.gstatic.com/mysidia/ Frame 4911 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 14:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15030
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 00:39:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 14:24:05 GMT
data=diwOOmwqcCLvuAmsHLr2tRwKHarYCwZTZjpoujKRYa8Mxmu9OnK4ogAl9R_XJ-5F6b287gySwqgmnc9U2OQ1lCPoITiVDr0KpH2qJpdjDvQRmcybh5kGJ3n39PA
mts0.google.com/vt/ Frame 4911 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=diwOOmwqcCLvuAmsHLr2tRwKHarYCwZTZjpoujKRYa8Mxmu9OnK4ogAl9R_XJ-5F6b287gySwqgmnc9U2OQ1lCPoITiVDr0KpH2qJpdjDvQRmcybh5kGJ3n39PA
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
04d201c38d170cd81db2338193f35765e52ac6d9946049206ad3be88763f11d2
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
date
Thu, 26 Oct 2023 17:14:05 GMT
x-content-type-options
nosniff
age
1570
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32780
x-xss-protection
0
x-server-version-bin
CggIBBDgn+KpBg==
server
scaffolding on HTTPServer2
etag
044cbaa4c2fa2ad69
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
expires
Thu, 26 Oct 2023 18:14:05 GMT
truncated
/ Frame 4911 		244 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4911 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
generate_204
tpc.googlesyndication.com/ Frame FB16 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ixTsZA
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 8453
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGOW16PoBMAE&v=APEucNVpxZRsJPZXQLsp4YSuLWZjdpe9YOw9ALUGFT75yOUXtXmP01LQi4NZYOkSGZEKxvfe0vaX2Z8JpJXs-b0-P7sixK2sF44nELYS2PrlxCK8Wmr9m04A-ecAPiMvR4J-3rPT6zOuMcHm7FCgi8ZR5WtU1es_JVitISqbtWjhnS3gtxKrTTI
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQhim9zqj%2F8qpwXY57d0Dkdg%2BankWsQvt%2Bo%2BGlrohQnjsyfU9LXDX3E0vjxtsJ6zUBbh%2FA4LgBys0udvyyqHTshKT%2Bbr9EVAccbid5GaLsApTG4Vr5NEI2RmsDc1oILwnYmzJlgNDakaDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c47bbb281b0858-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8453
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTqkfwB2SO5BprpB3UViPwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGOW16PoBMAE&v=APEucNVpxZRsJPZXQLsp4YSuLWZjdpe9YOw9ALUGFT75yOUXtXmP01LQi4NZYOkSGZEKxvfe0vaX2Z8JpJXs-b0-P7sixK2sF44nELYS2PrlxCK8Wmr9m04A-ecAPiMvR4J-3rPT6zOuMcHm7FCgi8ZR5WtU1es_JVitISqbtWjhnS3gtxKrTTI
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhpC%2F4Cuk33gsRYzw9%2BHiNDxE1Gyp1r5Ql4czQ%2BhDxWwvRo3WpALy8tb2uAwCSq3OjaPn5OD2iBKSaiKCiexuo%2B6gZcK7UVGYaE5yRrvtqKD4IqgcE4SL8xQVDZhHM8BN7MYdKfnk4DPqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c47bbb685e0858-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKHFzN_tj7qz2sfz3ouP1q4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8453
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJpd8HvYfJfEacJaQWlij9g&google_cver=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJpd8HvYfJfEacJaQWlij9g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGOW16PoBMAE&v=APEucNVpxZRsJPZXQLsp4YSuLWZjdpe9YOw9ALUGFT75yOUXtXmP01LQi4NZYOkSGZEKxvfe0vaX2Z8JpJXs-b0-P7sixK2sF44nELYS2PrlxCK8Wmr9m04A-ecAPiMvR4J-3rPT6zOuMcHm7FCgi8ZR5WtU1es_JVitISqbtWjhnS3gtxKrTTI
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
an-x-request-uuid
7ef71276-e7ad-4b09-b649-638b6efd8218
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJpd8HvYfJfEacJaQWlij9g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8453
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3MTYyNjcyODA0MzQzNDUz
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3MTYyNjcyODA0MzQzNDUz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGOW16PoBMAE&v=APEucNVpxZRsJPZXQLsp4YSuLWZjdpe9YOw9ALUGFT75yOUXtXmP01LQi4NZYOkSGZEKxvfe0vaX2Z8JpJXs-b0-P7sixK2sF44nELYS2PrlxCK8Wmr9m04A-ecAPiMvR4J-3rPT6zOuMcHm7FCgi8ZR5WtU1es_JVitISqbtWjhnS3gtxKrTTI
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
an-x-request-uuid
712108d0-1884-4934-b769-07581e8eb558
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3MTYyNjcyODA0MzQzNDUz
x-proxy-origin
80.255.7.100; 80.255.7.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame C32A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPZx2jfJI-7gjOeavVagQO0&google_cver=1&google_push=AXcoOmRuO0F01ULV5Y6OGQQGDb_ZRW9p358LyQoKTnImwSms34KGYZzOop5H_ovycfXU8R710jrERTMsnuN2tjuljO0ol5gCbXM
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame C32A 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGlzb4MJ6u9V2_fpXtD3IOU&google_cver=1&google_push=AXcoOmRKmZweLcdY_UJn9Ql7j2qVoH8eXR9aOAik2zJsMKB5q0Shd6F3Rt4-4MOT-oKONE4HdxJnxaWn8P4RAdz3YG4lz-r8wBw
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame C32A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF966jHVoQswd-AU0NLJbLo&google_cver=1&google_push=AXcoOmSvb9hNJrCRdHrEPSZSVs61DxT1Ffhh2-ziGNmgILV7ZLeqKlRGEw5aRVKsaTgxPJ8g8FEA-ykIafc5ke...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDMyMzQxMTg1Mzc2ODg1MQ%3D%3D&google_push=AXcoOmSvb9hNJrCRdHrEPSZSVs61DxT1Ffhh2-ziGNmgILV7ZLeqKlRGEw5aRVKsaTgxPJ8g8FEA-ykIafc5keEG7V...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDMyMzQxMTg1Mzc2ODg1MQ%3D%3D&google_push=AXcoOmSvb9hNJrCRdHrEPSZSVs61DxT1Ffhh2-ziGNmgILV7ZLeqKlRGEw5aRVKsaTgxPJ8g8FEA-ykIafc5keEG7VxbQHv0fc1d
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDMyMzQxMTg1Mzc2ODg1MQ%3D%3D&google_push=AXcoOmSvb9hNJrCRdHrEPSZSVs61DxT1Ffhh2-ziGNmgILV7ZLeqKlRGEw5aRVKsaTgxPJ8g8FEA-ykIafc5keEG7VxbQHv0fc1d
Date
Thu, 26 Oct 2023 17:40:15 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dds
rtb.openx.net/sync/ Frame C32A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMiTtBPgAN1sY5x4OmVIjLM&google_cver=1&google_push=AXcoOmTynDlRN1AEnA8h5yIpx2j2zLHPXIUN_UJCCaphuI6xihErYbmojcvtwKgIJw3nydpRJwgTcisTe4zRUfGXHJGUKuMW6yc
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame C32A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O8TChM_iRJSg0KoglLqwYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O8TChM_iRJSg0KoglLqwYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSAD2KD9-iuNyA5mc5FNTvfBvRH5xXm-CDdG0VYN2wVaON02jhhHyaUv0NjEPGjhN2WdZGXiVE6waSdUE7yFdiINNykHgdO
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O8TChM_iRJSg0KoglLqwYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSAD2KD9-iuNyA5mc5FNTvfBvRH5xXm-CDdG0VYN2wVaON02jhhHyaUv0NjEPGjhN2WdZGXiVE6waSdUE7yFdiINNykHgdO
date
Thu, 26 Oct 2023 17:40:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C32A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_hm=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&google_nid=index&google_push=AXcoOmS4v_1f2oPdCkfXNL2s5ESR2wTIkKwzp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_hm=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&google_nid=index&google_push=AXcoOmS4v_1f2oPdCkfXNL2s5ESR2wTIkKwzpedFMxeMbKlRm_Wk8fNkRin70nfa84p9Pyjy95W8h9VRh76Ytxw03CGYAF5E7Q3Q
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sp6WanE7FF2X0rWpc1foEVWu49gijEDuT1mukrBsNGZoQfuTalsnycYh29dxivevSpUAFWkh7uSdqyaL59X3vGtHpfryjObA02dfUuQz3ZIvFYmEqUkK62FJB6PSby5pLd%2BvLiIPwUCYyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_hm=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&google_nid=index&google_push=AXcoOmS4v_1f2oPdCkfXNL2s5ESR2wTIkKwzpedFMxeMbKlRm_Wk8fNkRin70nfa84p9Pyjy95W8h9VRh76Ytxw03CGYAF5E7Q3Q
cache-control
no-cache
cf-ray
81c47bbacbac91ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame C32A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-2590339b-5791-46c6-a4b8-ff440c35f3e6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSJaVdoHHazaSQLoTQv4...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSJaVdoHHazaSQLoTQv4CY13etlFl6ZDxEJk5z0SEzRRIwsbetmeWQVAKM_GwdLgrfMTqkP9Wkxo1Xyv7hUBoGx95VTh5b9&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
date
Thu, 26 Oct 2023 17:40:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2590339b579146c6a4b8ff440c35f3e6003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame C32A 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILqHMdqRDYd35qPB6om_h85Y_MU_XtNUSEh9iQ2Hv2yN_yZjBYRjw4a3uaP0M2c07wV_hq
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 4911 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8125e0da9d35d88494d90523e8ae7a844bc130034f2589cd5e7cf33df96ae3b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7636 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7631261660951&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7636 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7631261660951&version=m202309260101&ct=119&x=1&cor=15489620897831390000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7636 		90 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTsHARzyJpgUS_S_zIw9-jSEnsj0_NZzUQJaA_tyaEPAdklEtPpAuuFQqHpsp2szdIgn9pH8pte-ffox830gYC8KJiNTFcC-sEKyRbFSLL6RwqzfzKyal14efERQKJE0JjNMRv8Pc0KC6Xe5gNelORmhfbx7SEOS0UcxtYc-TSkO_uhtU&cry=1&dbm_d=AKAmf-BJKdyCnwOH0SytuJ5o6Qy5xVn10-2vAwAYAgowG7BRUJU3MIglytr1YnQ4r2qBpfyLmNh5kbEb7B-gN_dyPgS3gFapF3GqNDui6Mufa7krakbwCiBocUq0ceXJ1ktdxml1mDo8MYHzTYm3y0ae3LjOT7889eD4179-_Uxty6ucdoNSSWg4SQ2YNIkwfmx6st6hE0QfOIroiHp2cPe0-Q3AlCbN7zK8WFL_wxGQWbPR0wLUnLbNyUUNrrDe2lZ95zXo1JuvIo6XMhaZF0lK28w2xQo6yrcFOn5jr-eDeq9tZ4B1NBMXNwx5sdTJ-PSFcXeyjApCuTsrUocWKwdHDo3EJxFHKsu4gFjbJ14VehkI1IgOjGrNGIGW6FlMH1E6aBlw7p_ulucWxX_WS2SM_Uc2ONG1whZbqcVSH35MNv3fMnoQS17tZru6fk5UeVQCLlCVvzoctD5TlslwhzNg2u9x5ffFxbUood2jxv0B-4qMJySrN82oMhXk1qEdXP78BjmbWWKM20Y5bzx0NCJWWGDKCR1QI66GVwwwgfwNg9i8FxG0QLm4cuycL_Z2aPVbYDltKMfZ2_cjCfKaYtMZhupTK8oFw5oFviyjNlpib4IWkX2p3DAZR06l4e8JrUg_VJwqFF6_ZvMRDrM8SRx2iZ9Jj1ybf8ocN_R9VXqAl6pn3hArQP5RjOd2jI-EfU0J5zMhDRKt4yylKl1aDfSy2gihT0nNJX4YqByyHlGJIGj439KInQgyoYz0QDqbqNBC_SQq546m-CXxcP9mliE3s34d0MsYo5b7YPeGt1x4Fp2tTkdaAg-grWtI2khPezaIk2IEoCCEt7r312iTdQ_6GYT_3N7KRK74DjDofX1pSmQpqhSwcjs3GZMkdVIKnRadDkxsp7Z52u511iaxHJUpnVKe9sDh6LuZcXiKksEa-mCW1buanUd6Zga9BoTFPNuGZYeGJWjIOwALmJ0xikEMO2yGg5k-5WT7Uw0hAFshg6FXkm3zQkSXpKFeVoZ6XuHl_kg504wGmq6wP3AYC95Nayd777Za-mQf13AsoKlfOcukMu2luO1-_Ex8_5DH2zasmZp7tDTput8sS7p0CjyMZeY_v2d8BAIKTBIQsnSawNOyynLW1ScCCoRWtPvjdY6CyCBEEA1vWJqKngVjxahOfWrSZaBrTpocG28pMYiEfHDj2YrCbWQNTBp-6FHk8D19rzZNr7YARqjNzwkLFU0m978TEXnFVz6ZiNUR0AvR5ziIgTIPA_NNsChtazOKj_LpjpwWOhUSdV3L1MW1zw_sHVed7Bmopvy6SwxSMKJDTpC96LVCYyyn4v_PfKax2CaSIxCL97E1aqXsk4sJgn7ig-4aO9SYDidaDzaqi_GfLlITDI4c8pSr_3C_bHqrYpIzWGSEejk7GnKYHrtsYyW1nvTOAlF1GE0_eOsQEh0eeaNF-AjQBT6pLLCFN-X_i06OBTt0N-T9NVmxg4p9ovY4IX00gilHG8-rK0QXXzf5j3EMy_fU_RBIes