news8.de Open in urlscan Pro
62.171.186.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news8.de/
Effective URL:
http://news8.de/
Submission: On August 07 via manual (August 7th 2021, 3:11:47 pm UTC) from DE

Summary HTTP 495 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 63 IPs in 8 countries across 78 domains to perform 495 HTTP transactions. The main IP is 62.171.186.137, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is news8.de.

This is the only time news8.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
81	62.171.186.137 62.171.186.137	51167 (CONTABO) (CONTABO)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
5	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
22	51.91.68.112 51.91.68.112	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
10	51.210.32.121 51.210.32.121	16276 (OVH) (OVH)
73	2606:4700:303... 2606:4700:3039::6815:c02f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
16	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
4	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
4 4	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
5	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
4	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
28	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
4	52.210.129.48 52.210.129.48	16509 (AMAZON-02) (AMAZON-02)
4	13.224.89.192 13.224.89.192	16509 (AMAZON-02) (AMAZON-02)
8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
7 11	54.36.109.183 54.36.109.183	16276 (OVH) (OVH)
16 16	51.83.106.180 51.83.106.180	16276 (OVH) (OVH)
27 30	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
10 11	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
5 21	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
18	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
4	2600:9000:219... 2600:9000:2190:d400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
14 21	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
4	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
6 6	52.19.186.105 52.19.186.105	16509 (AMAZON-02) (AMAZON-02)
3 3	3.120.52.200 3.120.52.200	16509 (AMAZON-02) (AMAZON-02)
3 3	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
20	54.77.182.98 54.77.182.98	16509 (AMAZON-02) (AMAZON-02)
4	54.217.215.116 54.217.215.116	16509 (AMAZON-02) (AMAZON-02)
6	13.224.96.83 13.224.96.83	16509 (AMAZON-02) (AMAZON-02)
6	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
6 7	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
9 9	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 8	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
4	3.126.30.34 3.126.30.34	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	52.215.101.139 52.215.101.139	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1 2	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
1 2	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
3 3	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.151.80 69.173.151.80	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
2	3.121.111.29 3.121.111.29	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.66.88 18.195.66.88	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	34.194.112.31 34.194.112.31	14618 (AMAZON-AES) (AMAZON-AES)
1 16	52.48.175.241 52.48.175.241	16509 (AMAZON-02) (AMAZON-02)
2 7	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1	54.209.16.83 54.209.16.83	14618 (AMAZON-AES) (AMAZON-AES)
4 5	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.205.83.58 52.205.83.58	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.156.92 150.136.156.92	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	52.58.67.48 52.58.67.48	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	67.202.110.23 67.202.110.23	32748 (STEADFAST) (STEADFAST)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.51 124.146.215.51	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1 1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
495	63

81 62.171.186.137 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmd55357.contaboserver.net

news8.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

consent.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 51.91.68.112 (France)

ASN16276 (OVH, FR)
PTR: ns3161774.ip-51-91-68.eu

view.webplexmedia.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 51.210.32.121 (France)

ASN16276 (OVH, FR)
PTR: ns3172585.ip-51-210-32.eu

www.fesch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.blackbeats.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 2606:4700:3039::6815:c02f (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.17 (France) 4 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 145.239.193.130 (France) 5 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.198.250.30 (Bad Schwalbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.129.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.89.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-192.zrh50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.36.109.183 (France) 7 redirects

ASN16276 (OVH, FR)
PTR: p08.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 51.83.106.180 (France) 16 redirects

ASN16276 (OVH, FR)

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.185.162 (United States) 27 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.221.11 (Amsterdam, Netherlands) 10 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 72.251.249.9 (Amsterdam, Netherlands) 5 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2190:d400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 76.223.111.131 (United States) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.19.186.105 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-105.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.52.200 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.201 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.77.182.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.217.215.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.96.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-83.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 81.29.72.47 (Epsom, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.243 (Amsterdam, Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.189.110 (United Kingdom) 9 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.86.139.115 (France) 4 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.30.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-30-34.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.215.101.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.65 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.80 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.200.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.111.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-111-29.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.66.88 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-66-88.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.227 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.112.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-112-31.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.48.175.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.41 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.16.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-16-83.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 70.42.32.191 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.83.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-83-58.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.67.48 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-67-48.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.23 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.51 (Minato-ku, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Lich, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	news8.de news8.de	5 MB
73	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	2 MB
30	doubleclick.net 27 redirects cm.g.doubleclick.net	4 KB
28	zeotap.com spl.zeotap.com mwzeom.zeotap.com	8 KB
24	webgains.com track.webgains.com diapi.webgains.com	293 KB
24	cpx.to p.cpx.to s.cpx.to	33 KB
22	webplexmedia.de view.webplexmedia.de	21 KB
21	adsrvr.org 14 redirects match.adsrvr.org data.adsrvr.org	10 KB
21	lijit.com 5 redirects ap.lijit.com ce.lijit.com	25 KB
18	pubmatic.com 13 redirects image2.pubmatic.com ads.pubmatic.com image6.pubmatic.com image8.pubmatic.com image4.pubmatic.com	20 KB
18	webgains.io analytics.webgains.io api.webgains.io	364 KB
18	adnxs.com 16 redirects ib.adnxs.com secure.adnxs.com	18 KB
16	gumgum.com 1 redirects rtb.gumgum.com	5 KB
16	mediarithmics.com 16 redirects cookie-matching.mediarithmics.com	8 KB
16	themoneytizer.com ads.themoneytizer.com	817 KB
14	adition.com imagesrv.adition.com ad4.adfarm1.adition.com	89 KB
13	smartadserver.com 9 redirects ww1097.smartadserver.com sync.smartadserver.com ssbsync.smartadserver.com	5 KB
11	id5-sync.com 7 redirects id5-sync.com	15 KB
10	rubiconproject.com 1 redirects token.rubiconproject.com pixel-us-east.rubiconproject.com pixel-eu.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com	12 KB
10	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	38 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	346 KB
8	leadplace.fr tag.leadplace.fr	19 KB
7	openx.net 2 redirects us-u.openx.net eu-u.openx.net	2 KB
7	criteo.com 1 redirects gum.criteo.com bidder.criteo.com Failed mug.criteo.com	7 KB
7	fesch.tv www.fesch.tv	985 KB
6	bidswitch.net pool.grid-data.bidswitch.net x.bidswitch.net	1 KB
6	mathtag.com 6 redirects pixel.mathtag.com sync.mathtag.com	4 KB
6	demdex.net 6 redirects dpm.demdex.net	6 KB
6	awin1.com www.awin1.com	4 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	163 KB
5	media01.eu pb.media01.eu	1 KB
5	medialead.de 5 redirects pv.medialead.de	7 KB
5	cookiefirst.com consent.cookiefirst.com	72 KB
4	outbrain.com 3 redirects sync.outbrain.com	2 KB
4	casalemedia.com as-sec.casalemedia.com	2 KB
4	adleadevent.com adtrack.adleadevent.com	2 KB
4	rlcdn.com api.rlcdn.com	673 B
4	quantcount.com rules.quantcount.com	4 KB
4	indexww.com js-sec.indexww.com	52 KB
4	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	102 KB
4	onetag-sys.com onetag-sys.com	3 KB
4	tmyzer.com c.tmyzer.com	1 KB
4	sascdn.com ced-ns.sascdn.com	85 KB
4	themoneytizer.net g.themoneytizer.net	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	creativecdn.com 3 redirects creativecdn.com	990 B
3	agkn.com 3 redirects aa.agkn.com	1 KB
3	blackbeats.fm media.blackbeats.fm	1018 B
2	blau.de 1 redirects partner.blau.de portal.blau.de	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	627 B
2	360yield.com 2 redirects ad.360yield.com	616 B
2	adform.net 2 redirects c1.adform.net	925 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	contextweb.com 2 redirects bh.contextweb.com	786 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	simpli.fi 1 redirects um.simpli.fi	840 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	474 B
2	1rx.io 2 redirects sync.1rx.io	355 B
2	criteo.net static.criteo.net	53 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net	622 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de	255 B
1	socdm.com 1 redirects tg.socdm.com	696 B
1	emxdgt.com cs.emxdgt.com
1	33across.com ssc-cms.33across.com
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	831 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	stackadapt.com sync.srv.stackadapt.com	168 B
1	turn.com 1 redirects d.turn.com	418 B
1	clickagy.com 1 redirects aorta.clickagy.com	657 B
1	postrelease.com 1 redirects jadserve.postrelease.com	416 B
1	bidr.io match.prod.bidr.io	430 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	270 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.com 1 redirects www.google.com	340 B
0	acuityplatform.com Failed ums.acuityplatform.com Failed
495	78