4_0tlauMAL8R7xnOvc0NSsoz0cbUu6bucPKVM1nYu-ZBfXtNgZIks2XVaUJjWv4_HqxJcXj57sSuvETGHNoRe835JA5CSmbQllkwprb3bSU2Z2DmlviUd2JqzvCwFNCJ3RK_HYL5hoG0Y2OfDsk56izQJG07gduxnMm_VAiNvrMYGAE-rljFTIFshT_JnCbkTE4fPee9VxN32TZgXgnLy98PYwLCmMsaVJsxxh5fKFtFEHdbErfu04O0x4rBTZlT3Nu78WzwpUT6kP5tB5UButznVRq8XpHYH-RjqlHwVPkQsMKkfCje3sL89kH4lg3Z1eGYgwvKViZSUNilOEZZC4e-b9wC7X_oziNGpwsiZqDWFHSBhq8vNgQvtO47SXNEnovt2SBuzbL9rSBRyP7QamHFdGXCP_-jX1k46K7FuJJT4cpPSapyYI4BY05NpWaAqieuJRKvF7vQ_UJXwtN43LjQE2sU5w14E6mEn-B1CUyuTUCbdqB-OCy3so9R7NOx9CKoz3dg--QTrbHanVdsh7w7ScKXdeiuQCwTxUqn5KrDyPCuaOtqWWrOB8oq78JnxdKHSqPL2D8Q0bXztkw15mycwAi_8T8KbYopL_lEIMl6lFmz5xWHA7hvqndp1-Aq44omgb4gIajWeeDJ9ma5lXtmy6ekCAxIehEFoKMhsxVVIS0Z3CJfSPiGhkphXjWGyfRETzQgWt_-auvadnmY72oMUTUm3X8cMi0p3cYLSazB3tt6jsDiTpo_fHVnomkmtMWHMEgkfWfQOauuzXTNAhIlqBS6FiuMyQZRhC29ncZkpmXgROxBXRNVNzqdJk9dNJlgYQrP9q6_9K1BEvFyFnu5L2oxVj84pnOjWsGfSYO-YkVrlcJjODgv5OP4qGBtJdG70tixYbrDOoPovErDdM61OgAUhaPd7xT62vAGELx5D42I1-sE0d7n9QQGvPwOcrqvEvuLb3gXN94qvK4_cay3k8Bcx7EkS7Y49807_RoxbdVKcUduomO4OoClt2Rm-msqZ2xpC5fb_hpCfS-r517hXvWSJoMWIAtTCKwTR2KPmaqLwB1e8I-mqeKhgINZDzHA7WWOaT9HD8BanTw-hnSRjOirAZI3BVVH9kCXkBRAB_bnPSdTsk3jlIL3Z-GGSNEfwVrhOKam8O-Tn091__wYHRe870HAIJtbt6GKBMvHeAKW1Wt3DWgNoLsu05buDPVBks8HfaghsvE3OjmgjB2O0l1wB4roKi0_OjQzgZu8TT5wTRiqpYL1n2Vnf4S8aw-kEfPW7NZ1j_7VT72DOvH1spjS-TCnO4N8cVQ6_imaFuUoiBCK5W9w2GtmBMVteNCRShrzJZ07Nwq2Am6CA_Uh2bo_YjVQGKbSPuk1E8S_rpV2RFPfkZNaUvTMK0Bda6OjIa9zaywefDqzlbgFI-LbylbNNA0GeYAzsi2lqu-Hwal0tjF9D6hu-OXW2kzCVLTWwIOi-dCS51d8T7uxugMXk9q2L0-ZhBtVqUyCbL9qssxpsRe2SsG0PzkBw9Hs7bpqefgoyhcmGP8OSQ5Wj_gXf0ZHkTpYBMU0aiRrX4fhAHQGBbZ8iLjBbqq73mDJEmpu2ntTp4-Kq1BapockBDxKChDIhoiRiR-Ngbr2Unv0XC4Aa6egD6mbT8EWup7DR3uRkobc6jSpvfMBT8By9nnYQcOTF5G1nio69VZFbrzKk-lj_dt7SDCT3hAhPjJhplprSvOQRASDzCZL7j308t46yGR2ToSd4kCc5Yh3D7KaTu-_aYz6dkasNEh2VXBTPyCXBEu6UpnzmkP5Wd-skuEejaPlHEnfNZD_A0RX9i64HmEyqJ1_XcQJXByDIJlm1AKjJ7dVOvQtJ1d2J6idKX7WfNPNZJAGpT15vE_ZkXjrDE1joBvF-isSOl1-UnExNquTPtsIsLUNeI3oZyEgxaTXVbwpRFeD64_XIjqLVv4HB_mSql2L1i5qiS5tKFizqc8AIBtNhG7JUy-kOhN4bMFFQ6_EozG6i1AW2JgILVjgux1uRx_A2C9P2vpSgOUDLihUqO59bffePoIFz5utQNntEXs4rg5rCT9gJakMWDbzGPu4fwgNj6PfM9R67xFYE1nZdISq31NDjdLB7vr6qZnKTTaR2vE8uaOOjzo6eK1i192SToWUa8bifghXb9z9t-M1It5KqwhUKQypwQwd7kxMaCGFZyXTSxR5qqEqJD9mLylmhanUR09wEfmqHo3BSIt08pLSzQv_bjT2NOUOZYdEAm5QtuBE0B_JdX41Y1ymwRXvyY22p1vk-bY3xJ63Ixx2On6I7lq8l_nnIpHgIDMI-O3TAzrJ0Z1qDzEY9birWK-K4_pfPePxfl8jkw6aE8GEVdq3ETZIM5wkmVYNYft4qraGAir2B38cY3jenfovbfgsFdfIGR4yElPEage52u5rCArWtTk-Y7mHi24dJPGc8q2-GFUdXXFpILYVYMJ5mDQqVxKtcnS5wdNsYzw8UWo0i_FhQUt3nHUyGH7wAKZs45gQvZLOm-ptGlwXw52KIRe-NR_NSag3Pqzb2GzPwKZRyANpOjKqMV3v1imIn_eRUeqXoQUx5-732INw&cid=CAQSPADICaaNNelxRp5t9j98Olv4uiTGKt6Fab_kEYG8j83bJiU-4EUZYdtPlDiBWnHPQ_t4RrjmWoq9RwbXxBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.now.com&ds=l&xdt=1&iif=1&cor=15489620897831390000&adk=3128334205&idt=138&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69f40a6bbddef7dfa8ad440410cab4b606e394e81aa76bea369ee32cc1a62096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4911 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
203457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Oct 2024 09:09:18 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7636 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
Origin
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Oct 2023 02:22:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/ Frame 7636 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTsHARzyJpgUS_S_zIw9-jSEnsj0_NZzUQJaA_tyaEPAdklEtPpAuuFQqHpsp2szdIgn9pH8pte-ffox830gYC8KJiNTFcC-sEKyRbFSLL6RwqzfzKyal14efERQKJE0JjNMRv8Pc0KC6Xe5gNelORmhfbx7SEOS0UcxtYc-TSkO_uhtU&cry=1&dbm_d=AKAmf-BJKdyCnwOH0SytuJ5o6Qy5xVn10-2vAwAYAgowG7BRUJU3MIglytr1YnQ4r2qBpfyLmNh5kbEb7B-gN_dyPgS3gFapF3GqNDui6Mufa7krakbwCiBocUq0ceXJ1ktdxml1mDo8MYHzTYm3y0ae3LjOT7889eD4179-_Uxty6ucdoNSSWg4SQ2YNIkwfmx6st6hE0QfOIroiHp2cPe0-Q3AlCbN7zK8WFL_wxGQWbPR0wLUnLbNyUUNrrDe2lZ95zXo1JuvIo6XMhaZF0lK28w2xQo6yrcFOn5jr-eDeq9tZ4B1NBMXNwx5sdTJ-PSFcXeyjApCuTsrUocWKwdHDo3EJxFHKsu4gFjbJ14VehkI1IgOjGrNGIGW6FlMH1E6aBlw7p_ulucWxX_WS2SM_Uc2ONG1whZbqcVSH35MNv3fMnoQS17tZru6fk5UeVQCLlCVvzoctD5TlslwhzNg2u9x5ffFxbUood2jxv0B-4qMJySrN82oMhXk1qEdXP78BjmbWWKM20Y5bzx0NCJWWGDKCR1QI66GVwwwgfwNg9i8FxG0QLm4cuycL_Z2aPVbYDltKMfZ2_cjCfKaYtMZhupTK8oFw5oFviyjNlpib4IWkX2p3DAZR06l4e8JrUg_VJwqFF6_ZvMRDrM8SRx2iZ9Jj1ybf8ocN_R9VXqAl6pn3hArQP5RjOd2jI-EfU0J5zMhDRKt4yylKl1aDfSy2gihT0nNJX4YqByyHlGJIGj439KInQgyoYz0QDqbqNBC_SQq546m-CXxcP9mliE3s34d0MsYo5b7YPeGt1x4Fp2tTkdaAg-grWtI2khPezaIk2IEoCCEt7r312iTdQ_6GYT_3N7KRK74DjDofX1pSmQpqhSwcjs3GZMkdVIKnRadDkxsp7Z52u511iaxHJUpnVKe9sDh6LuZcXiKksEa-mCW1buanUd6Zga9BoTFPNuGZYeGJWjIOwALmJ0xikEMO2yGg5k-5WT7Uw0hAFshg6FXkm3zQkSXpKFeVoZ6XuHl_kg504wGmq6wP3AYC95Nayd777Za-mQf13AsoKlfOcukMu2luO1-_Ex8_5DH2zasmZp7tDTput8sS7p0CjyMZeY_v2d8BAIKTBIQsnSawNOyynLW1ScCCoRWtPvjdY6CyCBEEA1vWJqKngVjxahOfWrSZaBrTpocG28pMYiEfHDj2YrCbWQNTBp-6FHk8D19rzZNr7YARqjNzwkLFU0m978TEXnFVz6ZiNUR0AvR5ziIgTIPA_NNsChtazOKj_LpjpwWOhUSdV3L1MW1zw_sHVed7Bmopvy6SwxSMKJDTpC96LVCYyyn4v_PfKax2CaSIxCL97E1aqXsk4sJgn7ig-4aO9SYDidaDzaqi_GfLlITDI4c8pSr_3C_bHqrYpIzWGSEejk7GnKYHrtsYyW1nvTOAlF1GE0_eOsQEh0eeaNF-AjQBT6pLLCFN-X_i06OBTt0N-T9NVmxg4p9ovY4IX00gilHG8-rK0QXXzf5j3EMy_fU_RBIes4_0tlauMAL8R7xnOvc0NSsoz0cbUu6bucPKVM1nYu-ZBfXtNgZIks2XVaUJjWv4_HqxJcXj57sSuvETGHNoRe835JA5CSmbQllkwprb3bSU2Z2DmlviUd2JqzvCwFNCJ3RK_HYL5hoG0Y2OfDsk56izQJG07gduxnMm_VAiNvrMYGAE-rljFTIFshT_JnCbkTE4fPee9VxN32TZgXgnLy98PYwLCmMsaVJsxxh5fKFtFEHdbErfu04O0x4rBTZlT3Nu78WzwpUT6kP5tB5UButznVRq8XpHYH-RjqlHwVPkQsMKkfCje3sL89kH4lg3Z1eGYgwvKViZSUNilOEZZC4e-b9wC7X_oziNGpwsiZqDWFHSBhq8vNgQvtO47SXNEnovt2SBuzbL9rSBRyP7QamHFdGXCP_-jX1k46K7FuJJT4cpPSapyYI4BY05NpWaAqieuJRKvF7vQ_UJXwtN43LjQE2sU5w14E6mEn-B1CUyuTUCbdqB-OCy3so9R7NOx9CKoz3dg--QTrbHanVdsh7w7ScKXdeiuQCwTxUqn5KrDyPCuaOtqWWrOB8oq78JnxdKHSqPL2D8Q0bXztkw15mycwAi_8T8KbYopL_lEIMl6lFmz5xWHA7hvqndp1-Aq44omgb4gIajWeeDJ9ma5lXtmy6ekCAxIehEFoKMhsxVVIS0Z3CJfSPiGhkphXjWGyfRETzQgWt_-auvadnmY72oMUTUm3X8cMi0p3cYLSazB3tt6jsDiTpo_fHVnomkmtMWHMEgkfWfQOauuzXTNAhIlqBS6FiuMyQZRhC29ncZkpmXgROxBXRNVNzqdJk9dNJlgYQrP9q6_9K1BEvFyFnu5L2oxVj84pnOjWsGfSYO-YkVrlcJjODgv5OP4qGBtJdG70tixYbrDOoPovErDdM61OgAUhaPd7xT62vAGELx5D42I1-sE0d7n9QQGvPwOcrqvEvuLb3gXN94qvK4_cay3k8Bcx7EkS7Y49807_RoxbdVKcUduomO4OoClt2Rm-msqZ2xpC5fb_hpCfS-r517hXvWSJoMWIAtTCKwTR2KPmaqLwB1e8I-mqeKhgINZDzHA7WWOaT9HD8BanTw-hnSRjOirAZI3BVVH9kCXkBRAB_bnPSdTsk3jlIL3Z-GGSNEfwVrhOKam8O-Tn091__wYHRe870HAIJtbt6GKBMvHeAKW1Wt3DWgNoLsu05buDPVBks8HfaghsvE3OjmgjB2O0l1wB4roKi0_OjQzgZu8TT5wTRiqpYL1n2Vnf4S8aw-kEfPW7NZ1j_7VT72DOvH1spjS-TCnO4N8cVQ6_imaFuUoiBCK5W9w2GtmBMVteNCRShrzJZ07Nwq2Am6CA_Uh2bo_YjVQGKbSPuk1E8S_rpV2RFPfkZNaUvTMK0Bda6OjIa9zaywefDqzlbgFI-LbylbNNA0GeYAzsi2lqu-Hwal0tjF9D6hu-OXW2kzCVLTWwIOi-dCS51d8T7uxugMXk9q2L0-ZhBtVqUyCbL9qssxpsRe2SsG0PzkBw9Hs7bpqefgoyhcmGP8OSQ5Wj_gXf0ZHkTpYBMU0aiRrX4fhAHQGBbZ8iLjBbqq73mDJEmpu2ntTp4-Kq1BapockBDxKChDIhoiRiR-Ngbr2Unv0XC4Aa6egD6mbT8EWup7DR3uRkobc6jSpvfMBT8By9nnYQcOTF5G1nio69VZFbrzKk-lj_dt7SDCT3hAhPjJhplprSvOQRASDzCZL7j308t46yGR2ToSd4kCc5Yh3D7KaTu-_aYz6dkasNEh2VXBTPyCXBEu6UpnzmkP5Wd-skuEejaPlHEnfNZD_A0RX9i64HmEyqJ1_XcQJXByDIJlm1AKjJ7dVOvQtJ1d2J6idKX7WfNPNZJAGpT15vE_ZkXjrDE1joBvF-isSOl1-UnExNquTPtsIsLUNeI3oZyEgxaTXVbwpRFeD64_XIjqLVv4HB_mSql2L1i5qiS5tKFizqc8AIBtNhG7JUy-kOhN4bMFFQ6_EozG6i1AW2JgILVjgux1uRx_A2C9P2vpSgOUDLihUqO59bffePoIFz5utQNntEXs4rg5rCT9gJakMWDbzGPu4fwgNj6PfM9R67xFYE1nZdISq31NDjdLB7vr6qZnKTTaR2vE8uaOOjzo6eK1i192SToWUa8bifghXb9z9t-M1It5KqwhUKQypwQwd7kxMaCGFZyXTSxR5qqEqJD9mLylmhanUR09wEfmqHo3BSIt08pLSzQv_bjT2NOUOZYdEAm5QtuBE0B_JdX41Y1ymwRXvyY22p1vk-bY3xJ63Ixx2On6I7lq8l_nnIpHgIDMI-O3TAzrJ0Z1qDzEY9birWK-K4_pfPePxfl8jkw6aE8GEVdq3ETZIM5wkmVYNYft4qraGAir2B38cY3jenfovbfgsFdfIGR4yElPEage52u5rCArWtTk-Y7mHi24dJPGc8q2-GFUdXXFpILYVYMJ5mDQqVxKtcnS5wdNsYzw8UWo0i_FhQUt3nHUyGH7wAKZs45gQvZLOm-ptGlwXw52KIRe-NR_NSag3Pqzb2GzPwKZRyANpOjKqMV3v1imIn_eRUeqXoQUx5-732INw&cid=CAQSPADICaaNNelxRp5t9j98Olv4uiTGKt6Fab_kEYG8j83bJiU-4EUZYdtPlDiBWnHPQ_t4RrjmWoq9RwbXxBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.now.com&ds=l&xdt=1&iif=1&cor=15489620897831390000&adk=3128334205&idt=138&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:58:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
56490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:58:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/ Frame 7636 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231024/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTsHARzyJpgUS_S_zIw9-jSEnsj0_NZzUQJaA_tyaEPAdklEtPpAuuFQqHpsp2szdIgn9pH8pte-ffox830gYC8KJiNTFcC-sEKyRbFSLL6RwqzfzKyal14efERQKJE0JjNMRv8Pc0KC6Xe5gNelORmhfbx7SEOS0UcxtYc-TSkO_uhtU&cry=1&dbm_d=AKAmf-BJKdyCnwOH0SytuJ5o6Qy5xVn10-2vAwAYAgowG7BRUJU3MIglytr1YnQ4r2qBpfyLmNh5kbEb7B-gN_dyPgS3gFapF3GqNDui6Mufa7krakbwCiBocUq0ceXJ1ktdxml1mDo8MYHzTYm3y0ae3LjOT7889eD4179-_Uxty6ucdoNSSWg4SQ2YNIkwfmx6st6hE0QfOIroiHp2cPe0-Q3AlCbN7zK8WFL_wxGQWbPR0wLUnLbNyUUNrrDe2lZ95zXo1JuvIo6XMhaZF0lK28w2xQo6yrcFOn5jr-eDeq9tZ4B1NBMXNwx5sdTJ-PSFcXeyjApCuTsrUocWKwdHDo3EJxFHKsu4gFjbJ14VehkI1IgOjGrNGIGW6FlMH1E6aBlw7p_ulucWxX_WS2SM_Uc2ONG1whZbqcVSH35MNv3fMnoQS17tZru6fk5UeVQCLlCVvzoctD5TlslwhzNg2u9x5ffFxbUood2jxv0B-4qMJySrN82oMhXk1qEdXP78BjmbWWKM20Y5bzx0NCJWWGDKCR1QI66GVwwwgfwNg9i8FxG0QLm4cuycL_Z2aPVbYDltKMfZ2_cjCfKaYtMZhupTK8oFw5oFviyjNlpib4IWkX2p3DAZR06l4e8JrUg_VJwqFF6_ZvMRDrM8SRx2iZ9Jj1ybf8ocN_R9VXqAl6pn3hArQP5RjOd2jI-EfU0J5zMhDRKt4yylKl1aDfSy2gihT0nNJX4YqByyHlGJIGj439KInQgyoYz0QDqbqNBC_SQq546m-CXxcP9mliE3s34d0MsYo5b7YPeGt1x4Fp2tTkdaAg-grWtI2khPezaIk2IEoCCEt7r312iTdQ_6GYT_3N7KRK74DjDofX1pSmQpqhSwcjs3GZMkdVIKnRadDkxsp7Z52u511iaxHJUpnVKe9sDh6LuZcXiKksEa-mCW1buanUd6Zga9BoTFPNuGZYeGJWjIOwALmJ0xikEMO2yGg5k-5WT7Uw0hAFshg6FXkm3zQkSXpKFeVoZ6XuHl_kg504wGmq6wP3AYC95Nayd777Za-mQf13AsoKlfOcukMu2luO1-_Ex8_5DH2zasmZp7tDTput8sS7p0CjyMZeY_v2d8BAIKTBIQsnSawNOyynLW1ScCCoRWtPvjdY6CyCBEEA1vWJqKngVjxahOfWrSZaBrTpocG28pMYiEfHDj2YrCbWQNTBp-6FHk8D19rzZNr7YARqjNzwkLFU0m978TEXnFVz6ZiNUR0AvR5ziIgTIPA_NNsChtazOKj_LpjpwWOhUSdV3L1MW1zw_sHVed7Bmopvy6SwxSMKJDTpC96LVCYyyn4v_PfKax2CaSIxCL97E1aqXsk4sJgn7ig-4aO9SYDidaDzaqi_GfLlITDI4c8pSr_3C_bHqrYpIzWGSEejk7GnKYHrtsYyW1nvTOAlF1GE0_eOsQEh0eeaNF-AjQBT6pLLCFN-X_i06OBTt0N-T9NVmxg4p9ovY4IX00gilHG8-rK0QXXzf5j3EMy_fU_RBIes4_0tlauMAL8R7xnOvc0NSsoz0cbUu6bucPKVM1nYu-ZBfXtNgZIks2XVaUJjWv4_HqxJcXj57sSuvETGHNoRe835JA5CSmbQllkwprb3bSU2Z2DmlviUd2JqzvCwFNCJ3RK_HYL5hoG0Y2OfDsk56izQJG07gduxnMm_VAiNvrMYGAE-rljFTIFshT_JnCbkTE4fPee9VxN32TZgXgnLy98PYwLCmMsaVJsxxh5fKFtFEHdbErfu04O0x4rBTZlT3Nu78WzwpUT6kP5tB5UButznVRq8XpHYH-RjqlHwVPkQsMKkfCje3sL89kH4lg3Z1eGYgwvKViZSUNilOEZZC4e-b9wC7X_oziNGpwsiZqDWFHSBhq8vNgQvtO47SXNEnovt2SBuzbL9rSBRyP7QamHFdGXCP_-jX1k46K7FuJJT4cpPSapyYI4BY05NpWaAqieuJRKvF7vQ_UJXwtN43LjQE2sU5w14E6mEn-B1CUyuTUCbdqB-OCy3so9R7NOx9CKoz3dg--QTrbHanVdsh7w7ScKXdeiuQCwTxUqn5KrDyPCuaOtqWWrOB8oq78JnxdKHSqPL2D8Q0bXztkw15mycwAi_8T8KbYopL_lEIMl6lFmz5xWHA7hvqndp1-Aq44omgb4gIajWeeDJ9ma5lXtmy6ekCAxIehEFoKMhsxVVIS0Z3CJfSPiGhkphXjWGyfRETzQgWt_-auvadnmY72oMUTUm3X8cMi0p3cYLSazB3tt6jsDiTpo_fHVnomkmtMWHMEgkfWfQOauuzXTNAhIlqBS6FiuMyQZRhC29ncZkpmXgROxBXRNVNzqdJk9dNJlgYQrP9q6_9K1BEvFyFnu5L2oxVj84pnOjWsGfSYO-YkVrlcJjODgv5OP4qGBtJdG70tixYbrDOoPovErDdM61OgAUhaPd7xT62vAGELx5D42I1-sE0d7n9QQGvPwOcrqvEvuLb3gXN94qvK4_cay3k8Bcx7EkS7Y49807_RoxbdVKcUduomO4OoClt2Rm-msqZ2xpC5fb_hpCfS-r517hXvWSJoMWIAtTCKwTR2KPmaqLwB1e8I-mqeKhgINZDzHA7WWOaT9HD8BanTw-hnSRjOirAZI3BVVH9kCXkBRAB_bnPSdTsk3jlIL3Z-GGSNEfwVrhOKam8O-Tn091__wYHRe870HAIJtbt6GKBMvHeAKW1Wt3DWgNoLsu05buDPVBks8HfaghsvE3OjmgjB2O0l1wB4roKi0_OjQzgZu8TT5wTRiqpYL1n2Vnf4S8aw-kEfPW7NZ1j_7VT72DOvH1spjS-TCnO4N8cVQ6_imaFuUoiBCK5W9w2GtmBMVteNCRShrzJZ07Nwq2Am6CA_Uh2bo_YjVQGKbSPuk1E8S_rpV2RFPfkZNaUvTMK0Bda6OjIa9zaywefDqzlbgFI-LbylbNNA0GeYAzsi2lqu-Hwal0tjF9D6hu-OXW2kzCVLTWwIOi-dCS51d8T7uxugMXk9q2L0-ZhBtVqUyCbL9qssxpsRe2SsG0PzkBw9Hs7bpqefgoyhcmGP8OSQ5Wj_gXf0ZHkTpYBMU0aiRrX4fhAHQGBbZ8iLjBbqq73mDJEmpu2ntTp4-Kq1BapockBDxKChDIhoiRiR-Ngbr2Unv0XC4Aa6egD6mbT8EWup7DR3uRkobc6jSpvfMBT8By9nnYQcOTF5G1nio69VZFbrzKk-lj_dt7SDCT3hAhPjJhplprSvOQRASDzCZL7j308t46yGR2ToSd4kCc5Yh3D7KaTu-_aYz6dkasNEh2VXBTPyCXBEu6UpnzmkP5Wd-skuEejaPlHEnfNZD_A0RX9i64HmEyqJ1_XcQJXByDIJlm1AKjJ7dVOvQtJ1d2J6idKX7WfNPNZJAGpT15vE_ZkXjrDE1joBvF-isSOl1-UnExNquTPtsIsLUNeI3oZyEgxaTXVbwpRFeD64_XIjqLVv4HB_mSql2L1i5qiS5tKFizqc8AIBtNhG7JUy-kOhN4bMFFQ6_EozG6i1AW2JgILVjgux1uRx_A2C9P2vpSgOUDLihUqO59bffePoIFz5utQNntEXs4rg5rCT9gJakMWDbzGPu4fwgNj6PfM9R67xFYE1nZdISq31NDjdLB7vr6qZnKTTaR2vE8uaOOjzo6eK1i192SToWUa8bifghXb9z9t-M1It5KqwhUKQypwQwd7kxMaCGFZyXTSxR5qqEqJD9mLylmhanUR09wEfmqHo3BSIt08pLSzQv_bjT2NOUOZYdEAm5QtuBE0B_JdX41Y1ymwRXvyY22p1vk-bY3xJ63Ixx2On6I7lq8l_nnIpHgIDMI-O3TAzrJ0Z1qDzEY9birWK-K4_pfPePxfl8jkw6aE8GEVdq3ETZIM5wkmVYNYft4qraGAir2B38cY3jenfovbfgsFdfIGR4yElPEage52u5rCArWtTk-Y7mHi24dJPGc8q2-GFUdXXFpILYVYMJ5mDQqVxKtcnS5wdNsYzw8UWo0i_FhQUt3nHUyGH7wAKZs45gQvZLOm-ptGlwXw52KIRe-NR_NSag3Pqzb2GzPwKZRyANpOjKqMV3v1imIn_eRUeqXoQUx5-732INw&cid=CAQSPADICaaNNelxRp5t9j98Olv4uiTGKt6Fab_kEYG8j83bJiU-4EUZYdtPlDiBWnHPQ_t4RrjmWoq9RwbXxBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnews.now.com&ds=l&xdt=1&iif=1&cor=15489620897831390000&adk=3128334205&idt=138&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 01:58:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
56490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 01:58:45 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7636 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
55069
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 02:22:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EF27 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 02:22:07 GMT
etag
48472445140208031
expires
Fri, 27 Oct 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7636 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bee1badf25378972395b0b89262b1a543b492c79c099847457794a4f12b7a461

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0E53 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55069
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 02:22:26 GMT
expires
Fri, 25 Oct 2024 02:22:26 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame EF27 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPZx2jfJI-7gjOeavVagQO0&google_cver=1&google_push=AXcoOmQOE_pelyTgki-zMB4Rblpqcz-ebPQzombrlAJ7hvRo1Te30nMa6n-PKW6V4utaFOx6xGVpwD4Ved0nx0ba6Mn5xdQra6A
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame EF27
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPeSZ6ERsXxlCwojuLnvcm4&google_cver=1&google_push=AXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeSZ6ERsXxlCwojuLnvcm4&google_cver=1&google_push=AXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8...
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeSZ6ERsXxlCwojuLnvcm4&google_cver=1&google_push=AXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81c47bbddc5891ef-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2416
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPeSZ6ERsXxlCwojuLnvcm4&google_cver=1&google_push=AXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTFbxdSR2U7_uVDB6CqZ-p4qEoNEV9mRXiGPzyi60IF6lIYeyJIEsTzGumFEwsXCaGzMQ3vactxxcgyFQkx5OeyEZDTdP8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81c47bbc6a6691ef-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EF27
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECvdEcQw7J3U4tmdK80ZUfk&google_cver=1&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_gyVepw
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECvdEcQw7J3U4tmdK80ZUfk&google_cver=1&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_g...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_gyVepw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_gyVepw
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsPyGF4By9Mw16ug-IA9uWpQm2WKLTEZzxHvHwT99ra3fyUYaFOwbSEHObxq07AXKzQDO4oDBiVDW25vn1QF8_gyVepw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame EF27
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF4d2H_FHQXzgsJHLwf0g4I&google_cver=1&google_push=AXcoOmS7JjL003_0N0VjWf_KsibBZ9tQvL9ejLKIm1zlX2ZSIUA-zdnCzw7B94dXddMPdZT7GIT...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83R1pGRVEtMVMtRzI2RA==&google_push=AXcoOmS7JjL003_0N0VjWf_KsibBZ9tQvL9ejLKIm1zlX2ZSIUA-zdnCzw7B94dXddMPdZT7GITZYBFy5Su2i2FoBWEjSgP4fQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83R1pGRVEtMVMtRzI2RA==&google_push=AXcoOmS7JjL003_0N0VjWf_KsibBZ9tQvL9ejLKIm1zlX2ZSIUA-zdnCzw7B94dXddMPdZT7GITZYBFy5Su2i2FoBWEjSgP4fQ
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83R1pGRVEtMVMtRzI2RA==&google_push=AXcoOmS7JjL003_0N0VjWf_KsibBZ9tQvL9ejLKIm1zlX2ZSIUA-zdnCzw7B94dXddMPdZT7GITZYBFy5Su2i2FoBWEjSgP4fQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
pixel
cm.g.doubleclick.net/ Frame EF27
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.targeting.unrulymedia.com/csync/RX-2590339b-5791-46c6-a4b8-ff440c35f3e6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQNj9VAZIq5DLHKwqCtV...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQNj9VAZIq5DLHKwqCtVux7xq3pAyQ0HJfc7k2YKTclHxQJNuqxWETb35X_9yZErtoC55PppqQ4QcJxHz-ukUMLVAYOLHk&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQNj9VAZIq5DLHKwqCtVux7xq3pAyQ0HJfc7k2YKTclHxQJNuqxWETb35X_9yZErtoC55PppqQ4QcJxHz-ukUMLVAYOLHk&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQNj9VAZIq5DLHKwqCtVux7xq3pAyQ0HJfc7k2YKTclHxQJNuqxWETb35X_9yZErtoC55PppqQ4QcJxHz-ukUMLVAYOLHk&google_hm=AyWQM5tXkUbGpLj_RAw18-Y
date
Thu, 26 Oct 2023 17:40:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2590339b579146c6a4b8ff440c35f3e6003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame EF27
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKBFYSLdS734v_zdNrfZJLE&google_cver=1&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aHpUuX-6gWHN2puGP_rvCIX4UyaLq6rjjOi0jLoVv6w4I
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aHpUuX-6gWHN2puGP_rvCIX4UyaLq6rjjOi0jLoVv6w4I...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODM2NjcxNTc1NzAwODUyODA2Ng%3D%3D&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODM2NjcxNTc1NzAwODUyODA2Ng%3D%3D&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aHpUuX-6gWHN2puGP_rvCIX4UyaLq6rjjOi0jLoVv6w4I
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUxODM2NjcxNTc1NzAwODUyODA2Ng%3D%3D&google_push=AXcoOmRvuN0RqpdDize3VnZFD9j0Jp31STp_Bt2iKPvezzi-iVqmZ8aHpUuX-6gWHN2puGP_rvCIX4UyaLq6rjjOi0jLoVv6w4I
date
Thu, 26 Oct 2023 17:40:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame EF27 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDTjZi8nUib-3hDA5wJOQ4s&google_cver=1&google_push=AXcoOmSvpcQR8dgI3zD6UjZpulMyStnUfS7DeoRZVzPdayaRoa4Z0ewnb_r1NF9c0P8btvhM_M7mbWLKx30KRWdDJgxA1d2vNXs
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.81.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame EF27 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkP5xc9Z69Uo2B1XZNfOKo-SZzAEasKbyBtpeHxiaWANGsQ2KfqCdmPmOtcgYopPShB0_04w
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKftRfqQ6Zb_kH5aA9u8Pn4Sn6A6e-qbDc-yB7c-2Esf43Zi6ARABIKK2oylglcKpgrAHoAG5ysWKA8gBCakCxy3vrC-1sT7gAgCoAwHIA8sEqgTcAk_QyxK-ZeK3-xWL3mT06x6GkCmjVMzwziGATqUcFz91OvlajaEKIr18smyHTGTQj_VmLchCP64ePMyoV0CpnWNw6bIPyHpJTARteey9FI0LnYy81sK63l5XzrEG0iu2iyC__XRM1KFG3VGWtBUe61Z3QeYxqYzbusCOx0mEcXNjlmYHDe-S2GHzfMT2thVQoT7DK4Ti_Wne0uMeB1S292ZB34Wv6xXAEk9E-H4HJb541htq5rgE2fGti4b3f6isLaRbAaqByWKJWzxqnc8VI5rZcWY5LJz6vQMf-3yg--zZxHbPW5IJE28IRWoHttfYHf3gqh38tciWTGRALwXsvKbfCfLgNuhmJE64T8TR1y72OLUFLjsC0Fs1d5Sz90bBVcHilT-uyh__i9TYLEB3-unQw6SrEUBJJQHDuo1f9qkHw91WTdwFOCePFuQKPgWmBezpqXwIX2bHz8pk08AEip69vL0E4AQBiAXp0YiXTJIFBAgEGAGSBQQIBRgEoAYugAe1o8B1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQou0k0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJH2h0dHBzOi8vd3d3LnBvY28uZGUvYy9wcm9zcGVrdGWACgPICwGYDIjAr7PMBKIMDCoKCgjktLEC7rWxAuINEwiN9OyDoZSCAxUWgP0HHR_CCe24E4ME2BMO0BUBgBcBshceChwIABIUcHViLTIyMDExMjE5MDUwOTA3MDEY4o0Y&sigh=r93vZJZlung&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNgdvbIZp9K7cMdozC7R_MbozDPg567H-npiwqe_BMT5E-TxlrnInsWAvsI6tfvhADlpQaawIEyhgB&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:40:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 4911
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CKftRfqQ6Zb_kH5aA9u8Pn4Sn6A6e-qbDc-yB7c-2Esf43Zi6ARABIKK2oylglcKpgrAHoAG5ysWKA8gBCakCxy3vrC-1sT7gAgCoAwHIA8sEqgTcAk_QyxK-ZeK3-xWL3mT06x6GkCmj...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224900255985545672250%22,%22debug_reporting%22:true,%22destination%22:%22https://poco.de%22,%22event_report_window%22:%22259...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224900255985545672250%22,%22debug_reporting%22:true,%22destination%22:%22https://poco.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827417913%22],%224%22:[%2210-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223765623889962958577%22}&andc=true