	Domain	Requested by
81	news8.de	news8.de view.webplexmedia.de
36	assets.ad4m.at	as.ad4m.at
30	cm.g.doubleclick.net	27 redirects ap.lijit.com us-u.openx.net rtb.gumgum.com
25	ad4m.at	view.webplexmedia.de ad4m.at
22	view.webplexmedia.de	news8.de view.webplexmedia.de
20	s.cpx.to	p.cpx.to news8.de media.blackbeats.fm
20	match.adsrvr.org	14 redirects js-sec.indexww.com us-u.openx.net rtb.gumgum.com
18	mwzeom.zeotap.com	spl.zeotap.com media.blackbeats.fm news8.de
18	track.webgains.com	as.ad4m.at analytics.webgains.io track.webgains.com
16	rtb.gumgum.com	1 redirects ap.lijit.com rtb.gumgum.com
16	cookie-matching.mediarithmics.com	16 redirects
16	ads.themoneytizer.com	news8.de media.blackbeats.fm ads.themoneytizer.com
15	ce.lijit.com	2 redirects ap.lijit.com us-u.openx.net rtb.gumgum.com
12	api.webgains.io	analytics.webgains.io
12	as.ad4m.at	ad4m.at as.ad4m.at
11	ib.adnxs.com	10 redirects imagesrv.adition.com
11	id5-sync.com	7 redirects news8.de media.blackbeats.fm
10	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
9	image2.pubmatic.com	9 redirects
8	sync.smartadserver.com	4 redirects news8.de media.blackbeats.fm
8	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
8	imagesrv.adition.com	view.webplexmedia.de ad4.adfarm1.adition.com imagesrv.adition.com
8	www.gstatic.com	news8.de www.google.com www.gstatic.com
7	secure.adnxs.com	6 redirects ap.lijit.com
7	www.fesch.tv	news8.de
6	diapi.webgains.com	track.webgains.com
6	analytics.webgains.io	track.webgains.com
6	pixel.quantserve.com	2 redirects media.blackbeats.fm news8.de
6	dpm.demdex.net	6 redirects
6	ap.lijit.com	3 redirects ads.themoneytizer.com ap.lijit.com
6	gum.criteo.com	1 redirects ads.themoneytizer.com static.criteo.net
6	www.awin1.com	as.ad4m.at
6	ad4.adfarm1.adition.com	view.webplexmedia.de ad4.adfarm1.adition.com imagesrv.adition.com
5	us-u.openx.net	2 redirects ap.lijit.com us-u.openx.net
5	token.rubiconproject.com	news8.de media.blackbeats.fm eus.rubiconproject.com
5	pb.media01.eu	as.ad4m.at
5	pv.medialead.de	5 redirects
5	consent.cookiefirst.com	news8.de consent.cookiefirst.com
4	sync.outbrain.com	3 redirects rtb.gumgum.com
4	as-sec.casalemedia.com	js-sec.indexww.com
4	pool.grid-data.bidswitch.net	news8.de s.cpx.to
4	adtrack.adleadevent.com	ajax.googleapis.com
4	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
4	api.rlcdn.com	js-sec.indexww.com
4	rules.quantcount.com	secure.quantserve.com
4	js-sec.indexww.com	ads.themoneytizer.com
4	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
4	p.cpx.to	ads.themoneytizer.com
4	secure.quantserve.com	ads.themoneytizer.com
4	onetag-sys.com	ads.themoneytizer.com
4	c.tmyzer.com	ads.themoneytizer.com
4	ced-ns.sascdn.com	news8.de media.blackbeats.fm
4	ww1097.smartadserver.com	4 redirects
4	g.themoneytizer.net	ads.themoneytizer.com
3	image8.pubmatic.com	3 redirects
3	ads.pubmatic.com	ap.lijit.com rtb.gumgum.com
3	sync.mathtag.com	3 redirects
3	px.owneriq.net	2 redirects ap.lijit.com
3	creativecdn.com	3 redirects
3	pixel.mathtag.com	3 redirects
3	aa.agkn.com	3 redirects
3	media.blackbeats.fm	view.webplexmedia.de media.blackbeats.fm
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	rtb.gumgum.com eus.rubiconproject.com
2	ad.360yield.com	2 redirects
2	c1.adform.net	2 redirects
2	eu-u.openx.net	us-u.openx.net
2	image6.pubmatic.com	ads.pubmatic.com
2	rtb.mfadsrvr.com	2 redirects
2	x.bidswitch.net	ap.lijit.com rtb.gumgum.com
2	bh.contextweb.com	2 redirects
2	p.rfihub.com	2 redirects
2	um.simpli.fi	1 redirects ap.lijit.com
2	aax-eu.amazon-adsystem.com	1 redirects ap.lijit.com
2	sync.1rx.io	2 redirects
2	static.criteo.net	imagesrv.adition.com static.criteo.net
2	fonts.googleapis.com	news8.de
1	portal.blau.de	as.ad4m.at
1	partner.blau.de	1 redirects
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	rtb.gumgum.com
1	ssc-cms.33across.com	rtb.gumgum.com
1	secure-assets.rubiconproject.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.srv.stackadapt.com	rtb.gumgum.com
1	d.turn.com	1 redirects
1	aorta.clickagy.com	1 redirects
1	data.adsrvr.org	ap.lijit.com
1	pixel-eu.rubiconproject.com	ap.lijit.com
1	jadserve.postrelease.com	1 redirects
1	pixel-us-east.rubiconproject.com	ap.lijit.com
1	match.prod.bidr.io	ap.lijit.com
1	pixel-sync.sitescout.com	1 redirects
1	mug.criteo.com	view.webplexmedia.de
1	cdn.jsdelivr.net	imagesrv.adition.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	1 redirects
0	ums.acuityplatform.com Failed	ap.lijit.com
0	bidder.criteo.com Failed	imagesrv.adition.com
495	107

This site contains links to these domains. Also see Links.

Domain
www.news8.de
www.fesch.tv
schlieben.de
webplexmedia.de

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
consent.cookiefirst.com R3	`2021-07-18` - `2021-10-16`	3 months	crt.sh
news8.de R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
view.webplexmedia.de R3	`2021-07-02` - `2021-09-30`	3 months	crt.sh
fesch.tv R3	`2021-07-20` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
media.blackbeats.fm R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2021-02-14` - `2022-03-17`	a year	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
c.tmyzer.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2020-09-11` - `2021-09-12`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-06` - `2022-03-06`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 65 frames:

Primary Page: http://news8.de/
Frame ID: 0E340EE811C3F91BE7EADBD618B20C3A
Requests: 95 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Frame ID: 31FC759B9B8991D020D4DAABD89DEFD7
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: A364CDD2D58A63E480163928317EE7D9
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: 19F568E2E8BBCAE6514A2DDE382CA41B
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
Frame ID: 955D70D1851097A8D8DDE8125A742697
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
Frame ID: 90052E4C4FFD0358321F7E0B46F2D62D
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Frame ID: 115868880FD14B46CBA8511570FCB356
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Frame ID: 1FF71F8CFAA74C66D2837FE48DD2EE0E
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Frame ID: 24DFD8D0A1648248C42DE4495E3356D4
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Frame ID: 1E1545CB4E20C4C4EBFA5FCC4E4520DB
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Frame ID: 117C8A399BB5B247633E2375D48C908B
Requests: 6 HTTP requests in this frame

Frame: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D
Frame ID: A7EA2EB30B8C6D305975A290EBAB77EB
Requests: 3 HTTP requests in this frame

Frame: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%3D
Frame ID: F0FC9BC88D52F8D75700F610B82410FE
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2FD94030ECFD8287A5DC1A2E35D3F08E
Requests: 1 HTTP requests in this frame

Frame: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D
Frame ID: 20AB3CC1C427464DA1BAC29A39ECE006
Requests: 3 HTTP requests in this frame

Frame: https://media.blackbeats.fm/?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D
Frame ID: 6D211E6110871FB3C74322E86745CCEC
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8E2856E5A50DA5367A2A9AAE39E391CB
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 964AB890783B9FF03934D34355D8610F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4F252652528E9BD946981F5A2DC0398C
Requests: 1 HTTP requests in this frame

Frame: https://news8.de/tags/970/index.html
Frame ID: 37E6CB8AA6C51B0FA53814042A534C81
Requests: 30 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
Frame ID: 2CCABB161B54419A444B6A686B9E1A25
Requests: 9 HTTP requests in this frame

Frame: https://news8.de/tags/300/index.html
Frame ID: D18D4A610569EE91B9D8CB78C171CDDE
Requests: 30 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 748A655AA8311837B284ECBFC636DB88
Requests: 1 HTTP requests in this frame

Frame: https://media.blackbeats.fm/tags/300/index.html
Frame ID: 32F7934C944B2FE38A85AFCFCD38BBDF
Requests: 31 HTTP requests in this frame

Frame: https://news8.de/tags/970/index.html
Frame ID: 846384142AD9B5801B2866644D410078
Requests: 30 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Frame ID: 3BC30701DF4CC187F8AAD97D413B95BD
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Frame ID: EDEED11A6E1202908381723F77820FF6
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Frame ID: 62F8826B1D187C300528F7E234C29193
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075077
Frame ID: 78D95F28B20D635F6A9FCD4EC300672F
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258&cmp=0
Frame ID: E82C16EBBA8C33336CB8B347B78C7287
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075089
Frame ID: 44C3A9C1AC33378BA3A03F7248D69B5B
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258&cmp=0
Frame ID: 5715041A4159A0D2146E1706CDA94631
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Frame ID: 1EE9EAFAD5D550C5BFC5CFF0711DA025
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Frame ID: 9A377BA99DEBA657E8A95CE610E3C540
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075114
Frame ID: 899C68950AB1A9DC233A1C3A1822C4FB
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258&cmp=0
Frame ID: 60C0E4541AEC1D48D1F60C185B9C0F0D
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075343
Frame ID: 6B2A0906E093724ED31987ADF24CC3EA
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: DF9669C92990E0A07BF6A44F77857A67
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html&id=MTIZ
Frame ID: 406D98329152B749655BF978887C7E00
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.blackbeats.fm%2Ftags%2F300%2Findex.html&id=MTIZ
Frame ID: 61EFCD3FBFFA065DC6C28482C525C467
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnews8.de%2Ftags%2F300%2Findex.html&id=MTIZ
Frame ID: 09A78C4950DD6A231F0A71277A12FCD8
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html&id=MTIZ
Frame ID: A546AECBB90678890256B8744A3E69D8
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Frame ID: 32EEABA973A733148728C1693C3930FB
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Frame ID: 5FBA058EE0CF2B8EEF82435AC379D674
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news8.de
Frame ID: 10A2AD23D792F3F47A3C05435255A8DB
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Frame ID: D7CB3F39D4FAB65CEED844EF848B22D3
Requests: 23 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 0431FEDE3882FCCEB48089DE764EAB7B
Requests: 16 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 38F72D6B0E76772240EF71B924577F74
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: B4BC125AC3EB46D9EF349AD2C2C4CC87
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3303476057242999071&gdpr=1&gdpr_consent=
Frame ID: 4649801ED841787F776D8C47A3C1E58F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: DFA145D11FA499FED197EF447A00E98E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 1FB03B6864B64A69094FD1000AA5ABDE
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 52DB501B563CBA55B308F9E74BFCA9F9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BF9424812C894A9DDF4078A65D91AE91
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=503b610e-a29e-4f00-83b1-7b0906ca274b&gdpr=1&gdpr_consent=
Frame ID: 4E20BAB1F479D8ABDF682521E72DDD9D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YQ6ingADS2VZ0ABg&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg
Frame ID: FE061A36F6D0E864AA6BD9DC82FFFB35
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: 520C00AE23391BC3BB6E2030B76D8237
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 4B753804EE275FB3C98B3F750A8122AC
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 3F0798FB41E14D9E837D66C7D49F9604
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YQ6in8Co8XkAAKzakOoAAAAA
Frame ID: 23E5FAF7E36A7A78E1BF314355536799
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1870471597262945537
Frame ID: 22E26466EF5082718807CA5D025E6887
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=QvAb2rGNxInjsEojo9DM&pi=gumgum
Frame ID: D5E5FB40A3DFF9B459262F574F6937DA
Requests: 1 HTTP requests in this frame