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"4900255985545672250","debug_reporting":true,"destination":"https://poco.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827417913"],"4":["10-26"],"6":["true"]},"priority":"500","source_event_id":"3765623889962958577"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 17:40:15 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4900255985545672250","debug_reporting":true,"destination":"https://poco.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827417913"],"4":["10-26"],"6":["true"]},"priority":"500","source_event_id":"3765623889962958577"}&andc=true
access-control-allow-origin
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
iReuXNJrLQNwx4hwZhnhj1hAEnrQ9LYCnPEKm4B4abc.js
pagead2.googlesyndication.com/bg/ Frame 6B8B 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iReuXNJrLQNwx4hwZhnhj1hAEnrQ9LYCnPEKm4B4abc.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8917ae5cd26b2d0370c788706619e18f5840127ad0f4b6029cf10a9b807869b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
142831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19635
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:59:44 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 4911 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
URL: https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f08cd9319dede0985a9f221040db4aec1825dfd27bffae15860802c095bdde95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
763
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23577
x-xss-protection
0
server
cafe
etag
13906420075785680935
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 18:27:32 GMT
iReuXNJrLQNwx4hwZhnhj1hAEnrQ9LYCnPEKm4B4abc.js
pagead2.googlesyndication.com/bg/ Frame 0E53 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iReuXNJrLQNwx4hwZhnhj1hAEnrQ9LYCnPEKm4B4abc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8917ae5cd26b2d0370c788706619e18f5840127ad0f4b6029cf10a9b807869b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 01:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
142831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19635
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:59:44 GMT
index.html
s0.2mdn.net/sadbundle/14223353841020637473/ Frame 87A8 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84a190bcc0b992356b49dd6a6aba66e47ce322ca43d36e2fe81cbca9000c1aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
170486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2899
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 18:18:49 GMT
expires
Wed, 23 Oct 2024 18:18:49 GMT
last-modified
Tue, 17 Oct 2023 14:21:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7636 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthrCoaLNeVI-titb2VZNF_BvKiY-JoCVX5MyqkdKJsKg9FMf5Y5pm62pKU-t0DWiZCNMZM3Cypi_v5Gl0WZTFJXuQLjupI8yTiuMfghAIj9dI9gDaHL878f-1zGEHDwD1SuCCLUyINnu4AWqQY55Y9NIG_WwpWkBmayWUhvOIPqvTfOewPOk_lfOHJWVOTWaM3Lg7h-I1DGgFMz0kusjnyXKcvwuN10paUpRzbWiAnzjRojuqN3JUSnNGddadfLn5yu9G59a8rLgsTO1pr_XZbK1Uhvn8hOLG4og9_VVddAiJvFuxKe6r35koQI5YBQ1c2SPp157-Ghqe8JejOzLY6YF87zMWMeeHd1yoRf7HP60C16rqFd1fsGDmrOu-Pp3V_UdiCRSW53rUmU4bk9KUgnxjYtN7b1uerKiGNl96UA5YO42ARWXYm-x7G1hWpBOwQP7YCwV9jN5eeJBL_pcxi4I6-Tjo9HZH2HvVyb6Ajs45iCWLmzKDR5MiTSdWB20inw_kWv9sSzg8Kmz4qTaqzGVn4xh9E8-jNn_IJT0vr6qtFMs08Xa_lv5pI2iFBXNtpvQ0GP56_5H-bZKSWPzAmNUUydAx-_-7cgpsoiClgeT1YpVmrDXmV21VtkZ7dqq_UqoIffMIdICGA_DWxnXFSu7c9N7gt06QhbFNNOMWGVNTg12HWiw65JS-a1SrGYxdtts6smL26GViDkmEy3e8zC7yb93cCyzo_hzkjtcX1seh6ZRLT_APrDDulIYE9aoh-wYdVNmtcGNZU_KXncWRYuafxX_EsnVhbC1xoTBT07Hu1iFKnWx-j6n4FNc4bg_RxEECiT3TDzN51-eQTzqko671yitpDUu09wF05iaFRUf5sNiTLDXrW4G3ABdfsCc_MaELypWNFIJAbJ-ohbJkvEf90BThedX5v-qUdqW4qwr57_5F-IMzSiaQ0JPRuK1q-O3K1DZcvNtlQjwOIs7lpFF2jNdm4TWUnviRwci5nCLQoe3xXzMqzefHxrLqHTYC7R1MyAKLCXt-BzKvgYm7su_GZbiDRWcQPEyptbFo455w2Q6r_6GysqrZOsHiUZrU3xm3V1sVxWCDgC81PzsAg1htgAgQ4GSDnkR1uqb4qE_AQe4swUGaGRsPPLe6vGKT_hzd5JnqELzTz90GAuzkqYXHukhYY7mTsGKnCFOKHCZm8wVL9Zrzxpi3QRjWqQA7koYwZZJoCUWqmJ9ncQCtX3EYEcKd_dctifmB6sx2QP29vSUoL7Wn65bP8yJf1Ni4mBvRFPMohjNwt9ZkfTX1BjKo08vkI2fDhW4Xq9PFtzs_e87apkcf2V5Pt1hqfU4vBWBLVsHAUr3DMCmzLlOEv8eSxBGu7I_9lIrbx830Vh4oEDwf_L2xla6PGGcQy9u8V2ikGhRW_YTp_&sai=AMfl-YQfeVxbx_u-dNx71WTyfBWDK-sJ2GKtjWMoReTTg_i9MeCGCZxwB8erwArT_ET4mt2VSlvSJKkSoEdvX7xkAEmx9v3yhxu5PtR8tfU3ZmDd7UfisqvbGFnvbZ4iqfaIB7YWV50CHsf4PbYhXZSS7Lr030xagYxPGaJu2FHARX7f7GxdVEqsy8_5mGXnhxjzctaPdtBFnMY6A77j3mjtQbQKQ3hhuS4bezI8_hb-mT5rYzy8yrhHO2GNHrd8rv0epBB1rtQ&sig=Cg0ArKJSzHwGW3DG6neVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=180&cisv=r20231024.15228&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 4911 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lo7gzhz7&chm=1&c=540934388131266&ctx=2&qqid=CL-b7oOhlIIDFRaA_QcdH8IJ7Q&met.4=fb.1y~cmrload.3w~lb.3w~ol.b2~idt.-5t~dt.-d8&met.3=492.27_1~733.4r~748.56~742.4r_f~739.5t~555.63~556.63_2~738.az~749.az_2~736.b3~735.b6_1~740.b7~113.ds_4~112.ds_4&met.1=1.lo7gzhlf~6.0~7.0~8.0~9.0~10.0~12.1~13.15~14.16~15.1c~16.5s~17.5s~18.5t~19.as~20.as~21.b1~22.2u~23.2u&met.7=CBsQCBgBKAEwKjiOA2gCcCl4iReAAd0UiAGSMLABAbgBAw~CBIQBxgBIEcoRzDRATiKAVBIWJ4BYG5onwFw0AF43AuAAbAJiAHtbaoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIE8oTzB4OCloT3B3eMoIgAGeBogBkg2wAQG4AQM~CAkQChgBIFAoUDB8OCxoUHB4eN1JgAGxR4gB-LcBsAEBuAED~CB4QChgBIFAoUDB8OCxoUXB6eIAMgAHUCYgBgRWwAQG4AQM~CBwQBRgBIFEoUTB9OCxoUnB7eJYHgAHqBIgBlgmwAQG4AQM~CBwQChgBIFEoUTCCATgwaFJwfHiWRIAB6kGIAZGfAbABAbgBAw~CE0QChgBIFMoUzCnAThUaFNwlgF4ytgDgAGe1gOIAdfbC7ABAbgBAw~CBsQChgBIFMoUzDZATiGAQ~CBsQAhgBIFcoVzDlAjiOAg~CCgQChgBIJEDKJEDMLsDOCpokQNwuAN4xboBgAGZuAGIAansA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 87A8 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 17:40:15 GMT
css2
fonts.googleapis.com/ Frame 87A8 		2 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 17:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 17:07:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 17:40:15 GMT
avoury-728x90.js
s0.2mdn.net/sadbundle/14223353841020637473/ Frame 87A8 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14223353841020637473/avoury-728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4c5510ea6b7063e9f8b5ee5860707bca6f81554c74cd54b242b2a6d7f483ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 18:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6627
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:21:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Oct 2024 18:18:49 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224900255985545672250%22,%22debug_reporting%22:true,%22destination%22:%22https://poco.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827417913%22],%224%22:[%2210-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223765623889962958577%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:40:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E53 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeMCLf6Q6ZceICteXjuwP6seGyAUAAAAAOAHgBAI&bg=!EBOlE1zNAAZazIPFesw7ADQBe5WfOIE3VuEx-RqAi1lbr4hglwTB2IGXq48Cyyae88K1YfHICwwrfHwzR3rJwhQbZxYQAgAAAEpSAAAAA2gBB5kDOVGQElgNmW2feXaF8S1xIzkH__VpWP2ZfcNEVOo8BCIzYENrSE8g5stEkVHZtkNlNd0PY2jUNwkUx42R_L2Rm_cRxMOFBz_ITSPsmNn4tK9vDRuSercNmDa2fMgDEv96c4ddwcxEkqo_2D7f9LPekUccRv6wdjrTKLsVEA6rfQ08MAGN1-FPUi0j9Rz54cab9BST_b2nAWg2tDqtOi4VSI-t7hUQQEjCzVrWpCFe4bMtDZLv81jODtSdSjI9zdbvCEoFziZmuAEH1j4adJlzIoSSsU2O2M6V6dMYpJ8RCqaCLUNkPMBEyFyprISMcpiCz0Ssfk-h4qyaXfYwfCBtls1YWhiZscUnRQFFAt51BvrnpPauPQO0qFQTZqzXiukn3wIfSMraABPqSmhv4IOWZw2uQ3o1U242_VX0Bwj9_bRgM056aMZ5UtZQma58v5YqC8dF0ApmCIHebYuI_AEsW55YSvQuaOBYXsVdg00A3kl4mCMTGUjDLIuEIPvjYI8SjQyrtv2oNQ_E61H9UML7eD0eE-HzNobr7BQyYcMCF3J4ZSLVTGI7yCigm3-v6kQI0sDrf9vDVsBWFh9ta62OcMVg5y3IIQ7cO0bA5AcVOtB6uU1x90Kdf2IWRfVgZmAsrtn5QQHLjJ8eTPOlMmr4cgQ4nMvLpslViDWHO4suT-P2oTpdZqHAMh_5UR6WHpcwRuZK1Mpnmbp-3WFEmG3RkPh_QMjYahnFUTemEdX1qrht2AnrhGp0T4cxBmbHxptZnoiGMczLYrae7kZ066ArCBxv2S8OUSCEgFH3qP0XNZb8x_0nsqD9mTCJ5kJmFfj0LgWiR0oZ8BhyLIjknobZmaekZ9ftLz6fJb0WESbtsfRuX9ykpP1KaxldRc5f20E9WdkxaC0yDYTp--GP9APnpslfgjYzMGGOyNNzwlKbN9F5VDvqIk1o14vMbPe6ByHld-VE7SqGyjPO-ddy0oTw0Ict_tNYXFLizBFVhLi_mK2xakiEIs49CEmsLDNbz0QTSNZ2mGFvC5Oslcl5UhgGFUB5eMPZd4uAunA_XSL2wd4qv3Cexyv3XB3vaUfBXqM8JKCPOJM-w428VA
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8C6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=540934388131266&bg=!mJulm9TNAAZRemZlcXo7ADQBe5WfOBAQwQnsAxal_GIIOJfiXMB-zfkoRDyBFsVJRlHaOvlXXX8rpcsyzVNocASfUvgIAgAAALhSAAAAA2gBB5kC9kAEECCiEar3NYYmDcvVdnpM8UpmJ8aQEL2R-mvNb8_PnMFlsIWIT9R7XaGqAuzZEh0EKEEyjfJAb9KPHxT9Y5X-ydx2EOwCOcCv7Q7CJTHY-BzXUFMuCQcEYSYSfIBqrHoSSJaqGAvtsB9K2hIe-3NKE4LJX7mOYfEJ328RSAAib51d_qP9r0Ja3pT-h8pTJYAii-J4IwNJyjyZGvCcP84F57RPtke66SpZNgAu9EYffxFvB74G7Xa9LN76vtyb-wc9KBDi7muXbFVfCRVIzge8__Ef00bllsrNs8BSlOPxiPrtvxcQYQNq8fXWb5loVp0K6PHtS4-jWqNTratWYg5cb4qXsAcs5yNAECXX0rmeNFs46SLbjjURUST5I-JLAyVVRVSmNSLScf-CO_V3yo8_vr2i0em_lps6sAjYWmy6EafhEha1kcFOoMZ0ZXFfuLhXRRnclncufXXbJFgoR6s_q_PJUt7HsReYF_e1Wo0QCpvKLLv2QQNrOqyH5MGMdMzqIHEBCP8xEo5Vl0JcvExivAvGHLlXzL-squ3aGelaFlaLHDhDefdQd__VGQ8NoUjPQ52f9Z4f7xKmCCiIMa3_Ha7KusYoah-B3sUiGONfdHUaCVYnT7eHrKZd3ihw39aIkaO3jLG5FcWpC7L98YYIhUXevFftpRuJhPOGCs-7x6LN03mSQ8DWE_D-j4sNOV8KWq23Q8-6aRlTsaOmPPh9YBz4b8QX7oawiUIggHLpU-huwIuXXYhKxqY59QYLSI9ODLN6n3DpOmCz-4HIo_qA7OeYj0L9oNVBuZDLJZxH2wgSLPvHtf4mYKL76T8Qu62S7LixpbhUKgNe3jAqBE3fVJpgc5-svXBqVEN_TH42LfXbl_B7PvVFW50NZnkfYHxrDJPhepekz6l5Kb0KotR06LtDhFHS4p9u153BiMqPvW0CwrwnA519Jv_XdvFeyUMCBIm2CcoTUVBxE--9Z1iNmr4GJH2unEEfPWaHjjYXvvek5WvE
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 03D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310230101&jk=2617216174833715&bg=!GxilGFfNAAZRemZlcXo7ADQBe5WfOKYYmhVZYFIa05NG3pM8F7x7nXsiVExzcFi12D-JERkbDB1Z2SRSQIWO23Uk73UYAgAAAKRSAAAAA2gBB5kC4xC6oH9ihzF1D2XjuWueTuT-fKcVZfh1oO6Ea-oZQGP0OC47I7HuAoRtoqdQCLda4wexz3t8_ACcbTYC9Q-GGUphxVLdqKssfAMSwieHdMiKPe2hM_WJsgjy3OLNU0qYJW70VbNaxPH-by937HzNk3FWkOVhPfLPIFRH37n8_ywVFoM7O-GbTwPCXH6zbNu34AxqLwmWM1YqtJ_SNcVfKbFr5PaHx9OfMyRgP3fLb6T9osJjgTN3VeMmeauz6scQP9WUiAXs61WNY6ixxH1XS-dEaT2PK0WY2RuMXFl6WYT3FK_jiDZNUg4LrAHPJsYFbzhkculXCHkwtsPMJt2CdgzC_Hcssnwc2jmCKIOz4zSgWcQPcmLQQne4VNVJk6JgQdf7Um-Nwx9mjAVZlsz4xfXa9gbVQa8jfr38ZBa5nONcR7z53BSeHP5c9X-aXlGDrH9zh7vBDTT4Y7EEUU32v-F64ngrma348xzj9iez49wCG20QEVbO7d6gQjBsp2rmcQI8M9UHc78WampUcAoyse4HDLtcIkphA_6_FtuFT6xd9i4TV69YAsAlMBaDPqrl8wVBqn119jNC5NERtuhgp7k64SadadcQWYJSnFd96WrHafY6MRT7mCaLZK6N2SR0eZ1QIGOTo7xcU9rAUj7vi7CgU4fE8GQ7APbPqtFsyxfhkhxaKHY7LhGTgKloMIoCJFIuhre1nGDTjHp_mc94cU2uLVJK1dfDJmUbt1t5WK8dFtL3Rh1ITfdTzpM3js8OGa0_YoFGsJJXB9Mt73E-k5VOsB3h339dpg0Bq0BrzbhzegPBSqsiUKj3bP1RiW4IRX_IcKLtoRZXFbtXhM5ElwO8sp0tsEJUPJlswuGk6xYbPUr9fZjBOtgqL-ffPPiP4vIa4_R0ME6SKZJ6uNhzMf1qNmWQnLNJGW11tY0Z8FypIkDx0r0k5shywdzj_eWgNnXKnyjSKqntGlLbgA6g1ENLGWw