Frame: https://view.webplexmedia.de/sl.php?key=NTcw
Frame ID: F4AD9670A296C7F0EF8C9AD59BA89A41
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5774AE40D6FBD212EB74E6C5A84BDF68
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Frame ID: 7D17953CC32D15DC4F8C0FB06663C3C1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

495
Requests

89 %
HTTPS

15 %
IPv6

78
Domains

107
Subdomains

63
IPs

8
Countries

10355 kB
Transfer

15129 kB
Size

11
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.news8.de/
Title: Kategorien

Search URL Search Domain Scan URL

URL: https://www.fesch.tv/parteienforscher-darum-koennte-laschet-am-ende-scheitern/

Search URL Search Domain Scan URL

URL: http://www.fesch.tv/
Title: Bessy

Search URL Search Domain Scan URL

URL: https://www.fesch.tv/jennifer-aniston-deswegen-will-sie-nur-mit-geimpften-leuten-abhaengen-fesch-tv/

Search URL Search Domain Scan URL

URL: https://www.fesch.tv/kim-kardashian-west-unterstuetzt-kanye-west-bei-seiner-letzten-listening-party-fesch-tv/

Search URL Search Domain Scan URL

URL: https://www.fesch.tv/ryan-reynolds-behauptet-disney-habe-die-idee-eines-deadpool-und-bambi-crossovers-abgelehnt-fesch-tv/

Search URL Search Domain Scan URL

URL: https://www.fesch.tv/camila-cabello-ueber-den-vorteil-sozialer-medien-fesch-tv/

Search URL Search Domain Scan URL

URL: https://www.fesch.tv/feschtv-mein-erster-tag-in-wobbly-life-2/

Search URL Search Domain Scan URL

URL: https://www.fesch.tv/feschtv-mein-erster-tag-in-wobbly-life/

Search URL Search Domain Scan URL

URL: https://schlieben.de/
Title: Schlieben

Search URL Search Domain Scan URL

URL: https://webplexmedia.de/
Title: WebplexMedia GmbH

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

http://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 161

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 164

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 176

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_300x250&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 187

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEIJ1vQ8aXte_dkrT9w54yek&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIJ1vQ8aXte_dkrT9w54yek&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEIJ1vQ8aXte_dkrT9w54yek%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3561940820630504267&opid=apx&ops=&utidl=tech:goo:CAESEIJ1vQ8aXte_dkrT9w54yek&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Request Chain 190

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 202

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESECfB1jVDw4i1YEJl1HKhGWo&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECfB1jVDw4i1YEJl1HKhGWo&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3561940820630504267&opid=apx&ops=&utidl=tech:goo:CAESECfB1jVDw4i1YEJl1HKhGWo&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Request Chain 215

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGOP6-EFajvfWhMHd_8rGds&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGOP6-EFajvfWhMHd_8rGds&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEGOP6-EFajvfWhMHd_8rGds%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3426966216555745417&opid=apx&ops=&utidl=tech:goo:CAESEGOP6-EFajvfWhMHd_8rGds&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19666128040&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Request Chain 227

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_970x250&actionid=920184&produktid=girodirekt&dt_url=

Request Chain 241

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produktid=girodirekt&dt_url=

Request Chain 244

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 256

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESELDgZNXtxTv-b2MDSn1xi8I&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELDgZNXtxTv-b2MDSn1xi8I&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELDgZNXtxTv-b2MDSn1xi8I%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2523836470160306372&opid=apx&ops=&utidl=tech:goo:CAESELDgZNXtxTv-b2MDSn1xi8I&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19666677774&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Request Chain 271

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_970x250&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 280

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produktid=girodirekt&dt_url=

Request Chain 281

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEFeyvnjnvDicicQ9KpqTC5E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258

Request Chain 283

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef52-8c66-4b8a-614c-8a02a1e09ac4%26reqId%3Df76b0723-aaf7-41f8-402c-ce309b092303%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef52-8c66-4b8a-614c-8a02a1e09ac4%26reqId%3Df76b0723-aaf7-41f8-402c-ce309b092303%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258

Request Chain 284

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef52-8c66-4b8a-614c-8a02a1e09ac4%26reqId%3Df76b0723-aaf7-41f8-402c-ce309b092303%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef52-8c66-4b8a-614c-8a02a1e09ac4%26reqId%3Df76b0723-aaf7-41f8-402c-ce309b092303%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=50783381750508615571174002981623352748&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258

Request Chain 285

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=ZlngyZ3nwp6yGizNhzuM1osp3XkYobro%2BS41iYitP1U%3D

Request Chain 286

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef52-8c66-4b8a-614c-8a02a1e09ac4%26reqId%3Df76b0723-aaf7-41f8-402c-ce309b092303%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=e000610e-a294-4500-acd6-7cc146949b9b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258

Request Chain 290

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEMlzoImsvffOD1fGFuzqdLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258

Request Chain 292

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad735-8ede-45e7-6d13-787d9f93bdd8%26reqId%3D68179a63-fd07-477c-7fea-2f85f369472f%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad735-8ede-45e7-6d13-787d9f93bdd8%26reqId%3D68179a63-fd07-477c-7fea-2f85f369472f%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258

Request Chain 293

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6daad735-8ede-45e7-6d13-787d9f93bdd8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad735-8ede-45e7-6d13-787d9f93bdd8%26reqId%3D68179a63-fd07-477c-7fea-2f85f369472f%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6daad735-8ede-45e7-6d13-787d9f93bdd8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad735-8ede-45e7-6d13-787d9f93bdd8%26reqId%3D68179a63-fd07-477c-7fea-2f85f369472f%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=75690017678168102843307564103886423746&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258

Request Chain 294

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=VGZc7t8uVQGjC8uYjkMSfO2fchpafWVj%2BS41iYitP1U%3D

Request Chain 295

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad735-8ede-45e7-6d13-787d9f93bdd8%26reqId%3D68179a63-fd07-477c-7fea-2f85f369472f%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=a40d610e-a294-4c00-af15-7c3eaefaf56c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258

Request Chain 297

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESECHJYfolMpvQ_JnwpEN_1dM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258

Request Chain 299

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087bf-0e09-4f2f-5b57-90c1e3581940%26reqId%3Db04fb981-6c68-4c03-7705-fe53bcadd0ad%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087bf-0e09-4f2f-5b57-90c1e3581940%26reqId%3Db04fb981-6c68-4c03-7705-fe53bcadd0ad%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258

Request Chain 300

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=79c087bf-0e09-4f2f-5b57-90c1e3581940&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087bf-0e09-4f2f-5b57-90c1e3581940%26reqId%3Db04fb981-6c68-4c03-7705-fe53bcadd0ad%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=79c087bf-0e09-4f2f-5b57-90c1e3581940&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087bf-0e09-4f2f-5b57-90c1e3581940%26reqId%3Db04fb981-6c68-4c03-7705-fe53bcadd0ad%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=87184685948734193712898779371216851634&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258

Request Chain 301

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hqXSccse2AqjC8uYjkMSfBBxNd7865N7%2BS41iYitP1U%3D

Request Chain 302

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087bf-0e09-4f2f-5b57-90c1e3581940%26reqId%3Db04fb981-6c68-4c03-7705-fe53bcadd0ad%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=163c610e-a294-4000-a995-b59af1c2ce92&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258

Request Chain 336

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fnews8.de%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%25252BUTOk%25253D%26hn_ver%3D18%26fid%3D6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9

Request Chain 337

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D77D060-10A6-4407-BAFB-B2E2C52DE297&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9

Request Chain 338

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&google_gid=CAESEA3YeWCvEXDENMFxII0R33k&google_cver=1

Request Chain 339

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&gdpr=0&cklb=1

Request Chain 340

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Request Chain 342

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Request Chain 344

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fmedia.blackbeats.fm%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%25253D%26hn_ver%3D18%26fid%3D59f90329-fd79-44d1-a850-57a8b362cb4c HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D&hn_ver=18&fid=59f90329-fd79-44d1-a850-57a8b362cb4c

Request Chain 346

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&google_gid=CAESEDaomwluf_JNhFzBJMHk5GU&google_cver=1

Request Chain 347

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D59f90329-fd79-44d1-a850-57a8b362cb4c&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&gdpr=0&cklb=1

Request Chain 348

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D59f90329-fd79-44d1-a850-57a8b362cb4c HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D59f90329-fd79-44d1-a850-57a8b362cb4c HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=59f90329-fd79-44d1-a850-57a8b362cb4c

Request Chain 349

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&google_gid=CAESEF_8ovh43yMsrtDthhf4V9I&google_cver=1

Request Chain 353

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D3d0daa1b-34e2-4838-b209-b68311b19dd0&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&gdpr=0&cklb=1

Request Chain 354

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d0daa1b-34e2-4838-b209-b68311b19dd0 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d0daa1b-34e2-4838-b209-b68311b19dd0 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0

Request Chain 355

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fnews8.de%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%25253D%26hn_ver%3D18%26fid%3D3d0daa1b-34e2-4838-b209-b68311b19dd0 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D&hn_ver=18&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0

Request Chain 356

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Request Chain 358

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dda36529c-3af8-4a21-be85-df4259ac7926 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dda36529c-3af8-4a21-be85-df4259ac7926 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A2B2DC11-4948-4B80-B007-7BA9C45562B4&fid=da36529c-3af8-4a21-be85-df4259ac7926

Request Chain 359

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fnews8.de%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%25252BUTOk%25253D%26hn_ver%3D18%26fid%3Dda36529c-3af8-4a21-be85-df4259ac7926 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=da36529c-3af8-4a21-be85-df4259ac7926

Request Chain 361

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dda36529c-3af8-4a21-be85-df4259ac7926&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=da36529c-3af8-4a21-be85-df4259ac7926&gdpr=0&cklb=1

Request Chain 362

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=da36529c-3af8-4a21-be85-df4259ac7926 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=da36529c-3af8-4a21-be85-df4259ac7926&google_gid=CAESEBoAhWmbiCp_0SDLTCXVvEU&google_cver=1

Request Chain 374

https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=0&topUrl=news8.de HTTP 302
https://mug.criteo.com/sid?cpp=U5zl4HxhZ1lNMWUwWFR3cThkZ2VDOEJmZ0dHaGFkVUJ3SWxLemhpWUpuTnhvSXpiTjdPSDllNjVUZ3UzNDBqRWFpQ293M09Kemdsa1gyY21hRzBydktValpxNFIyVzRXU1Z3cUZJeGQydUVCM0l5cTFpT29IWThrdzFKbUxZNjkwMUJZdWdlU1lnL1hkM1c4QXVXbnJYWHFpdUtQeUN2S2daMHhUNWRQazNsNnIySkxvSkVGZFJZT3VzQ2UyOUZaU1huVEpUeW9WYUJwTWUwR1pacXdYc2hUYWR3PT18&cppv=2

Request Chain 406

https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy= HTTP 302
https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1

Request Chain 407

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

Request Chain 409

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NDYzMGJmMjZjMjE3ZjZhOGVmNTAzNGIw&gdpr=1 HTTP 302
https://ap.lijit.com/dsp/google/reporting?gdpr=1

Request Chain 410

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

Request Chain 411

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=_5r5nKiZ8Jjkz6_K-p_kzv6aqsrkn_jNqskMx-UL

Request Chain 412

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

Request Chain 414

https://um.simpli.fi/lj_match?r=1628349082888&gdpr=1&gdpr_consent= HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 416

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=QvAb2rGNxInjsEojo9DM&pi=sovrn&gdpr_consent=&gdpr=1&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=QvAb2rGNxInjsEojo9DM&pi=sovrn&gdpr_consent=&gdpr=1&tc=1&dnr=1

Request Chain 418

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=1871316022223639565

Request Chain 419

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NDYzMGJmMjZjMjE3ZjZhOGVmNTAzNGIw&gdpr=1

Request Chain 420

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=49&3pid=lLKchT9eD4PH&ev=1&pid=558511&gdpr_consent=&gdpr=1

Request Chain 421

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

Request Chain 424

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=97bbb535-044e-468b-9f0c-77ec36f9dbf2

Request Chain 425

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6816354831067533009&ref=%2Feucm%2Fp%2Fsv HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 427

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=4630bf26c217f6a8ef5034b0&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=dd6d610e-a29b-4800-8a8b-998825f3d822&gdpr=1&gdpr_consent=

Request Chain 428

https://aorta.clickagy.com/pixel.gif?ch=185&cm=4630bf26c217f6a8ef5034b0&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:0efe82cd0b8366e646ecd3cd47201e8e

Request Chain 430

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=

Request Chain 432

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=1&3pid=3303476057242999071&gdpr=1&gdpr_consent=

Request Chain 435

https://ce.lijit.com/merge?pid=76&3pid=17a81a1e-c485-0ab0-3620-4eda29fe95f9&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=76&3pid=17a81a1e-c485-0ab0-3620-4eda29fe95f9&gdpr=1&gdpr_consent=&dnr=1

Request Chain 436

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=503b610e-a29e-4f00-83b1-7b0906ca274b

Request Chain 437

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hcS8atLHtWqexbU8gc2haYvH6T6elLk_gc3Q6xji

Request Chain 438

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8374526786484615130

Request Chain 440

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTcyOTE3MTQtZTc0Ni02ZTE5LTY0N2MtYTJjNTliYWQ2NGNi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTcyOTE3MTQtZTc0Ni02ZTE5LTY0N2MtYTJjNTliYWQ2NGNi&google_tc=

Request Chain 441

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGkPnktS_oxd0evASSXDs2g&google_cver=1

Request Chain 442

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=5006092630810152960

Request Chain 445

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_eb02cd62-cd0e-4600-b20f-394955628b3a&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

Request Chain 446

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 447

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=Bt7m3Q9bsgxi&ev=1&pid=558355

Request Chain 448

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_eb02cd62-cd0e-4600-b20f-394955628b3a&obuid=ENC(C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DC6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DC6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzUyNkMxQzUtMDkwOS00Mjg3LUFDOUYtMUMyQTc3RDU4MTRE&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DC6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP%26uid%3DC526C1C5-0909-4287-AC9F-1C2A77D5814D HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP&uid=C526C1C5-0909-4287-AC9F-1C2A77D5814D

Request Chain 449

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=8c7b60ae-0624-08eb-16e7-e891991fabed

Request Chain 450

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-Hh5eNcJE2pc9e4zXRPx5CAM8UCc6_ld0WM6t~A

Request Chain 451

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=bc2b8769-f791-11eb-9319-5dd081209fa4

Request Chain 454

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=87b516b0-6484-406a-a3e2-6c92148d9d3a

Request Chain 455

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=1353685855538548563&gdpr=1&gdpr_consent=

Request Chain 459

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 460

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=503b610e-a29e-4f00-83b1-7b0906ca274b&gdpr=1&gdpr_consent=

Request Chain 461

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YQ6ingADS2VZ0ABg&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg

Request Chain 462

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent=&google_tc=

Request Chain 465

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YQ6in8Co8XkAAKzakOoAAAAA

Request Chain 466

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1870471597262945537

Request Chain 467

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=QvAb2rGNxInjsEojo9DM&pi=gumgum

Request Chain 482

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021080717113153997436175X117663V1225131106MSoneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250 HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021080717113153997436175X117663V1225131106MSoneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250&wfid=117663

495 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
news8.de/ 156 KB
157 KB 393ms
365ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://news8.de/

Protocol

HTTP/1.1

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

02b7260adf2469d0b9280c8d09f76b63a8539b8875403ac39ddd8a99cf68cbb7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: news8.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sat, 07 Aug 2021 15:11:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 07 Aug 2021 14:14:32 GMT
Link: <https://news8.de/wp-json/>; rel="https://api.w.org/"
Expires: Sun, 08 Aug 2021 15:11:13 GMT
Cache-Control: max-age=86400
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.min.css
news8.de/wp-includes/css/dist/block-library/ 57 KB
57 KB 68ms
52ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 15 Apr 2021 18:35:59 GMT
Server: nginx
ETag: "6078878f-e33b"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58171
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_1c86eae769594960ac0ca2c97f1e0fd8.css
news8.de/wp-content/cache/wmac/css/ 6 KB
6 KB 67ms
51ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_1c86eae769594960ac0ca2c97f1e0fd8.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: c9aeea516311505aad685ba305da7f535e51bd3052f9cff8677a4c70be4ca55b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-1881"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6273
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_8f0912392af6de0a3fa95a260d7b71f0.css
news8.de/wp-content/cache/wmac/css/ 13 KB
14 KB 68ms
52ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_8f0912392af6de0a3fa95a260d7b71f0.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 73f7738878e54c2dd6c2d79edf5763175124049d669c28543b9c80342ce5a17c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-34be"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13502
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_9bb5a28586f226aac80b708fdf03ce7f.css
news8.de/wp-content/cache/wmac/css/ 58 KB
58 KB 67ms
52ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_9bb5a28586f226aac80b708fdf03ce7f.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 53a1ee0f1371425a273deed2af1b5d1ac4a123774b42d961589a23884d51d9c1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-e78b"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59275
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_8aebb373abf3d16664650e82baec759c.css
news8.de/wp-content/cache/wmac/css/ 573 B
905 B 67ms
50ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_8aebb373abf3d16664650e82baec759c.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-23d"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 573
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_d0a00313c0c15738eca27eb9df2e334d.css
news8.de/wp-content/cache/wmac/css/ 442 B
774 B 69ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_d0a00313c0c15738eca27eb9df2e334d.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 2a3214455e3a5ac54649add67e0bddd593f92fe190a09c22a2270c9bef891a72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-1ba"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 442
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_4bc19d35d9e5befbc0d4ac845aab7f5b.css
news8.de/wp-content/cache/wmac/css/ 2 KB
2 KB 92ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_4bc19d35d9e5befbc0d4ac845aab7f5b.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: bdbaae24cb5e89820feaa34c9363b83e4f7e3160e452d45c3b9b602b9b73b534

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-854"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2132
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
news8.de/wp-content/cache/wmac/css/ 22 KB
22 KB 92ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 67a80e1c7b36aa53913a77e36a8a6ed6e1e2f305e254476efab497ab7b967e69

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-5870"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22640
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_15a5edb399271f812847871978ee6cf5.css
news8.de/wp-content/cache/wmac/css/ 5 KB
5 KB 93ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_15a5edb399271f812847871978ee6cf5.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 1c70babefa9822756487660bc9f6efb38bc17af3b652453f469c1b688074e536

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-12ee"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4846
Expires: Sun, 08 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_dd755805eb89a1dfb117a6525d622366.css
news8.de/wp-content/cache/wmac/css/ 13 KB
13 KB 103ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_dd755805eb89a1dfb117a6525d622366.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 20822478d32f7b9cebbe947fa565a20d155a5f710403e3bbea65ca814dbe8b8b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-333b"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13115
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_dbd7348e9bfe6474117b3d8ca3bc857e.css
news8.de/wp-content/cache/wmac/css/ 1 KB
2 KB 125ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_dbd7348e9bfe6474117b3d8ca3bc857e.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 2a1f470895f45ab9e7bd67a603458a662c16bd7628d2990cb311b87d0dec5c19

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-5df"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1503
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_2fc5116c97d563229d247a96d5311977.css
news8.de/wp-content/cache/wmac/css/ 5 KB
5 KB 127ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_2fc5116c97d563229d247a96d5311977.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: bb3296813f7b54986ae0d9a55a8df2463a8b4278de212459b313cd765b8a4774