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 267A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvMd4QB3BwYSBedJqG_N0-c7A0BCSWHi9cPOLDh995K_J_t8hjV6kGnx2DhD0-eaBeNQR9TwOlgJxdvw3r1vFEIBCcyLai4RVHTxSihTouH-ROGu-nJexEW686zPCL&sig=Cg0ArKJSzEArX2gz17CWEAE&id=lidar2&mcvt=1001&p=711,925,965,1225&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231025&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2582627014&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698342011467&rpt=3096&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
avoury_728x90_atlas_1.png
s0.2mdn.net/sadbundle/14223353841020637473/images/ Frame 87A8 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14223353841020637473/images/avoury_728x90_atlas_1.png
Requested by
Host: 070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
URL: https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9ac6c6fa278e962e26a2dc7db6009ba2b6ba0b9f67b94f1495781b7a797b8f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 18:18:49 GMT
x-content-type-options
nosniff
age
170486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119568
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:21:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Oct 2024 18:18:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7636 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthrCoaLNeVI-titb2VZNF_BvKiY-JoCVX5MyqkdKJsKg9FMf5Y5pm62pKU-t0DWiZCNMZM3Cypi_v5Gl0WZTFJXuQLjupI8yTiuMfghAIj9dI9gDaHL878f-1zGEHDwD1SuCCLUyINnu4AWqQY55Y9NIG_WwpWkBmayWUhvOIPqvTfOewPOk_lfOHJWVOTWaM3Lg7h-I1DGgFMz0kusjnyXKcvwuN10paUpRzbWiAnzjRojuqN3JUSnNGddadfLn5yu9G59a8rLgsTO1pr_XZbK1Uhvn8hOLG4og9_VVddAiJvFuxKe6r35koQI5YBQ1c2SPp157-Ghqe8JejOzLY6YF87zMWMeeHd1yoRf7HP60C16rqFd1fsGDmrOu-Pp3V_UdiCRSW53rUmU4bk9KUgnxjYtN7b1uerKiGNl96UA5YO42ARWXYm-x7G1hWpBOwQP7YCwV9jN5eeJBL_pcxi4I6-Tjo9HZH2HvVyb6Ajs45iCWLmzKDR5MiTSdWB20inw_kWv9sSzg8Kmz4qTaqzGVn4xh9E8-jNn_IJT0vr6qtFMs08Xa_lv5pI2iFBXNtpvQ0GP56_5H-bZKSWPzAmNUUydAx-_-7cgpsoiClgeT1YpVmrDXmV21VtkZ7dqq_UqoIffMIdICGA_DWxnXFSu7c9N7gt06QhbFNNOMWGVNTg12HWiw65JS-a1SrGYxdtts6smL26GViDkmEy3e8zC7yb93cCyzo_hzkjtcX1seh6ZRLT_APrDDulIYE9aoh-wYdVNmtcGNZU_KXncWRYuafxX_EsnVhbC1xoTBT07Hu1iFKnWx-j6n4FNc4bg_RxEECiT3TDzN51-eQTzqko671yitpDUu09wF05iaFRUf5sNiTLDXrW4G3ABdfsCc_MaELypWNFIJAbJ-ohbJkvEf90BThedX5v-qUdqW4qwr57_5F-IMzSiaQ0JPRuK1q-O3K1DZcvNtlQjwOIs7lpFF2jNdm4TWUnviRwci5nCLQoe3xXzMqzefHxrLqHTYC7R1MyAKLCXt-BzKvgYm7su_GZbiDRWcQPEyptbFo455w2Q6r_6GysqrZOsHiUZrU3xm3V1sVxWCDgC81PzsAg1htgAgQ4GSDnkR1uqb4qE_AQe4swUGaGRsPPLe6vGKT_hzd5JnqELzTz90GAuzkqYXHukhYY7mTsGKnCFOKHCZm8wVL9Zrzxpi3QRjWqQA7koYwZZJoCUWqmJ9ncQCtX3EYEcKd_dctifmB6sx2QP29vSUoL7Wn65bP8yJf1Ni4mBvRFPMohjNwt9ZkfTX1BjKo08vkI2fDhW4Xq9PFtzs_e87apkcf2V5Pt1hqfU4vBWBLVsHAUr3DMCmzLlOEv8eSxBGu7I_9lIrbx830Vh4oEDwf_L2xla6PGGcQy9u8V2ikGhRW_YTp_&sai=AMfl-YQfeVxbx_u-dNx71WTyfBWDK-sJ2GKtjWMoReTTg_i9MeCGCZxwB8erwArT_ET4mt2VSlvSJKkSoEdvX7xkAEmx9v3yhxu5PtR8tfU3ZmDd7UfisqvbGFnvbZ4iqfaIB7YWV50CHsf4PbYhXZSS7Lr030xagYxPGaJu2FHARX7f7GxdVEqsy8_5mGXnhxjzctaPdtBFnMY6A77j3mjtQbQKQ3hhuS4bezI8_hb-mT5rYzy8yrhHO2GNHrd8rv0epBB1rtQ&sig=Cg0ArKJSzHwGW3DG6neVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=340&vt=11&dtpt=158&dett=3&cstd=180&cisv=r20231024.15228&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B33A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvRq5cQ7lWe2ZfMd8bEknkN6K0JUBIm0Gd5s1Ze_AqzEm_s05snflEAbU2-gZa95Ii4HkJWkTNZo0CoAMnKEG5lmJwQhC_9jI8WK9WN-1NIYpE_DwE4en8jv3qOzkc&sig=Cg0ArKJSzBfMJSBrzY6mEAE&id=lidar2&mcvt=1000&p=71,562,165,1290&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231025&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=494382883&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698342011447&rpt=3168&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8C6D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lo7gzhay&c=540934388131266&e=31079072%2C31061691%2C31061692&ctx=1&met.9=1.4g~2.7g~9.0~3_1.8f~7_1.0~4_1.l0~5_1.l9~6_1.wh&met.10=1_1.CAAQABiAmHUgtgIoAQ&met.3=112.ax_1~113.b9_2~415.wg&met.1=1.lo7gzh00~14.0~15.0~16.0~17.0~18.0~19.0~20.b5~21.b6&qqid.1=CL-b7oOhlIIDFRaA_QcdH8IJ7Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 87A8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:58:03 GMT
x-content-type-options
nosniff
age
441732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 14:58:03 GMT
batch
services.insurads.com/dfp/mapping/ Frame 0110 		2 KB
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=1546&requests=[{%22eaUp%22:%22/29746187,94348418/hk_now.com_desktop_RightSticky_300x250_Finance%22,%22eoId%22:2788556564,%22advId%22:18961627,%22w%22:300,%22h%22:250,%22eId%22:%22main_hk_now.com_desktop_rightsticky_300x250_finance_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_LR02%22,%22eoId%22:2604461729,%22eolId%22:5181489535,%22advId%22:289699738,%22ecId%22:138288748646,%22w%22:300,%22h%22:250,%22eId%22:%22main_nownews_web_fin_lr02_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_LR01%22,%22eoId%22:3012214987,%22eolId%22:6032896793,%22advId%22:223740178,%22ecId%22:138451396154,%22w%22:300,%22h%22:250,%22eId%22:%22main_nownews_web_fin_lr01_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_SB%22,%22eoId%22:2604461729,%22eolId%22:5182368892,%22advId%22:289699738,%22ecId%22:138289048723,%22w%22:728,%22h%22:90,%22eId%22:%22main_nownews_web_fin_sb_0%22}]&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&ts=1698342016116
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.40.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-40-57.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f4a5767bf6c7e75703f5ec59e3a94293b0cb02450b270d602e2bd5d83c3ceb1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:16 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 7636 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyHUFhXdshq0-NloLTlyTmt7oMUdxezF4w-TF3Bj2ATkGg40004gP73LSv7kSS_M2Qvxk1PiFkNRGUgdCSdjL22wTn9OpFTIb43iFwX0UCQd9gFZNS_Y_Q02RUAYnAVl2n32O1D6rUjMGi&sai=AMfl-YSqNxJC4vP3h_uRBASwO_FhpndHR-QHna0Ia3Xv_NMjdNL_X6tw6iZWhiBZuB50CtS4y4x5zQbiuRv0-CvkBZLFwzu1RpbHWhXjbS7CkUE2jucXGWKSDKdDwIxf&sig=Cg0ArKJSzL8qy_aDswsmEAE&cid=CAQSPADICaaNNelxRp5t9j98Olv4uiTGKt6Fab_kEYG8j83bJiU-4EUZYdtPlDiBWnHPQ_t4RrjmWoq9RwbXxBgB&id=lidar2&mcvt=1000&p=71,562,161,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=132357472&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698342014879&rpt=399&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4911 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNJP6MIFB1TpK65Q9iGhNw0d9Ach9R-YmZSjYF7rodAGoMIjPRggXpg8kKTNwwkcRoZjidQR5nnJudKLK6wTP9ttB3Nj7VwlrCeCdVkMDXdvBrF0w8gZCrAjtLNmLarYI9u75upjxckiH3_n_Jt8wvThzzPrAqsGzLPza6T3fUfnb4hUfybNGMoBao4lUduBInSkDmnYw72HqXmm2BS0SNDAlOzfvbVc1_6esM18CIPzZ64hWxBwFFCRMhv9EfGCqzWkpLNTGUoOs7ZFCYyu6K8eNfmQj4dPBfpUFYNDuCkaekAhKmIe6Rx7hCfzsQHHmHZXfs0NKIou6ZW4SXeKjRBDZehSF2T4kEssWZlxcNDwcGRGDzE28OvAWR1JBDF153qZuqoy671BLleohlNpRbsaA47Dn2Iew7C2_gm0ZnS-aUidRdbvPETtlvpx7Z8cABQWe2N9HDDFiq-NjwmMxAaMCHit_A63qYNjyk9RElKyumuNUw_rodvxZykj9bVkUcoM7oWfBtJ5K18Ny82i2dLPamelFn8D68lPdoP5vZF7D4CKd7wApXS0Z522mJEud0ZY2Io7tL_ny6saICUItRh7ztOU9sAudDcivR2cGzKRwn7k14LkFlbADYfp75FKUV0IJnl-dbslzkGBbb4tRV2v6edVV_siYlCqBNFEO81cnmMrY3e3FPiMI9_JTUJ5OFCEzMqL1VGFbRVZE3NPTOIHxURXgo0ciJp353sbhW2Ge35NTu2OeHwd-PGxje5EeeVAc-L74UCey4Zw487UtHb-ZkjKK33I2dc0pGlXZFl-xnOwQSV0E_rWWxgkxGKsIZuyN_NlCgBrb-RXDeSnDt0Yxq3bGSHPksoj2i8urDJ-oR7dCm9GUmplCzjDChMA4435mzevme_sC8STdoCgbw3akOW913quWx5GlFQuhBXGmXorJfbme_edIGBWAWI5deFl9XfXJco3Rg520lJiNlr3KGBOCrukgLosY2AtFKP72GWGrSovl00BVkYk0DWXJ0OhflEdTfXl_H0e9Qb3mqAt_LJloUPil2DHG5arevJY0--lQPhI6lXxdSyzqkU96FDHRNEOU0FrR-ZhrURJQpSgaV1JeCSFLbvihdRZW7qXz0mXoBser5xpNyCNc5c5oSf2J_XsMXM-LcccxKI8J-1YlYJQJqkKfZHrlEHax52FWW7udeoB8emcYpquKpy2RA88ZQy5DMsx_EZteqnOiQlraa-BWwVmx9y9O84Hs-kfawKU5tw7vuyQ2J5VIITysaYclIX5HgLljISr-r0ZBL0yb8DCQs94wP8KThb7U-SmqdAhbEhgWbxGVOzf_16U9hw8aF689sp748LFFCzs18nKIcT1Ru153NqcptjjzdogsDwct5swU_VyjdIl9JOaAoVmIm4fs6T3i90LDgOlIJPEqSVtXSKHkraFs966osocsvt_jlD5pPmFDpCBdyuXtF&sai=AMfl-YRXhURpYKW-VgjwmJiuX811k57Zp4zo4ARLkupyTZpu5x2p9LHq1qyW2GGsRTEoGg4CMHJx2Y9Bk_vE4cU7dHNj2ApZz0Km1GXO_S-1WHHLQyFbJewA7fEclXs-HI0hEO1Isfk9V4HwWA&sig=Cg0ArKJSzGrjK4e3TQPXEAE&cid=CAQSPADICaaNgdvbIZp9K7cMdozC7R_MbozDPg567H-npiwqe_BMT5E-TxlrnInsWAvsI6tfvhADlpQaawIEyhgB&id=lidar2&mcvt=1000&p=711,925,961,1225&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=588128196&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698342014931&rpt=395&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4791594f7d4ac9f41fb53d42bf0eccd3585acb4c957b17582a112d145a3ce921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12392
x-xss-protection
0
comments.php
www.facebook.com/v2.9/plugins/ Frame 7D08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/comments.php?app_id=515076798590105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bc1289942911c%26domain%3Dnews.now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnews.now.com%252Ff298da9df92048%26relation%3Dparent.parent&color_scheme=light&container_width=520&height=100&href=http%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&locale=zh_HK&numposts=5&sdk=joey&version=v2.9&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=5f0323de152f9cdf1ef87306ce1cd6ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 26 Oct 2023 17:40:16 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
PCAtT89uhsgHyX1JPVFcug885d/7ZeNk1e5tuVEJx2BtxB/+lh5+vv3DlOr00Eh/vEYmH/ITH3+exAFkT4aHmg==
x-frame-options
DENY
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7DDF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.now.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:16 GMT
server
Kestrel
server-processing-duration-in-ticks
1073217
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7636 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7631261660951&version=m202309260101&ct=119&x=1&cor=15489620897831390000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 7DDF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=now.com&sn=ChromeSyncframe&so=3&topUrl=news.now.com&bundle=mW0NPV8lMkJPUWdoY1hTMmprMVkzZTAlMkZWcmlLM1FTY0FvbnUzZlZiS3M0dWFzTHRYa0lGVjFCcUg...