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-1298"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4760
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 6 KB
1 KB 22ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%26display%3Dswap&subset=latin%2Clatin-ext

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f1334d1442c3698fbe8d079d59d4c1e72323bec634c9185d030ea7ca8fa052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 07 Aug 2021 15:11:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Sat, 07 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 579 KB
44 KB 59ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRavi+Prakash%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83ad7047ef955ca141076e0e6a500e57fc6596cdc5f5ab946e7ed13b4190e530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 07 Aug 2021 15:11:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Sat, 07 Aug 2021 15:11:13 GMT

GET
H/1.1 200
OK wmac_single_ba80fc2dd04c0dc56e704a7dfc2f2458.css
news8.de/wp-content/cache/wmac/css/ 157 KB
157 KB 130ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_ba80fc2dd04c0dc56e704a7dfc2f2458.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 1a252ab44aea48932fabadc302800d16dce7195a44326b1bfe94fb5b3ab810f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-27280"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 160384
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_eaf5f7af8290dfa1e86ddbf831d79efe.css
news8.de/wp-content/cache/wmac/css/ 92 B
422 B 130ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_eaf5f7af8290dfa1e86ddbf831d79efe.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-5c"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK font-awesome.min.css
news8.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
31 KB 138ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Sun, 21 Mar 2021 04:33:46 GMT
Server: nginx
ETag: "6056ccaa-7917"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30999
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_d49fbfc6c0444e7c67b2ee7ae284a293.css
news8.de/wp-content/cache/wmac/css/ 1 KB
2 KB 145ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_d49fbfc6c0444e7c67b2ee7ae284a293.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 8156497af6e016c713379e4ecb3006cce8360d92d858eda6924aa40ba917c0fe

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-4be"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1214
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_6a1d72f2fa3f49ba4216abcb0b63815b.css
news8.de/wp-content/cache/wmac/css/ 3 KB
3 KB 156ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_6a1d72f2fa3f49ba4216abcb0b63815b.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: b190bec40be9563df5802aa246508502691500f57eb9018a96c2fe7bf22381e3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-b12"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2834
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_241421b5d09d0d375ed4ef120de787dc.css
news8.de/wp-content/cache/wmac/css/ 36 KB
36 KB 158ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_241421b5d09d0d375ed4ef120de787dc.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: f18e4698b1282cf42ab3e3011e1027b7e2fab2afb339417e38a06449c5f10529

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-9030"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36912
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_1e771bb438801107ae5a283f4b31bc89.css
news8.de/wp-content/cache/wmac/css/ 111 KB
111 KB 163ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_1e771bb438801107ae5a283f4b31bc89.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 6634563eec684020fbbbeebc71f8e2f7fd7782e057c6e722abd19116bf8701b2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-1baf7"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113399
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_28d4882ebc1dba4a8328d08dc5200daf.css
news8.de/wp-content/cache/wmac/css/ 34 KB
34 KB 178ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_28d4882ebc1dba4a8328d08dc5200daf.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 85e267b92c6a639a35e54f01bb3bede4ff1bc3ff715bea017e04cc8d3d304abb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-8824"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34852
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
news8.de/wp-content/cache/wmac/css/ 24 KB
24 KB 190ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: b5973c7b9e0fc3296016ea9c24884a4e84fbd9630fd9b4d88b697158d6a662e5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-5fb3"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24499
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK select2.min.css
news8.de/wp-content/plugins/ultimate-member/assets/css/select2/ 15 KB
15 KB 190ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Tue, 20 Apr 2021 20:32:09 GMT
Server: nginx
ETag: "607f3a49-3a76"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14966
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_59336521688d38bb8f1c5501c73ce211.css
news8.de/wp-content/cache/wmac/css/ 3 KB
3 KB 192ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_59336521688d38bb8f1c5501c73ce211.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: cceaa58cfc7773b7f4864d26b8854e3deb386ab0372b6cc33d38e3e875437eb6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-c7a"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3194
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_16a0a3ad09659fdcaa31be2bafd99926.css
news8.de/wp-content/cache/wmac/css/ 3 KB
3 KB 192ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_16a0a3ad09659fdcaa31be2bafd99926.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: d93e8f042ec01770e430bf2b4822157f34589485e314bfe6a0ef9ee6297ffb31

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-c21"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3105
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_fcfc6477f65df6f82da870fdd8f8129d.css
news8.de/wp-content/cache/wmac/css/ 17 KB
17 KB 220ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_fcfc6477f65df6f82da870fdd8f8129d.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 958b76a1a9b936a90ad2d7d51dea619af19dd0feb3a79876ccf447993815bae4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-4362"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17250
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_33e4b3d778de959e909ca05248b5a365.css
news8.de/wp-content/cache/wmac/css/ 8 KB
8 KB 224ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_33e4b3d778de959e909ca05248b5a365.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: ffa6b63bbede30e4937217f9d17cddf1a55a97b9f2c226011ed7b7a8ee2d7536

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-1e76"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7798
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_8552692e086f7ffdabd9c5ad23ec2314.css
news8.de/wp-content/cache/wmac/css/ 3 KB
4 KB 225ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_8552692e086f7ffdabd9c5ad23ec2314.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: d71b1722a86feb175cf26b030003b5bff5c708e070bc72b2e4cc2d8492129460

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-dc6"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3526
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_c77ae194cd5b025baa7c6fd1a24137d6.css
news8.de/wp-content/cache/wmac/css/ 2 KB
2 KB 225ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_c77ae194cd5b025baa7c6fd1a24137d6.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 86bca6ce011493365eba131df592f31e72f7251d7dd6fa0f1b723d3f107f8f6f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-67d"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1661
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_abc4e3c2f8c1400e944853a6f14b048a.css
news8.de/wp-content/cache/wmac/css/ 3 KB
3 KB 229ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_abc4e3c2f8c1400e944853a6f14b048a.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: a327f98329c040b225029235f30448bf290256baa8f76a4c04cb45b2eb1bc6ae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-b91"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2961
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_afcb16d3ae878da9961ca53164e1f2aa.css
news8.de/wp-content/cache/wmac/css/ 2 KB
2 KB 243ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_afcb16d3ae878da9961ca53164e1f2aa.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 193a04fa09b754cb1103c7518253baf873320c898ed831c9783e42fae488523e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-8ab"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2219
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_fb1e35155d11a8c40e32f8be9351ee53.css
news8.de/wp-content/cache/wmac/css/ 4 KB
4 KB 253ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_fb1e35155d11a8c40e32f8be9351ee53.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: c7672b1f8efbb532817e72b70aa9f39f4616b10e2e7f008b2975d305d0c2998c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-ec9"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3785
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_a995f682910b091a3966acfb5857c52e.css
news8.de/wp-content/cache/wmac/css/ 1 KB
2 KB 257ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_a995f682910b091a3966acfb5857c52e.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: d12eb44c7f6038966737af70549631d70bb252740d2ccabbcf78ec866869333b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-5b5"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1461
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_d5d624b2b2d2d19b8d2a7dc1328b7d05.css
news8.de/wp-content/cache/wmac/css/ 1 KB
1 KB 258ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_d5d624b2b2d2d19b8d2a7dc1328b7d05.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 6d65d818e5e9a949560b900fbf950d482e4bc95e15c7e8182ba9da491616ddb2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-49c"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1180
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_e0681482aaf0007fd323a9da1ce7f675.css
news8.de/wp-content/cache/wmac/css/ 3 KB
3 KB 258ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_e0681482aaf0007fd323a9da1ce7f675.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: ca41986254f8635bb72b990cd85b62f0f5b4e5f1b39cd7670c1b441b6b8e7d2b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-a26"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2598
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_6fea8331ec95a566deb3fd8f2e5642e9.css
news8.de/wp-content/cache/wmac/css/ 2 KB
2 KB 261ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_6fea8331ec95a566deb3fd8f2e5642e9.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: b304e59ed1d6399f00578b6053c731d259b5ad4ca1da7b4fc1a94d166eec7c30

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-7d6"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2006
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_9898b4fbe7dab96d336d3ed7f6a91dea.css
news8.de/wp-content/cache/wmac/css/ 10 KB
10 KB 276ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_9898b4fbe7dab96d336d3ed7f6a91dea.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 650ac99ee8a6ef50220f78053e21bcc2c96a8e1a91d3a849f96c358c121b1d84

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-277d"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10109
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wmac_single_56f902a1b9086d69f7dbfe86f7a16e2d.css
news8.de/wp-content/cache/wmac/css/ 5 KB
5 KB 286ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_56f902a1b9086d69f7dbfe86f7a16e2d.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 97589eaccfbe78ee0a2455024933ac3a5b79a9f6b753a5cda7e5c7010ec8b29d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-14a5"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5285
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

http://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
20 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 15:30:46 GMT

Redirect headers

Date: Sat, 07 Aug 2021 14:44:10 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1623
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/charts/loader.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Sat, 07 Aug 2021 15:14:10 GMT

GET
H2 200 banner.js Show response
consent.cookiefirst.com/ 487 B
1 KB 81ms
26ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.js
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: Cookie First CDN-DE1-756 /
Resource Hash: fc8b4f2dd7593ae2d4f3badfc2b649df547760c1ad02ebc00a74a265ccabdeca

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:13 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-storageserver: DE-169
cdn-cachedat: 08/07/2021 17:10:52
cdn-pullzone: 236985
server: Cookie First CDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 21 Jun 2021 15:11:03 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=300
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid: fe843abb15e460494fc35123762f3a7b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cropped-new8deheader-2048x575.png
news8.de/wp-content/uploads/2021/02/ 226 KB
226 KB 132ms
53ms Image
image/png 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/02/cropped-new8deheader-2048x575.png

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

8069568a348cd6820a8ec527a547c2c1f370206b9ec21e391563d8a8389aa04b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Wed, 03 Feb 2021 01:24:59 GMT
server: nginx
etag: "6019fb6b-386ef"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 231151
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 banner.php Show response
view.webplexmedia.de/ 221 B
362 B 93ms
24ms Script
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=1&s=0&sid=929&size=5

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

74ff499538cf591248810e8b569386c5efeec7eaa4ad1c51ba50a3842bdf7266

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
cache-control: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 109-150x150.jpg
news8.de/wp-content/uploads/2018/08/ 9 KB
9 KB 174ms
95ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2018/08/109-150x150.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