  • https://mug.criteo.com/sid?cpp=1oXaEHxTNWRCdFBybGEzSmRKVnpLdnN2ZnFGbXUrVjgxRUJqTENvZFBJVG42d0VaMFJ6UFhFMlAvek9OaGI5WXZyU01BNHlGUHZYV0xqWmlSUzZYdS9VMkpjMHBlWUZ0NWxwU1hRZTFKOGZmSmRnbjR2ekM1bDltQjNMNU...
431 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1oXaEHxTNWRCdFBybGEzSmRKVnpLdnN2ZnFGbXUrVjgxRUJqTENvZFBJVG42d0VaMFJ6UFhFMlAvek9OaGI5WXZyU01BNHlGUHZYV0xqWmlSUzZYdS9VMkpjMHBlWUZ0NWxwU1hRZTFKOGZmSmRnbjR2ekM1bDltQjNMNUdIWFk1bnBtcnFKVFY3R3hzN3k2cDRLOTRjT3pSSTNDSkV1aUw4SGJIbEh3bGxZWVhIeFEzWGRYQ2NwNmhXaGxYeGg5MmZUSzlCN2VNQmViaEVQanNmMkpPUVc5elNMdWMvemlnL0dGUXpqSTllN1RleEc2OFBYdmJnWGhURk1pQjN4UTVPMlhudFduYmhKOWVPbklXa0dSZ3pNWkdMUT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1240a3ac0b2d0c4005f999fb11527deaf7c3683e5b2b2cc671d1c70545da72f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
841612
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=1oXaEHxTNWRCdFBybGEzSmRKVnpLdnN2ZnFGbXUrVjgxRUJqTENvZFBJVG42d0VaMFJ6UFhFMlAvek9OaGI5WXZyU01BNHlGUHZYV0xqWmlSUzZYdS9VMkpjMHBlWUZ0NWxwU1hRZTFKOGZmSmRnbjR2ekM1bDltQjNMNUdIWFk1bnBtcnFKVFY3R3hzN3k2cDRLOTRjT3pSSTNDSkV1aUw4SGJIbEh3bGxZWVhIeFEzWGRYQ2NwNmhXaGxYeGg5MmZUSzlCN2VNQmViaEVQanNmMkpPUVc5elNMdWMvemlnL0dGUXpqSTllN1RleEc2OFBYdmJnWGhURk1pQjN4UTVPMlhudFduYmhKOWVPbklXa0dSZ3pNWkdMUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
285495
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:40:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 69DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9536
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:01:20 GMT
expires
Fri, 25 Oct 2024 15:01:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B32B 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6c484b40ed8a00c7a87ee2568c874d5da8dec64342e103c1e5318fe0fffb69ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zv9NSVygAxkmIVLjVii3-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zv9NSVygAxkmIVLjVii3-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:16 GMT
expires
Thu, 26 Oct 2023 17:40:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DGFECMB23C&gtm=45je3an0v893189895z8830088854&_p=321619123&gcd=11l1l1l1l1&cid=1627611075.1698342011&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698342011&sct=1&seg=0&dl=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&dt=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&en=now_page_view&ep.now_platform=web_desktop&ep.now_page_lvl1=finance&ep.now_page_detail=180275&ep.now_page_path=finance%3A180275&ep.now_page_cp=Now%E6%96%B0%E8%81%9E%E5%8F%B0&epn.now_page_has_video=1&ep.now_page_title=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
pagead2.googlesyndication.com/bg/ Frame 69DD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
2248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15202
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 17:02:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B32B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310240101&jk=3977195431966550&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 69DD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WDyfEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310240101&jk=3977195431966550&bg=!LS6lLmHNAAZRemZlcXo7ADQBe5WfOBgm0VsFjnxODw5C_N7ScQR539goBDlgfh0LlF2jismnVWNFBKr3QD-MlWL1ljVSAgAAAEFSAAAABWgBBwoADBr53QXj16EoUSSd_JkCvRvStZhJo_gTFpoFKru8ac44qflCXK77B0y3UZVNsQ0i0F5kp87gafH9-rRopDb7697XpV-DjRrHAMxvsQ3GT4qnEhmQLugdz7gy4PreJGsI_3Qr-GVLXuMqexVIimQFFMDRnmX3jzGJUaQ0H0XqM1lJ6Dm4p-JLGWSvGvjyUHLlvi4yndnYvnIL8mqrT-dxrhope1MfChpsbzixs_nmW9E_kddqaPy8tgeYOegxeq1vbMY-giYa1PavAw6Mgsajne1-VzChhqjX9dG7ChhtEpNJIxC53FhxMerzJt8uDKxV_7de00RGTWshTiBGtl3afFeB1J3VxZXd86nEGLM2t2NUJWNSZdL2q1gST5ZZB5lY1cgpWCC1CEnkRmXPiTd5UlGI2vOHz5W0DQ9EQ-qzACxTv_aQ50Dz1co7NRqx4YabJ60XrZN0fgiZHrEd2jt1MaBOVFVPEXJEz5SvekYMdTBK8UNglDr-ymjFj4kFM2xFbBwtg5dmA-tJMRRykhTAEftFZilTbfM1LJh59Ip6EJCsY8azTRS3Jmm2T5p_BWkbt5mvgF1vxmJG9ou1-UJ7KbE3xfMdg6JL8o5MiIrRnW2PLDmfBh5mwCIz7sjaz5Fa4yrMDJxqMrkykSF-S4levXhZ_XzpKcVO1DGmK0Lsf7-gUe24O9Js_ECba9XV_RaKUwhzhxUWQQ11smkuy1XbAL7NHIcU1b64pPMG_nnk9WM2Uo_RurM5FFIngZ8lICGOj-CH1fCm056480SqSECsOdsKdyd-NqYrC3bhQPmVxt2t8uTHoe495oaxNuEVuBaNbkRjo_XhTV5rr6O1dXSbJ0vFblM0YMEqUwBjqjCPjfQfCw_qIn6c6FILuAmrZvRxecDMc0iPKz-NzGEtvZTQ7A7CKtxFtvaoB5lbjg2RdHfaoaqU8fB-Ixylyym6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.now.com%2F&domain=news.now.com&bundle=mW0NPV8lMkJPUWdoY1hTMmprMVkzZTAlMkZWcmlLM1FTY0FvbnUzZlZiS3M0dWFzTHRYa0lGVjFCcUgydHNnMWxKeEFCV1NNTEk3SmdTamUwSXU5UXFaOEkzMU45N3FGcm91diUyRlVKeVdKUDFjNFNwQ0M2R0RwOSUyQklBMWw3Z2FNb25BbiUyRnpqN1JQSDQxRjI3MUlDaExGc2l5RTAyTERRJTNEJTNE&cw=1&pbt=1&lsw=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
267324
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.now.com%2F&domain=news.now.com&bundle=mW0NPV8lMkJPUWdoY1hTMmprMVkzZTAlMkZWcmlLM1FTY0FvbnUzZlZiS3M0dWFzTHRYa0lGVjFCcUgydHNnMWxKeEFCV1NNTEk3SmdTamUwSXU5UXFaOEkzMU45N3FGcm91diUyRlVKeVdKUDFjNFNwQ0M2R0RwOSUyQklBMWw3Z2FNb25BbiUyRnpqN1JQSDQxRjI3MUlDaExGc2l5RTAyTERRJTNEJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 26 Oct 2023 17:40:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
338623
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F3DC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 17:40:18 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E412 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163123
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 26 Oct 2023 17:40:18 GMT
expires
Sat, 28 Oct 2023 14:59:01 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame CFFB 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C2099%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f564378ab495fcaf84ffaff9f89a7e25cfb265061a70a9588fabda268d843c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8451
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:40:18 GMT
expires
Sat, 28 Oct 2023 17:40:18 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame C97F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 26 Oct 2023 17:40:18 GMT
ETag
"623de86a-cf34"
Expires
Fri, 27 Oct 2023 17:40:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
ixmatch.html
js-sec.indexww.com/um/ Frame 00F8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81c47bce8e403a78-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:40:18 GMT
expires
Thu, 26 Oct 2023 21:40:18 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F3DC 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 01:19:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27528
Connection
keep-alive
Content-Length
11051
Expires
Fri, 27 Oct 2023 01:19:06 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E412 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34985247&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
2c6ccd8e11eccb5228907b43f1fd1b4517872f38f72f32ad21c9f16b907df594

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:40:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame EF4A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c5e493f70f8c226bd0590b123d37c7fd20da20b180c71cb2ca12b1d0109c04

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81c47bceeff70858-FRA
content-encoding
br
content-type
text/html
date
Thu, 26 Oct 2023 17:40:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EewosXD0vPCmNll0ZTTuvtRtEjxSb5kq60%2FuwZPwdK%2BkVH6m9haYi6fpDemL5GiopcjxpEv95j2by71l310sqlfLaPpcX8IVA%2Bz8BUb%2FGVpYD%2BhF3owDQEykoHAlzsXDGcRMdtnCylgsZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame F3DC 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
async_usersync
ib.adnxs.com/ Frame C97F 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
an-x-request-uuid
c800a336-f8ce-4e79-aa72-2e0d48ddd07a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
charter.woff2
s0.2mdn.net/sadbundle/14223353841020637473/ Frame 87A8 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14223353841020637473/charter.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14223353841020637473/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 18:18:53 GMT
x-content-type-options
nosniff
age
170485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54205
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:21:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Oct 2024 18:18:53 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BFCE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 17:40:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:40:17 GMT
expires
Thu, 26 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
908216
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2D0F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 26 Oct 2023 17:40:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FWTYSQBCK8X756EJ7VXW

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 26 Oct 2023 17:40:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZAR04M12HTV4X0PWMJH1
Pug
image2.pubmatic.com/AdServer/ Frame 84F0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 17:40:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 26 Oct 2023 17:40:18 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1C25
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=607162672804343453&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=607162672804343453&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 17:40:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ea7e9df6-b8e6-4f2c-b81f-4a9962a7901f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 17:40:18 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=607162672804343453&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
80.255.7.100; 80.255.7.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame E868
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294323411853768851&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294323411853768851&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 17:40:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 26 Oct 2023 17:40:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294323411853768851&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 8632
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=7aac2e20-a45a-4291-89ec-64d9f40d4fdd&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARiCyeqpBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBELrNW0Z0JhHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJDdhYWMyZTIwLWE0NWEtNDI5MS04OWVjLTY0ZDlmNDBkNGZkZA**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=bacd5b46-7426-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=7aac2e20-a45a-4291-89ec-64d9f40d4fdd
43 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=476&user_id=bacd5b46-7426-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=7aac2e20-a45a-4291-89ec-64d9f40d4fdd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.81.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 26 Oct 2023 17:40:18 GMT

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Oct 2023 17:40:18 GMT
Location
https://x.bidswitch.net/sync?dsp_id=476&user_id=bacd5b46-7426-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=7aac2e20-a45a-4291-89ec-64d9f40d4fdd
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame B15B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 17:40:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Oct 2023 17:40:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E412
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O8TChM_iRJSg0KoglLqwYQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=163123
accept-ranges
bytes
content-length
5606
expires
Sat, 28 Oct 2023 14:59:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E412 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.19
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame E412
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3105973160
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3BC4C284-CFE2-4494-A0D0-AA2094BAB061
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3BC4C284-CFE2-4494-A0D0-AA2094BAB061
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
via
1.1 google
last-modified
Thu, 26 Oct 2023 17:40:18 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3BC4C284-CFE2-4494-A0D0-AA2094BAB061
date
Thu, 26 Oct 2023 17:40:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame E412
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3BC4C284-CFE2-4494-A0D0-AA2094BAB061
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZThsb0kweWhPTlNUc3k4N3RUVVZ2VlZkdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=203178507029476429&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
HTTP/1.1
Server
54.72.74.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-74-77.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:19 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 26 Oct 2023 17:40:19 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame E412
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0JDNEMyODQtQ0ZFMi00NDk0LUEwRDAtQUEyMDk0QkFCMDYx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 17:40:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E412
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECj5rqes7Ta7RQwyLih1pAQ&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECj5rqes7Ta7RQwyLih1pAQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 17:40:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECj5rqes7Ta7RQwyLih1pAQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E412 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 25 Oct 2023 17:40:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E412
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=203178507029476429
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=203178507029476429
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 16:42:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=203178507029476429
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame E412 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58292/ Frame E412 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3BC4C284-CFE2-4494-A0D0-AA2094BAB061
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E412 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3BC4C284-CFE2-4494-A0D0-AA2094BAB061?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:290e:3f93:cc5a:81f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E412 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 26 Oct 2023 17:40:17 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
28292
i6.liadm.com/s/ Frame EF4A
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTqkfxrxa4-9s94V3BXI2AAA%261218&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTqkfxrxa4-9s94V3BXI2AAA%261218&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6a9a565b21ee464e93ab924cd5480557
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-BWK0AJsXCbrmbLxuCG098dhFjWSj7o5JxUP55A
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-BWK0AJsXCbrmbLxuCG098dhFjWSj7o5JxUP55A
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-BWK0AJsXCbrmbLxuCG098dhFjWSj7o5JxUP55A
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:686a:b20f:8598:8ecc -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:40:19 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-BWK0AJsXCbrmbLxuCG098dhFjWSj7o5JxUP55A
Date
Thu, 26 Oct 2023 17:40:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
usermatchredir
ssum-sec.casalemedia.com/ Frame EF4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YujN9GGNHrqbKbikKDCgvezDQyPI5bbh%2FMvH2vkqqlC0CPnydXzjMFFwLp%2Fzq%2B2Pe9ad3i5z%2BuBKH%2BbILu0UlJMcalaA0Yb4Dx5rrQC1R2X9m8naD8DejE76KGmXU9SPHxo6k%2BrYjIm16Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c47bcfb9160858-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHYKflUh7I-PNuoIaE5m0K8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EF4A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:40:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0GMY4JGAXFZGRM2TDSQG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:40:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AW2HSJZRWXD29A6ZTZM1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EF4A 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame EF4A
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714153218&external_user_id=3a965bda-47a5-4959-96b5-8abe50934f4e
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714153218&external_user_id=3a965bda-47a5-4959-96b5-8abe50934f4e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gF8EP%2F2tmaiKzJjY2x%2BRweHlnTLfxgZhN0ER3dw72g9wnRrd243SVW1xhAGy1pql%2F90Lsk%2FEITik6whwzqlg%2FMabmHlS0ELzQn3dLrcg%2FExClzb8FyPC3iGX%2F%2FBdAnPj87GivDPQQVCXHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c47bd14b090858-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 26 Oct 2023 17:40:18 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1714153218&external_user_id=3a965bda-47a5-4959-96b5-8abe50934f4e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EF4A 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZTqkfxrxa4_9s94V3BXI2AAABMIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:290e:3f93:cc5a:81f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame EF4A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3UpOdU5IOD6QxXtnYm%2FMsi3vUoHZbF8Bc3OvRB0aqGfeRSXnUVjBObgHBMl0tfTehiNsKZjtd8xXcMlnyI3uS4e7ZOU8lMg%2B%2ByKO0kosHARY8N8z3%2BTyG5tO9r1zmHH%2FIcA22DHLlFNTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c47bd2ed370858-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=hLW-g-ZvW_lCpWHWCXSW4VD_B2Q
Date
Thu, 26 Oct 2023 17:40:18 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame EF4A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hYYVdyFNTHv22ChCeyjK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218&tc=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hYYVdyFNTHv22ChCeyjK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsu9KHYmk94meZMWAJHC4BHtPP%2B9yXxmNibcZSEqZ8Jd1HxfQV8%2F34%2BMTh5%2Fgo8%2BNJmD7foQyejFEkKT0ljQOlASyZzZsqqF1iVlPdDplpOfnPkFSZ516hhDelZqNly%2FF9dMBbuwM7RYzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c47bd079f80858-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=hYYVdyFNTHv22ChCeyjK&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZTqkfxrxa4-9s94V3BXI2AAA%261218&tc=1
pragma
no-cache
date
Thu, 26 Oct 2023 17:40:18 GMT, Thu, 26 Oct 2023 17:40:18 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame EF4A 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTqkfxrxa4-9s94V3BXI2AAA%261218
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:40:18 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
82819
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81c47bcf7f903a78-FRA
content-length
43
expires
Fri, 27 Oct 2023 17:40:18 GMT
async_usersync
ib.adnxs.com/ Frame C97F 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:40:19 GMT
an-x-request-uuid
7ab9f2b2-b80b-4c44-a88f-c017bd3b99e5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E412 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| pbjsChunk object| pbjs function| $ function| jQuery number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| commonAd object| adUnit object| adsData string| firstProfile string| profile boolean| matchProfile object| firstAdUnit object| currentAdUnit function| setFirstProfile function| checkProfile function| initAdserver function| postDisplayHelper_hideAd function| postDisplayHelper_BottomBanner function| onRenderEnded object| preBid function| NowDataService boolean| fb_inited function| fbAsyncInit object| dfpProfiles string| _pageCategory string| _pageNewsId string| _pageTopic object| dataLayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| PrerollManager function| Hls function| Galleria function| MyUrl function| purl object| jquery-scrollto function| fillImage function| loadViuWidget object| globalConfig object| windowData object| swfobject object| mediaSupport object| $myUrl number| google_unique_id object| gaGlobal function| MediaPlayer boolean| clickedFbLogin function| loginFB object| newsData object| providerInfo object| relatedNews object| relatedNewsCpMapping string| title string| providerName object| photoLink string| pageType object| FB object| _gaq object| _comscore object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| __buffer function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| COMSCORE object| ns_p object| _gat function| logoutFB object| __uid2SecureSignalProvider object| __uid2 object| google_tag_manager function| onYouTubeIframeAPIReady object| sas object| adloox_pubint object| anymindTS function| startAnymindTS object| atspbjs object| apstag object| anymindTSApstag object| atspbjsChunk object| mnet object| _aps boolean| apstagLOADED object| apscustom object| __tgconf function| __tginitcb object| __iat_api object| _mappingResponses object| __tgunits object| criteo_pubtag_prebid_143 object| Criteo_prebid_143 object| GoogleGcLKhOms object| google_image_requests

84 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n9qhE7-320f092e16e0bfc2ca-005
.now.com/ Name: lotame_domain_check
Value: now.com
.news.now.com/ Name: __utma
Value: 262549139.1510969399.1698342011.1698342011.1698342011.1
.news.now.com/ Name: __utmb
Value: 262549139.0.10.1698342011
.news.now.com/ Name: __utmc
Value: 262549139
.news.now.com/ Name: __utmz
Value: 262549139.1698342011.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.news.now.com/ Name: __utmv
Value: 262549139.|1=deviceType=desktop=1
.now.com/ Name: __utmt
Value: 1
.now.com/ Name: __utma
Value: 262549139.1627611075.1698342011.1698342011.1698342011.1
.now.com/ Name: __utmb
Value: 262549139.1.10.1698342011
.now.com/ Name: __utmc
Value: 262549139
.now.com/ Name: __utmz
Value: 262549139.1698342011.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.now.com/ Name: __utmv
Value: 262549139.|1=deviceType=desktop=1
.criteo.com/ Name: uid
Value: 73b41066-274e-4c3f-bff4-56c04e5e8720
.now.com/ Name: __gads
Value: ID=b277b0d61cae1971:T=1698342011:RT=1698342011:S=ALNI_Majw8jKvnEGGSitIrE6ZEVsTjMaIQ
.now.com/ Name: __gpi
Value: UID=00000ca9e78a55ce:T=1698342011:RT=1698342011:S=ALNI_MaHiElD4HgK8qG8hb0VajmruDfidA
.openx.net/ Name: i
Value: 5a7ea669-c5bc-48bd-822a-8f6b1a702538|1698342011
.doubleclick.net/ Name: IDE
Value: AHWqTUmPSfWnjUxoGort-ZIZzWJhibS1yCCAyCg5eTyyfh6e89myzG0yUnvj-dDdU5s
.now.com/ Name: _ga
Value: GA1.1.1627611075.1698342011
.now.com/ Name: _ga_DGFECMB23C
Value: GS1.1.1698342011.1.0.1698342011.60.0.0
news.now.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LO7GZFEQ-1S-G26D
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qogz1xcSJv25wNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2faU/m3Ah2RENiz8/dyswbPAzgHlbzd1OQDH4Wm0It/pKoKNoLyt5l2Qijy0RC4Zd8RuybVyVU0yt
.insurads.com/ Name: ___iat_gid
Value: 5F1976C52E912DA5
.news.now.com/ Name: ___iat_ses
Value: 5F1976C52E912DA5
.news.now.com/ Name: ___iat_vis
Value: 5F1976C52E912DA5.f95d2bb0127b88e30df1f5400d2f4cc7.1698342013187.8410635557c667c5af9d067d25eccd79.UUUEIZEBOM.11111111.1.0
.innity.com/ Name: iGEO
Value: DE%7E
.innity.com/ Name: iUUID
Value: 68cd3e1d710a0c2200989ff78be3e28f
.adnxs.com/ Name: uuid2
Value: 607162672804343453
.casalemedia.com/ Name: CMPS
Value: 1218
.casalemedia.com/ Name: CMID
Value: ZTqkfxrxa4-9s94V3BXI2AAA
.casalemedia.com/ Name: CMPRO
Value: 1218
.adfarm1.adition.com/ Name: UserID1
Value: 7294323411853768851
.doubleclick.net/ Name: APC
Value: AfxxVi7C_DnUWE6eFRj_tGq6z7kpfT6mEn2GzfxPVQTroIRr_g35HA
.blismedia.com/ Name: b
Value: 653AA47F7999A7C5413D3624BLIS
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Illnrq7:!]tbPl1M>e)ZlrFUfJ+tGXxoD9(PDiAd-y(VZUF@A*8Uc>4kk)b#sA_^C'w$3If)y3KL9D3I?+qIz4ZT
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3BC4C284-CFE2-4494-A0D0-AA2094BAB061
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2590339b-5791-46c6-a4b8-ff440c35f3e6-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2590339b-5791-46c6-a4b8-ff440c35f3e6-003%22%7D
.3lift.com/ Name: tluid
Value: 3518366715757008528066
.de17a.com/ Name: guid
Value: 1.2575247114255171901
.googleadservices.com/ Name: ar_debug
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aPntuJwZcF1foXarpebwFWaY8Zc8gyZbTtZddxf6P3SZdeEOGMmIr8RYEZb2n43EeZdbhRARpM2WS4d6ayW8i6VSV6x9Vyx
.now.com/ Name: cto_bundle
Value: MqFZ6F8lMkJPUWdoY1hTMmprMVkzZTAlMkZWcmlLOVVrSFNXakFMQ1FmRnIwY3JpOVl6bHdQJTJCbFM3VEJoSjRTN2w4QjdPV0lwd2o4ZDNtVmtvcHVZVmMzbyUyRnRaQjNDNTk1OXVyTGhYQ2R1MzZXOFVqaFFJSmtCY3RlOVlDUnI0dUJ5TDJZaFhSTVZhZFgzRFA2dDdBaXJSMlducFQyUSUzRCUzRA
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158497:3
.pubmatic.com/ Name: DPSync3
Value: 1699488000%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1700870400%3A203%7C1698883200%3A223%7C1699488000%3A13_71_21_56_233_8_3_55_220_54_251%7C1699574400%3A35%7C1699142400%3A63
.bidswitch.net/ Name: tuuid
Value: 7aac2e20-a45a-4291-89ec-64d9f40d4fdd
.bidswitch.net/ Name: c
Value: 1698342018
.bidswitch.net/ Name: tuuid_lu
Value: 1698342018
.adform.net/ Name: C
Value: 1
.creativecdn.com/ Name: u
Value: hYYVdyFNTHv22ChCeyjK
.creativecdn.com/ Name: ts
Value: 1698342018
.simpli.fi/ Name: suid
Value: 7F76335B4E264D21A6401A05CE855841
.quantserve.com/ Name: d
Value: EMkBCwGjKvijAA
.quantserve.com/ Name: mc
Value: 653aa482-88424-ddf2f-f0c21
.weborama.fr/ Name: AFFICHE_W
Value: ARd-CWK1GRkB94
.adform.net/ Name: uid
Value: 203178507029476429
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7294323411853768851&KRTB&23369-7294323411853768851
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-607162672804343453&KRTB&23339-607162672804343453
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS&KRTB&19420-tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS&KRTB&22979-tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS&KRTB&23403-tIzdReON1havgdYQsI3DQObf3EKv395HsIhlaPZS
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECj5rqes7Ta7RQwyLih1pAQ&KRTB&23025-CAESECj5rqes7Ta7RQwyLih1pAQ&KRTB&23386-CAESECj5rqes7Ta7RQwyLih1pAQ
.yahoo.com/ Name: A3
Value: d=AQABBIKkOmUCECVMFrsqtT4IAn-mcpqypOQFEgEBAQH2O2VEZQAAAAAA_eMAAA&S=AQAAAu04Xf4GrdSJimw8qIwnXfY
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-203178507029476429&KRTB&23263-203178507029476429&KRTB&23481-203178507029476429
.bumlam.com/ Name: suuid3
Value: IiRiYWNkNWI0Ni03NDI2LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.company-target.com/ Name: tuuid
Value: 3a965bda-47a5-4959-96b5-8abe50934f4e
.company-target.com/ Name: tuuid_lu
Value: 1698342018|ix:0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: e8loI0yhONSTsy87tTUVvVVdw!20220908!1698342018916!ip#80.255.7.100
.audrte.com/ Name: arcki2_pubmatic
Value: 3BC4C284-CFE2-4494-A0D0-AA2094BAB061!20220908!1698342018916
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-84b5be83-e66f-5bf9-42a5-61d6097496e1.BoC1xr%2BePVZXCPAw9LgphswV6a8dqLfCP7mSR%2FBnJLM
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-84b5be83-e66f-5bf9-42a5-61d6097496e1.BoC1xr%2BePVZXCPAw9LgphswV6a8dqLfCP7mSR%2FBnJLM
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhLW-g-ZvW_lCpWHWCXSW4VD_B2Q.3%2FKLeTqdmpXqYoQDze6yRdtyHbxq591lVL38FvBaUzU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhLW-g-ZvW_lCpWHWCXSW4VD_B2Q.3%2FKLeTqdmpXqYoQDze6yRdtyHbxq591lVL38FvBaUzU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKrwxJMwEc-o56xp8vU6hQdRzR9-gyuuQbHJQBs3cHGXEHwYBCCCyeqpBjABOgSSgrqOQgRULzkq.B1XpdSXc5h23MCIt5EMedy5GEXX7q3wplgrVzb2EKDI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKrwxJMwEc-o56xp8vU6hQdRzR9-gyuuQbHJQBs3cHGXEHwYBCCCyeqpBjABOgSSgrqOQgRULzkq.B1XpdSXc5h23MCIt5EMedy5GEXX7q3wplgrVzb2EKDI
.amazon-adsystem.com/ Name: ad-id
Value: A6_OViCnDUJykB8Gwva2jRM
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&KRTB&23334-hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&KRTB&23417-hLW-g-ZvW_lCpWHWCXSW4VD_B2Q&KRTB&23426-hLW-g-ZvW_lCpWHWCXSW4VD_B2Q
.pubmatic.com/ Name: PugT