8f54026d94ef1734a1a29ea411fd5fb0b09f02b438b799bf1a088485c4ba045d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Wed, 13 Jan 2021 03:02:47 GMT
server: nginx
etag: "5ffe62d7-2437"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9271
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Wer-manchmal-nachts-aufwacht-hat-nicht-gleich-eine-Schlafstoerung-150x150.jpg
news8.de/wp-content/uploads/2018/11/ 6 KB
7 KB 174ms
96ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2018/11/Wer-manchmal-nachts-aufwacht-hat-nicht-gleich-eine-Schlafstoerung-150x150.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

7cc57368a0c50a6797e74ba8a99e457997b7280e497630d249913b8e064bac3e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Wed, 13 Jan 2021 02:17:07 GMT
server: nginx
etag: "5ffe5823-19c0"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6592
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Cover-150x150.jpg
news8.de/wp-content/uploads/2020/12/ 7 KB
7 KB 174ms
96ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2020/12/Cover-150x150.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

f65fde2255ae7ee1aecf2ac52c2d97f0333bf55f8a2a3f6cb48e7da07cf7b044

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Tue, 12 Jan 2021 22:00:49 GMT
server: nginx
etag: "5ffe1c11-1c42"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7234
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 banner.php Show response
view.webplexmedia.de/ 221 B
361 B 86ms
25ms Script
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

c03e461ea1fda33e2b513dff9d33b70ec710e31d361a1a214f050142aef4f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
cache-control: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK wmac_single_ed352b40673263427125182f31ea6eca.css
news8.de/wp-content/cache/wmac/css/ 7 KB
7 KB 35ms
33ms Stylesheet
text/css 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_ed352b40673263427125182f31ea6eca.css
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 997c32003a6e783337a31a800313fe2ef5429c60a8a8a56ae51261ceb2380f14

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-1aa1"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6817
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 slider.php Show response
view.webplexmedia.de/ 7 KB
2 KB 109ms
54ms Script
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/slider.php?uid=495573400&e=0&p=1&s=0&sid=929

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

16605bc846ec9816b10f9e506dbe9a26ffea1edf2ee5e0de128093ec545db85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
cache-control: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK wmac_0e5d43f7f51799ce869ab0581ea01a63.js Show response
news8.de/wp-content/cache/wmac/js/ 1 MB
1 MB 35ms
33ms Script
application/javascript 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/cache/wmac/js/wmac_0e5d43f7f51799ce869ab0581ea01a63.js
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 9d3f94088f77a589448abfffa4bfdddf23d695955b910306b0df53a112fb7f34

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 05 Aug 2021 12:04:06 GMT
Server: nginx
ETag: "610bd3b6-109f76"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1089398
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
news8.de/wp-includes/js/ 14 KB
14 KB 35ms
33ms Script
application/javascript 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: news8.de
URL: http://news8.de/
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 04 Feb 2021 08:32:13 GMT
Server: nginx
ETag: "601bb10d-3795"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14229
Expires: Sun, 08 Aug 2021 15:11:14 GMT

OPTIONS
H2 200 hit
news8.de/wp-json/wp-statistics/v2/ Frame 0
0 248ms
175ms Preflight
application/json 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/wp-json/wp-statistics/v2/hit?_=1628349073&_wpnonce=5ebb9bca24&wp_statistics_hit_rest=yes&browser=Chrome&platform=Windows&version=10.0&referred=https://news8.de&ip=213.232.87.179&exclusion_match=no&exclusion_reason&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&track_all=1&timestamp=1628356273&current_page_type=home&current_page_id=0&search_query&page_uri=/&user_id=0

Protocol

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://news8.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://news8.de/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: 5ebb9bca24
allow: GET
access-control-allow-origin: http://news8.de
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-credentials: true
vary: Origin
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H3-29 200 loader.js Show response
www.gstatic.com/charts/51/ 48 KB
48 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/loader.js

Requested by

Host: www.google.com
URL: http://www.google.com/jsapi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f9c7dcb6d3f3fd50ac55a55f8a4168652122756d7763c13c333c9d4b8a36f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:34:02 GMT
x-content-type-options: nosniff
age: 2232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49299
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:04:22 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 15:34:02 GMT

GET
H2 200 hit Show response
news8.de/wp-json/wp-statistics/v2/ 66 B
590 B 179ms
179ms XHR
application/json 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
link: <https://news8.de/wp-json/>; rel="https://api.w.org/"
allow: GET
server: nginx
x-wp-nonce: 5ebb9bca24
vary: Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://news8.de
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=86400
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 runtime-main.099b.js Show response
consent.cookiefirst.com/banner/324595083/static/js/ 3 KB
2 KB 33ms
32ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/324595083/static/js/runtime-main.099b.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: Cookie First CDN-DE1-756 /
Resource Hash: 90744aedca6ab38ce7686f085c62e22dc8f0457aa2a8ee97856e99c926742f8a

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-storageserver: DE-169
cdn-cachedat: 2021-08-07 13:01:33
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 21 Jun 2021 15:11:05 GMT
server: Cookie First CDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31556926
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid: 3ac8d7258cfcd0e0c82e655b543ed444
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 3.f7a3.chunk.js Show response
consent.cookiefirst.com/banner/324595083/static/js/ 99 KB
36 KB 33ms
32ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/324595083/static/js/3.f7a3.chunk.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: Cookie First CDN-DE1-756 /
Resource Hash: 472b824439c2accd891b49625e554376dccf5e689423d419bee76df8efd69ecd

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-storageserver: DE-169
cdn-cachedat: 2021-08-05 14:35:37
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 21 Jun 2021 15:11:05 GMT
server: Cookie First CDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31556926
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid: 05a2fd1fca13776008f9d4e585bf6f75
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.21e6.chunk.css
consent.cookiefirst.com/banner/324595083/static/css/ 40 KB
11 KB 34ms
31ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/324595083/static/css/main.21e6.chunk.css
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: Cookie First CDN-DE1-756 /
Resource Hash: fc7046deed2b11d3b722b5868bcdeeb5d7e0e05217d1e50103b8d4c05e43cc1b

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-storageserver: DE-51
cdn-cachedat: 2021-08-05 14:35:37
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 21 Jun 2021 15:11:03 GMT
server: Cookie First CDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31556926
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid: a7d17da575f12726f5ef710a670e50b0
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.95b1.chunk.js Show response
consent.cookiefirst.com/banner/324595083/static/js/ 72 KB
22 KB 33ms
32ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/324595083/static/js/main.95b1.chunk.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: Cookie First CDN-DE1-756 /
Resource Hash: f37c6e7ef0c554857a3504866eb2d8b75a0a950a713465032fbeb935d24747a2

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-storageserver: DE-169
cdn-cachedat: 2021-08-07 13:54:33
cdn-pullzone: 236985
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 21 Jun 2021 15:11:05 GMT
server: Cookie First CDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31556926
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cdn-requestid: 0fd8e86a5058d9159c9317329d0d67d2
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK bgone.png
news8.de/wp-content/themes/newsup-pro/images/bg-pattern/ 3 KB
3 KB 34ms
33ms Image
image/png 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://news8.de/wp-content/themes/newsup-pro/images/bg-pattern/bgone.png

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

HTTP/1.1

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

672837f7c3468f78dc467f095815667f2d257ee045d320ed95a19232937e54ba

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Wed, 03 Feb 2021 00:20:08 GMT
Server: nginx
ETag: "6019ec38-c8d"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3213
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK cropped-new8deheader-1.png
news8.de/wp-content/uploads/2021/02/ 201 KB
201 KB 34ms
34ms Image
image/png 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://news8.de/wp-content/uploads/2021/02/cropped-new8deheader-1.png

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

HTTP/1.1

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

377f111f5b9b9a0f4b13fbd238493ecf98c07354de272b8558eb4cf8966714ee

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://news8.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Wed, 03 Feb 2021 23:14:34 GMT
Server: nginx
ETag: "601b2e5a-32253"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 205395
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v22/ 14 KB
15 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v22/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRavi+Prakash%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://news8.de
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 16:13:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Aug 2021 15:53:19 GMT
Server: sffe
Age: 82694
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14440
X-XSS-Protection: 0
Expires: Sat, 06 Aug 2022 16:13:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
news8.de/wp-content/plugins/ultimate-member/assets/font/ 96 KB
96 KB 34ms
34ms Font
application/font-woff 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://news8.de/wp-content/plugins/ultimate-member/assets/font/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: news8.de
URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
Protocol: HTTP/1.1
Server: 62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmd55357.contaboserver.net
Software: nginx /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Pragma: no-cache
Origin: http://news8.de
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://news8.de/wp-content/cache/wmac/css/wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://news8.de
Referer: http://news8.de/wp-content/cache/wmac/css/wmac_single_48ff9d03ab2419b1057dd3e29067436e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Tue, 20 Apr 2021 20:32:09 GMT
Server: nginx
ETag: "607f3a49-17ee8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98024
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame 31FC 740 B
593 B 24ms
23ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=1&s=0&sid=929&size=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

8b6d4698f1d2782fc265615021e4ed826ae859c976dcb8bde5dcb6d85c9bc10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://news8.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 original-720x266.jpg
news8.de/wp-content/uploads/2021/08/ 36 KB
36 KB 34ms
34ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/original-720x266.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

d54c5d4437a375b209245dcbc00ee398305aa5c98ec41ec80d68c86229ddde26

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 14:14:33 GMT
server: nginx
etag: "610e9549-8f16"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 36630
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Schrottabholung-Witten-720x380.jpg
news8.de/wp-content/uploads/2021/08/ 66 KB
66 KB 35ms
34ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/Schrottabholung-Witten-720x380.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

39afb5b43ad3479d74513ef07e307097b124203a2df96ac79465d32fd868c0ac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 12:24:54 GMT
server: nginx
etag: "610e7b96-10841"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 67649
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 KEINEGebuehrenKEINENVersandBrittaKarina-600x380.jpg
news8.de/wp-content/uploads/2021/08/ 77 KB
77 KB 38ms
37ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/KEINEGebuehrenKEINENVersandBrittaKarina-600x380.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