Value: 1698342018
.audrte.com/ Name: arcki2_ddp2
Value: e8loI0yhONSTsy87tTUVvVVdw!20220908!1698342019076
.liadm.com/ Name: lidid
Value: 6a9a565b-21ee-464e-93ab-924cd5480557
.audrte.com/ Name: arcki2_adform
Value: 203178507029476429!20220908!1698342019240

5 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3BC4C284-CFE2-4494-A0D0-AA2094BAB061&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

070706a48459349ce184ab83e0d231cd.safeframe.googlesyndication.com
157568e8284462801c7938e8cfed8244.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a962c91d05dd53288a62bb5c00b5c220.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ajax.googleapis.com
anymind360.com
as.innity.com
bcp.crwdcntrl.net
bidder.criteo.com
bit.ly
c.amazon-adsystem.com
c1.adform.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.indexww.com
cdn.innity.net
cdn.insurads.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
d5p.de17a.com
d7lz7jwg8uwgn.cloudfront.net
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images-news.now.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
media.innity.net
mts0.google.com
mug.criteo.com
news.now.com
oa.openxcdn.net
oajs.openx.net
optimize.innity.com
optimize2.innity.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg-apac.smartadserver.com
region1.analytics.google.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.insurads.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
simage4.pubmatic.com
104.18.25.18
104.18.26.193
104.18.27.193
108.138.37.209
149.129.240.178
151.101.1.55
162.19.138.120
172.217.16.130
172.64.152.89
178.250.1.9
18.165.201.12
18.173.159.32
18.245.60.76
184.30.20.22
184.30.22.30
185.184.8.90
185.64.189.112
185.86.139.96
198.47.127.19
198.47.127.205
2.17.190.130
2001:4860:4802:32::36
213.155.156.180
216.58.206.34
219.76.112.42
23.213.164.226
23.213.164.238
2400:52e0:1a01::907:1
2600:1f18:ed:550a:686a:b20f:8598:8ecc
2600:9000:225b:4400:a:e047:753:6381
2600:9000:225b:c400:13:6c41:f5c0:21
2600:9000:26da:3c00:8:e4a9:2240:93a1
2600:9000:26da:8600:8:e4a9:2240:93a1
2602:803:c003:200::43
2606:4700:10::6816:3556
2606:4700::6810:5814
2606:4700::6812:18ad
2607:f8b0:4007:815::2003
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2001
2a00:1450:4001:802::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:20::2010
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f083:10e:face:b00c:0:2
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3605:290e:3f93:cc5a:81f7
3.124.81.102
3.75.62.37
31.172.81.159
34.102.146.192
34.111.129.221
34.111.131.239
34.120.135.53
34.120.63.153
34.253.64.164
34.96.105.8
34.96.71.22
35.204.74.118
35.227.252.103
35.244.159.8
35.71.131.137
37.157.3.26
37.252.171.52
44.206.40.57
46.228.174.117
47.250.12.214
52.17.114.157
52.46.151.131
52.94.223.167
54.172.204.227
54.72.74.77
54.77.82.203
54.83.166.127
67.199.248.11
69.173.144.139
76.223.111.18
8.218.26.252
85.114.159.118
98.98.134.242
99.86.4.128
00542816b8dd2f88975870804e28037af26018be56d344b511bba5f702c885d7
00b66b4a0c5343e330f7dbcc66a763db6c5abe359ace3d9c060f9dfa9b9d8378
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8
03d0e8a81b76b97330c387401f890774b9d88750ea2d7b7d85da4851ca2ef3ac
047e1939c455d37c4b116cd710a2db7595e9e99e53ceed4debe089f5784a181d
04d201c38d170cd81db2338193f35765e52ac6d9946049206ad3be88763f11d2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a96478c58865df9360779cb314e3509454415fbe301fb4532e871cfc9417db4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d808b75fb4b708cc7d9becc395df04dc12edadf0f43cdc10e969a13c5f9e734
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
110137320b8035098fb7a7ee65363c448392049b9924832025b7c8aeb8cabaa7
1240a3ac0b2d0c4005f999fb11527deaf7c3683e5b2b2cc671d1c70545da72f0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18af810bde060d9088e801deb820b04346316b9b0c8f62e60c91530e6edfeb1f
19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be
1a9fa4e26745ca6df42cb672d6173aaf4d9bbde301a69780ae0d68d008a31665
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e6d31cd37b39297deea85d991eca951f1bf094f9c711149b50b592b4c2d21c6
1ea1219ed6ec3c76cf953f0e0ea3732219e214f66a85447a81fa6bd5426df759
202a07bd11e26895b9365d248e422b15e17f3e3c96908c2211d21cefe9bbcfa8
2244114c0a3e483eb225679cbc5ca9751d9f93de0e0d5a01546fa00e140ff3a7
25c5e493f70f8c226bd0590b123d37c7fd20da20b180c71cb2ca12b1d0109c04
26e71265038697288323a4f7e30d2928de47296b1785c8acb2394755fc75acf3
299a37af4de83d9057d9045fb0b3d3dc2c5f9fca67576b901f0d3291fe3374fb
2a05843c975829b9363d4d2ee2a03bf6a0d078710a50e312eaee55a274ff396d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986
2c6ccd8e11eccb5228907b43f1fd1b4517872f38f72f32ad21c9f16b907df594
2da32cb1008ba22bdd6897e5d4dac7d8347ccea5232c2857be197fd12dbf42c6
2e389356fbc2ee46542598aa455caf9615a6098a34163de7e12b462f0e53e6e1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30927b9d1159b5b5ce3a27acf00240b57b057edf55f13d2311e5bf3d36e7caf7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
343faa4d06dd00d04cd6632c215c96302faf1525f82be005a14959f71e68d383
351fcf881cc7cc86fd9d042fc943123f76abf6f3d944238563a5d4f36788bcb2
3611f719dbff1f691cc50b0b2929364b9041cd8fc8c06084684ee05fdf7e7985
36441a620ddcfb86a6e6be9e2d50a239fa803b2c9e2f0703604a867389ecd9bd
373a89d5357110e883e97c4dc2367cf0194309de2f3418f9229626fe07405ef7
3ce57f6a15d32c5a9a4440a9c7415c7880bcd46d217016b0e0c99725b068c2c9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6ac4147f1b6f455ac26b38fea6c2da6b67068db8f3b449ba309edcbddcae2c
3f1311e529dc988c4a95d30691d60e13252db95299eeb8732041e40357b56601
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40348bd2a8261eeb5c334f3a76952b89d9239b85dcc56014f8bc0091f551750b
41c7ea851b0b92716bc0cd901da4ca0842c705cf51c5d6253be084376e372571
41e77d4a4b376a0e685421f0955f9c9f24f058476cf04d42862f483d16c91db9
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44379cb7f862b97ead06b3a439ccfc8b18767a9b466c3b373333ea20971d0c4b
4551d77570ecbbedc886c24f2691a37f18c737f2f8f51030459784b5b4aee8e5
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4791594f7d4ac9f41fb53d42bf0eccd3585acb4c957b17582a112d145a3ce921
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4ee077691591a1f8bd7da317ec4a6eda9012731327c257d9e420a51d0ce4f738
4f44c40f9c1d3406d9b18f2d75def6d376f77efa606cc40cb21ffb1d3a0889b9
4f7c711b6a8e816e0a71ceda6abd52b8307fdea8f759c0b7286ce32b000d57fe
542ef50029ccae2d686ee82b4fa08838d498798cd52ed33055859ac5f4c0702b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dbe77f372ec933fad71d8e90381ea03bae7cdfd61e60542bb8ffef38ecf74b
564913ca7c425cc7027417fb4b74fb43802ccb43158b25f1d177063c5c8b2549
5a22f4b8a01844ce4ece06b04e9d534e15559a8ed8f2ae3bef9ad1dd81a71048
5c71f73f83722c55e8af961cb99bcd5f1af29f9561b143c2f86f456ba326c581
5e373ba1aca5167b4fb0fc7d897d6af3267c7317028d5e8559f96783fe4df689
600759407fde32ff7bd3acc8db8a41f170a137c8bf48d2a2ede342111776c027
611fc8a9f2f404813291b38b342b3325a3723b17137d64adbfa6cbaf139697a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b9dd8264c39b633050dc5c331690dfceddc682d0c2fd3b85743a8c6c27b937
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6689e700fbd974e21acb517ec1a1f78e68384882e14a76cfed45de1e83554940
67a5a9bfa7f03d99269c5fbed8d183e39682380c2d54061778676e46b64588d3
682d4a76eb84a7829df8e65927f84c5099f7eae2cd8c87581f44aece66ba72c1
69f40a6bbddef7dfa8ad440410cab4b606e394e81aa76bea369ee32cc1a62096
6a0af38d4f493107ae69ee350f5235fac3dfb45b0ec5747bda308c7b6d11b3a4
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c484b40ed8a00c7a87ee2568c874d5da8dec64342e103c1e5318fe0fffb69ba
6ccee20949b19bff02e82f51f20cb28b61a24b0f1abab6c887065aa9e027e593
6ef34753459923e6186f543867dd712218846ff98e066e5619949d0987f45278
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
760d46c5a3ddd5fa22deaf6d8b0b5dd24b52b6d238d723249ce3acae5d36363d
79bb5b51794e25493a5bfea4bc817d2595d415f9636d88f254002f08b31564c1
803fa5e667cec8cd38fbfa095952c91f6bcb24f912941511b4f8cd49568abbf1
8125e0da9d35d88494d90523e8ae7a844bc130034f2589cd5e7cf33df96ae3b0
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82a618c1cbf6a242a52f1d2a679dc6edff80e79f5deb371a650975964eafc85c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e8ef66e73e23973d7b68a3ccdf85ce6ce77e286d6f2273b48d0de333dce1de
84a190bcc0b992356b49dd6a6aba66e47ce322ca43d36e2fe81cbca9000c1aa8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
88b9f6d2a1527d6ce7f2c0566829c0cf993cb82bc5592c4cc61bf86d3eeffebd
8917ae5cd26b2d0370c788706619e18f5840127ad0f4b6029cf10a9b807869b7
8a1b671b1bb68101c2de7b74af27f0fad0fb0af17d17875f60ca923916a06a58
8a34b787192eae0468e950876215956570551db61dd60b4b2b86a79e29e06125
8a4aff713622487b6e5611dbeb85bb308cc3b1980661c59770c9034dce1c2864
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8c6467bc96e6433cd5305b9ba003f41a3c2060d959a06a013891b277a5ad2ddd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d94545125b879d6274c4c21ca1a52e643b7bd83b953c79040409c8be70bc567
92337e7cc6af0ec0dd3bb341878264a8454b5a1525a094bdc167b4ba0b233cf1
930422fbcaea60d7e46c7f00093c6a082e3425b8118e176659c334b5b8599a4f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f564378ab495fcaf84ffaff9f89a7e25cfb265061a70a9588fabda268d843c8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02fd0f27a964a5a756e48b71edf6044259a7b0e67ebf1cd935d074f86845f8c
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a431ec20ecf46b014126e17830d94b90642cfc90b55f4142988683a4557b4e86
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6e32ba84c2ab8c848dd6eae7947339165a698c673ba7d89f9a9221623c63322
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
a954a21036c289c48db4f3ffc3ad140fe3f975b542b0804db27cfed2844d1ad7
a95b5bcef02399a965578cd460191a02c965331e2e4ba57e2de228c41fafd175
aa32625250b10ba8e01407f121191c9a14ddf2e82308953523ba6a12c2bb77cb
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0c32e4eb27dbd3be54ba520539f71a70113e85214ebb75cf1570cc74228a6bd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b267eadfb3fd669a735ed0e272d8ad19e0544952a5da3431b758f4dac14477a5
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a
b44c75bbe2ff7009ee3693779e7b5fc44067657f74b186b7fe2756e3a88dfb33
b5067e032363589d65b0bd4a9480ab1136a7a6f29b8095abc01281f717039b9b
b6fbd39e50f759d76dd3d8d693c5f37168daeede57a6436568f2f929b3444bd0
ba48cf7d98447c8fcc814530db8c3a11c304c6fbb58e08025d0c1e969299f468
bae61251fe0ab7fc5703e064ea621caed4b6155adfc9fe4919dac8eab4d736c0
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd5e9ffd9078578f0283d3fbc784cafa65d577342664c3feaa305ba978b67549
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
bee1badf25378972395b0b89262b1a543b492c79c099847457794a4f12b7a461
bf967bff3592ef6bf5a82056456fd56519db1e4face88a7eeaaa982997c1f632
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c783365c8b336d69f3135b35654e1b5c81ed021135387f33f341d7768d63f1ce
c7c793300f13fd3a34856f726d769507dac3a8390ea7c58088620b7572ce0336
c803095488b70db29af99f10d32d108b2103f26f94645f2cf2506811d23fd071
c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1
c9344b8a1ead8004c66b22b3b928fc366feecf1190c9076b742479b381869e27
c9edd17b9cfe246d54771ab1483b2a11ec027b88eb3deef2f48d2b6af6374fff
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
cb9c05d4b62c00e9fdd2d17b82f330d5904a4564d6595c3c6b3b02c2407a7237
cc95151ccc5e1da65516dd8e94e0766e134f32174a017b163fd2ffcefd4fb143
ccb8da07338314cbbc5a6f8d13a5662117883c590af48e6fdcc587c43ec09e5b
cea68197ad58b6802f8a1735646931eda8e76702b12d90f7df88d537f62b987a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf741a07d523ba87d5f3aa15491f5a4e7053ac7697ced9cf34c6bfc53b8c5bd1
d006fbf009f067caf9254b634031264deb27d91606167c9304022ff65eaf19c0
d326c6ac9a57ce1f12c37ef462f21a0259e5c66cfa812b741a613dbe1d2798e0
d4c5510ea6b7063e9f8b5ee5860707bca6f81554c74cd54b242b2a6d7f483ca8
d535d476003a21250fc86665fc40c1a89280bb1639036cdc33a1837681bb24a1
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d7425db8bd4bd78e2ed69f590bbdcd3ff644fd3b50350b92fb526eee6bf4251b
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
d8214cdea5dae097d6cfae256ea88ba7df3ad9a84235b78a1a9d055f36737ec3
d854e832b4ecf65fcdae68fe5e4ffa3d11e3815f88633e3ea07bd9d77d30052a
db63d9a8bcd1ea002610c245935b2f3f92691bfe98894759ca41abf36c4e0dd1
dbae926e137826db2872fb3395b97511dbda8eae59ae39683c1cd64a86c033b8
dd0cd96175da0d806a3d8617f2b562e7acafcc8493d1105f40a3ce29e07c3f1f
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
e10ad5cbaa8e43bdde1151ae38bfe94d5514476e4302aacd8c8bfd9f7e60228c
e1ebf0070c19cba534674efbeed0c1e7deaa82702ce54b2ca73b19ab1b29d4a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5fdcb3ad3efab0d8678817b02ad5ae82c2199420dec06e01b33a8999f3283ea
e63a060267f3c44ab3439c1084acb780d2254499ee9d7b1cf5a1bdfeaac4d92b
e7608a6ef5ee8696f943b03e4484d31e88f4477122b8b07ac90bb4cd0a5d6d87
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f011c6e9cd89df9239e1faa2b250d61d662a58b1cb01ad1c350520e6d4716dc1
f02d9caa98f4c98d14db14be429bed8c4d86ef4a10c624e1445c349a794dae1f
f08cd9319dede0985a9f221040db4aec1825dfd27bffae15860802c095bdde95
f1d574e210335ebe4eb6ee518dfe3ed13ba764af2f32bc5bd6e1747d524208f6
f2147f9733c2bce48a9ff4d3119d9b49ae937f5ddb668dc995c069213b80ff8a
f2ab01fbf0fd27972b021b33e66c9fe6af549750db2e466be42c03bda4aa337f
f2ace50bb25918dc9ec3d527747a6e05797178501634deedc88cb2b66ee42743
f2d9f218d6df31e1bc66cb7ecb1779ec7a2172c61060f0d00e16d8ccf3f8e9dd
f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8
f3cbc4e1f72dbf1eaf4a2fac1e4a3127c856fca42456fd6fa6fd3e8026d8454d
f4a5767bf6c7e75703f5ec59e3a94293b0cb02450b270d602e2bd5d83c3ceb1c
f686b633afa9cf54befcf9ea46d5cbbb13e9ceef4d6de6adbab879433afb959a
f6d5947f7fc439abd881a78b0365c3bf52623277db5668cb542b1388d597f025
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9900cdd68b7106c35a1f93f2e2bbe826d7c8e77160f938fa2ef19ba0b104ac0
f9ac6c6fa278e962e26a2dc7db6009ba2b6ba0b9f67b94f1495781b7a797b8f1
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
fee81bbe8f12f8d0482c38cba7ec2682ffc6d4a9c84756dee0df14c30bb7bb58