071e057ebecf90a57041908e5d032bd501f8406f00a710380c0a4cfaa760f40b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 11:08:55 GMT
server: nginx
etag: "610e69c7-13491"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 78993
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Schrottabholung-Wuppertal-720x380.jpg
news8.de/wp-content/uploads/2021/08/ 64 KB
64 KB 42ms
41ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/Schrottabholung-Wuppertal-720x380.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

ee93ceb4bbba172808e8fe3e0a4d4e93574673dcd0e2d6bfa46099ec73715957

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 08:48:46 GMT
server: nginx
etag: "610e48ee-fee5"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 65253
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Desktop164.jpg
news8.de/wp-content/uploads/2021/08/ 107 KB
107 KB 49ms
49ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/Desktop164.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

8ba7bdc71b3de54bebe0a12423eafdd7cb9924fee059f12c94c7b6a636f06a5e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 08:16:23 GMT
server: nginx
etag: "610e4157-1aa83"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 109187
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 KinderDieserErdeBand2Karina.jpg
news8.de/wp-content/uploads/2021/08/ 74 KB
75 KB 55ms
54ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/KinderDieserErdeBand2Karina.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

eb2804c57d84be55ffe30a518a48a2f5ec355690957b6a253a9f798943b7217e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 06:42:46 GMT
server: nginx
etag: "610e2b66-129ad"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 76205
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame A364 740 B
592 B 24ms
23ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://news8.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H3-29 200 tooltip.css
www.gstatic.com/charts/51/css/core/ 1 KB
558 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/core/tooltip.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 533
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 15:28:19 GMT

GET
H3-29 200 util.css
www.gstatic.com/charts/51/css/util/ 12 KB
3 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/util/util.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3203
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 15:53:03 GMT

GET
H3-29 200 jsapi_compiled_i18n_default_module__de.js Show response
www.gstatic.com/charts/51/i18n/ 265 KB
83 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/i18n/jsapi_compiled_i18n_default_module__de.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463d403e36d6bc7e786ff1fb3c179f3b4f3222cc17c19c6bb448214ee125e07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85020
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:11:56 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 16:03:57 GMT

GET
H3-29 200 jsapi_compiled_i18n_graphics_module__de.js Show response
www.gstatic.com/charts/51/i18n/ 24 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/i18n/jsapi_compiled_i18n_graphics_module__de.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caed057552470fc3b136842ef9028755423c5d4d6f6171077e9b5b3fe9dbd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:11:56 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 15:52:16 GMT

GET
H3-29 200 jsapi_compiled_i18n_ui_module__de.js Show response
www.gstatic.com/charts/51/i18n/ 508 KB
167 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/i18n/jsapi_compiled_i18n_ui_module__de.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5591b0180c992fbc51046c2569312fdefbcdbaf1aa24122411032485fe3f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 171115
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:11:56 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 15:29:18 GMT

GET
H3-29 200 jsapi_compiled_i18n_corechart_module__de.js Show response
www.gstatic.com/charts/51/i18n/ 8 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/i18n/jsapi_compiled_i18n_corechart_module__de.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83306d07461a372b203197269e2232c11f21677397b9eeed15a7751145fe29f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1355
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:11:56 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 07 Aug 2021 16:04:31 GMT

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame 19F5 740 B
592 B 23ms
23ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://news8.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 Parteienforscher-Darum-koennte-Laschet-am-Ende-scheitern.jpg
www.fesch.tv/wp-content/uploads/2021/08/ 81 KB
81 KB 86ms
32ms Image
image/jpeg 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fesch.tv/wp-content/uploads/2021/08/Parteienforscher-Darum-koennte-Laschet-am-Ende-scheitern.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

f65e0b4dcbd63c570b84bf48e5e1fb7dc4d7313817e69d7904ae3316cc9d1710

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 13:09:18 GMT
server: nginx
etag: "610e85fe-14285"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 82565
x-xss-protection: 1; mode=block

GET
H2 200 Jennifer-Aniston-Deswegen-will-sie-nur-mit-geimpften-Leuten-abhaengen.jpg
www.fesch.tv/wp-content/uploads/2021/08/ 134 KB
135 KB 86ms
32ms Image
image/jpeg 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fesch.tv/wp-content/uploads/2021/08/Jennifer-Aniston-Deswegen-will-sie-nur-mit-geimpften-Leuten-abhaengen.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

94fe52ff95c629524d8a7e9e8fc3ca1b353f5d11b12b7ffe2695d708879ade15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 06 Aug 2021 19:08:18 GMT
server: nginx
etag: "610d88a2-218ec"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 137452
x-xss-protection: 1; mode=block

GET
H2 200 Kim-Kardashian-West-unterstuetzt-Kanye-West-bei-seiner-letzten-Listening-Party.jpg
www.fesch.tv/wp-content/uploads/2021/08/ 170 KB
170 KB 85ms
32ms Image
image/jpeg 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fesch.tv/wp-content/uploads/2021/08/Kim-Kardashian-West-unterstuetzt-Kanye-West-bei-seiner-letzten-Listening-Party.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

0eb557b702cc18a1124071f84230da1dce26f0ea1ec3f7e22f8e005cd88c12d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 06 Aug 2021 17:08:06 GMT
server: nginx
etag: "610d6c76-2a794"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 173972
x-xss-protection: 1; mode=block

GET
H2 200 Ryan-Reynolds-behauptet-Disney-habe-die-Idee-eines-Deadpool-und-Bambi-Crossovers-abgelehnt.jpg
www.fesch.tv/wp-content/uploads/2021/08/ 243 KB
244 KB 85ms
32ms Image
image/jpeg 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fesch.tv/wp-content/uploads/2021/08/Ryan-Reynolds-behauptet-Disney-habe-die-Idee-eines-Deadpool-und-Bambi-Crossovers-abgelehnt.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

53e39a1601a6dcdbe8ac6e39d302c723232c2fc0a4cd88fa98a19d4eaf1797db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 06 Aug 2021 15:08:16 GMT
server: nginx
etag: "610d5060-3cc8e"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 248974
x-xss-protection: 1; mode=block

GET
H2 200 Camila-Cabello-Ueber-den-Vorteil-sozialer-Medien.jpg
www.fesch.tv/wp-content/uploads/2021/08/ 124 KB
124 KB 84ms
33ms Image
image/jpeg 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fesch.tv/wp-content/uploads/2021/08/Camila-Cabello-Ueber-den-Vorteil-sozialer-Medien.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

3f12b65a5a2423005f6ddd17e9d293f0ebd2ab88c930052cead1167e709fb271

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 06 Aug 2021 15:08:18 GMT
server: nginx
etag: "610d5062-1f08c"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 127116
x-xss-protection: 1; mode=block

GET
H2 200 Desktop163.jpg
news8.de/wp-content/uploads/2021/08/ 117 KB
118 KB 37ms
34ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/Desktop163.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

1466d1cece485b210c057e506ba4faa1f9c1bff3cbd019697f96ddc5b9a69db8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 06 Aug 2021 08:54:36 GMT
server: nginx
etag: "610cf8cc-1d5ea"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 120298
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 TagDerBuchliebhaber2021Indie-564x380.jpg
news8.de/wp-content/uploads/2021/08/ 57 KB
57 KB 40ms
36ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/TagDerBuchliebhaber2021Indie-564x380.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

56add9e00ab92ffe9f87350c2cce58d9a628ca3913a5e33bc04eddd372996a06

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 06 Aug 2021 08:05:59 GMT
server: nginx
etag: "610ced67-e29a"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58010
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 locksmith.jpg
news8.de/wp-content/uploads/2020/12/ 111 KB
111 KB 34ms
33ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2020/12/locksmith.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

3ca4a66e78eefb628ae9d0afce83f347e735dd434b1f6d1b4c49d7418fef176f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Tue, 12 Jan 2021 22:03:37 GMT
server: nginx
etag: "5ffe1cb9-1bc5d"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 113757
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Wie-gelingt-es-chronische-Schmerzen-in-den-Griff-zu-bekommen.jpg
news8.de/wp-content/uploads/2019/03/ 55 KB
55 KB 36ms
36ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2019/03/Wie-gelingt-es-chronische-Schmerzen-in-den-Griff-zu-bekommen.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

4220b8fb111f64113c980bd3e70a5c0f7394cc6bb4f543598e0c5346a34bf4e9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Wed, 13 Jan 2021 04:56:05 GMT
server: nginx
etag: "5ffe7d65-db75"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 56181
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 ghb-gay-party-drug.jpg
news8.de/wp-content/uploads/2018/08/ 27 KB
27 KB 37ms
37ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2018/08/ghb-gay-party-drug.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

10ae22aea41981b389e05f80dc63ebf5e77750ce5999f64de95338fa5f40c6e1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Wed, 13 Jan 2021 02:59:44 GMT
server: nginx
etag: "5ffe6220-6c1c"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 27676
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Ko-tropfen-GBL-GBH.jpg
news8.de/wp-content/uploads/2019/01/ 79 KB
79 KB 38ms
38ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2019/01/Ko-tropfen-GBL-GBH.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

291893cd65d7d54aabada9e28527bd80f507821155b8ec42734e061a5bfdeeaf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Wed, 13 Jan 2021 03:16:48 GMT
server: nginx
etag: "5ffe6620-13b81"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 80769
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame 955D 740 B
593 B 23ms
22ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=1&s=0&sid=929&size=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

8b6d4698f1d2782fc265615021e4ed826ae859c976dcb8bde5dcb6d85c9bc10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://news8.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H/1.1 200
OK silver-right.png
news8.de/wp-content/plugins/cool-tag-cloud/inc/images/ 843 B
1 KB 34ms
33ms Image
image/png 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://news8.de/wp-content/plugins/cool-tag-cloud/inc/images/silver-right.png

Requested by

Host: news8.de
URL: http://news8.de/wp-content/cache/wmac/css/wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css

Protocol

HTTP/1.1

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

2d27c29095dea63352f123ae16072ffbc141969fd70133b3b7c8cef75f0bcb47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://news8.de/wp-content/cache/wmac/css/wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/wp-content/cache/wmac/css/wmac_single_b535dfee3f63967537c8e39bf85c8a0c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
Last-Modified: Thu, 22 Apr 2021 22:23:53 GMT
Server: nginx
ETag: "6081f779-34b"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 843
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame 9005 740 B
592 B 23ms
23ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=495573400&e=0&p=0&s=0&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://news8.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 Mein-erster-Tag-in-Wobbly-Life.jpg
www.fesch.tv/wp-content/uploads/2021/08/ 115 KB
116 KB 63ms
62ms Image
image/jpeg 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fesch.tv/wp-content/uploads/2021/08/Mein-erster-Tag-in-Wobbly-Life.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

29183d3d9fdb6d5a2c32f0381bec16adf6d0894ca6eaa95e9166f9bcb18c33ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 09:08:07 GMT
server: nginx
etag: "610e4d77-1cd5b"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 118107
x-xss-protection: 1; mode=block

GET
H2 200 Mein-erster-Tag-in-Wobbly-Life-1.jpg
www.fesch.tv/wp-content/uploads/2021/08/ 115 KB
116 KB 63ms
62ms Image
image/jpeg 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fesch.tv/wp-content/uploads/2021/08/Mein-erster-Tag-in-Wobbly-Life-1.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

29183d3d9fdb6d5a2c32f0381bec16adf6d0894ca6eaa95e9166f9bcb18c33ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Sat, 07 Aug 2021 09:08:07 GMT
server: nginx
etag: "610e4d77-1cd5b"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 118107
x-xss-protection: 1; mode=block

GET
H2 200 Unsere-erprobte-Eventideen-fuer-5.png
news8.de/wp-content/uploads/2021/08/ 1 MB
1 MB 34ms
34ms Image
image/png 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/Unsere-erprobte-Eventideen-fuer-5.png

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

e9e59ba4e632e360fe8208c449237f740804099b5e0b129553f34188b4cdca4a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Thu, 05 Aug 2021 16:05:39 GMT
server: nginx
etag: "610c0c53-137d47"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1277255
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 Landhaus-Stricker_Denis-Bruehl-Holger-Bodendorf_%C2%A9Ydo-Sol-scaled-S.jpg
news8.de/wp-content/uploads/2021/08/ 72 KB
72 KB 60ms
60ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/Landhaus-Stricker_Denis-Bruehl-Holger-Bodendorf_%C2%A9Ydo-Sol-scaled-S.jpg

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

d1b063259e7524c5a021a237efe50c8a49ab49853044c5f9b51160197afc7c07

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Thu, 05 Aug 2021 09:46:15 GMT
server: nginx
etag: "610bb367-1208e"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 73870
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 eurofins_logo.JPG
news8.de/wp-content/uploads/2021/08/ 36 KB
37 KB 61ms
61ms Image
image/jpeg 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/eurofins_logo.JPG

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

85675b21d876f943c9198a07684efa7f2ed055a15905fa408da05b7fc8a24e55

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Thu, 05 Aug 2021 08:37:33 GMT
server: nginx
etag: "610ba34d-916f"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 37231
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H/1.1 200
OK /
news8.de/ 4 KB
4 KB 345ms
345ms Image
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://news8.de/

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

HTTP/1.1

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://news8.de/
Cookie: advanced_ads_browser_width=1600; advanced_ads_page_impressions=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Last-Modified: Sat, 07 Aug 2021 14:14:32 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
Link: <https://news8.de/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Aug 2021 15:11:15 GMT

GET
H2 200 Artboard-12-1080x720.png
news8.de/wp-content/uploads/2021/08/ 211 KB
211 KB 61ms
61ms Image
image/png 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news8.de/wp-content/uploads/2021/08/Artboard-12-1080x720.png

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

b4bfd1f93a9e582f681467d1598a58f6f7331daa10f6543e99bc06ff0fefcf61

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Tue, 03 Aug 2021 12:25:43 GMT
server: nginx
etag: "610935c7-34a5c"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 215644
x-xss-protection: 1; mode=block
expires: Sun, 08 Aug 2021 15:11:14 GMT

POST
H/1.1 200
OK ajax-handler.php Show response
news8.de/wp-content/ 2 B
334 B 35ms
35ms XHR
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://news8.de/wp-content/ajax-handler.php

Requested by

Host: news8.de
URL: http://news8.de/wp-content/cache/wmac/js/wmac_0e5d43f7f51799ce869ab0581ea01a63.js

Protocol

HTTP/1.1

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://news8.de
Accept-Encoding: gzip, deflate
Host: news8.de
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Cookie: advanced_ads_browser_width=1600; advanced_ads_page_impressions=1
Connection: keep-alive
Content-Length: 106
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 07 Aug 2021 15:11:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=86400
Connection: keep-alive
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block
Expires: Sun, 08 Aug 2021 15:11:14 GMT

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 31FC 1 KB
2 KB 21ms
21ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame 1158 682 B
609 B 98ms
98ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

6396d317db8811a77e0bb09dc75b43a9834588aa453e3b51a8d36a89c4dea77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame A364 1 KB
2 KB 21ms
21ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame 1FF7 682 B
610 B 112ms
112ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

a59d9605cf5a1376b381c4183098add88552e41b6b39ab9aff287c1fdc4ed6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 31FC 1 KB
2 KB 21ms
21ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame A364 1 KB
2 KB 21ms
21ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 19F5 1 KB
2 KB 21ms
21ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame 24DF 675 B
601 B 121ms
121ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

58d203996e05bf9a8c19e8e7fe4d2e2fe3d7a776966d92afae16149e5b7c1c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 955D 1 KB
2 KB 21ms
21ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame 1E15 682 B
609 B 100ms
100ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=970&h=250&sid=929&size=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

6396d317db8811a77e0bb09dc75b43a9834588aa453e3b51a8d36a89c4dea77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 9005 1 KB
2 KB 32ms
32ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame 117C 676 B
558 B 127ms
127ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=495573400&e=0&s=0&p=0&w=300&h=250&sid=929&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

204f6229b02e0240aa79d280d9feb33e9bf107133e95366b03be92aaa4b604a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 57fgjj6v.js Show response
ad4m.at/ Frame 1158 50 KB
17 KB 51ms
32ms Script
application/javascript 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10753
cf-polished: origSize=51099
x-guploader-uploadid: ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:10:52 GMT
server: cloudflare
etag: W/"74122576aed15d7733ede69522f341f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnEcdtXVePCzHa5EqXKAK6t4SCV4JbOJc2k4t0%2B2b5P2iLJRnRS8LtC3IS9NXKInBBc0r0ie%2BhoMTuwmtR%2BLB%2Fqp%2F2sF3apaBRd0%2BrgcNDnM%2Bblw4643gKGftu%2BVFkSdhgigPm8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672651995370
content-type: application/javascript; charset=utf-8
expires: Sat, 07 Aug 2021 12:12:01 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16036
cf-ray: 67b16fb5dfc1645b-FRA
cf-bgj: minify

GET
H2 200 api.php Show response
news8.de/ Frame A7EA 184 B
330 B 34ms
34ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/api.php?size=8

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

1fbb538a17483a9a9eeb8d35b34f819baedb4abb64d923e7215061578b2b0c9d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /api.php?size=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 57fgjj6v.js Show response
ad4m.at/ Frame 1FF7 50 KB
16 KB 21ms
20ms Script
application/javascript 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10753
cf-polished: origSize=51099
x-guploader-uploadid: ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:10:52 GMT
server: cloudflare
etag: W/"74122576aed15d7733ede69522f341f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbwS4gRF6on2pQ5BUnXYkPKcedO0j6SVfrMudQZ7xvRrplPjSHpxYbQqHAN0zpVpQ4QjlMNJUyaDH9%2FQ6PH5e8dPu%2BxvTdHKkbjEpIZJqbwJYGahru1PdhGRGY08l24jXqxD8pE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672651995370
content-type: application/javascript; charset=utf-8
expires: Sat, 07 Aug 2021 12:12:01 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16036
cf-ray: 67b16fb5ffcb645b-FRA
cf-bgj: minify

GET
H2 200 api.php Show response
news8.de/ Frame F0FC 184 B
330 B 34ms
34ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/api.php?size=3

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

97369337c2cb55e2288776903e059f2948167d99c46113c2fca804cef0118bbb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /api.php?size=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
news8.de/ Frame A7EA 420 B
566 B 34ms
34ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Db531tXO6oNJlg8a3P6Grc%3D

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

5d1eb630e798831f5c29ac7097b62d07e564af903d76969faf1ecfbc9187596e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /?sess=lScuUtCfIm4q3XH5AJH28Db531tXO6oNJlg8a3P6Grc%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 2FD9 2 KB
2 KB 38ms
27ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 07 Aug 2021 16:11:14 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1188916
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pazirytGCyMbqnXczpMPo8xB3np8yQzaiIO9Wax59rueiCSgNuOMZMggmqji5a8UIxh3IGKTjPT%2BGIWheaDTC80bBoe%2Fo7Kju3INbotWvAOuFRghLNmqPR91Q1em4pXcQEktsjc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67b16fb63f0b2c2e-FRA
content-encoding: br

GET
H3-29 200 57fgjj6v.js Show response
ad4m.at/ Frame 1E15 50 KB
17 KB 37ms
27ms Script
application/javascript 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10753
cf-polished: origSize=51099
x-guploader-uploadid: ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:10:52 GMT
server: cloudflare
etag: W/"74122576aed15d7733ede69522f341f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQxhMpEAjqR6G2xQa89LkZxpZ%2FecHovWWvi3vigmKIVagzbhRI4vBWP3v6GdiKkzPQiqKImopJGPM77HMhwiNn%2F4NK4XvCexZMeSLT5AOBrK7B4uAOlYnnlYnYWN1jzq9abWKN4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672651995370
content-type: application/javascript; charset=utf-8
expires: Sat, 07 Aug 2021 12:12:01 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16036
cf-ray: 67b16fb63f0e2c2e-FRA
cf-bgj: minify

GET
H2 200 api.php Show response
news8.de/ Frame 20AB 184 B
330 B 34ms
34ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/api.php?size=8

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

1fbb538a17483a9a9eeb8d35b34f819baedb4abb64d923e7215061578b2b0c9d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /api.php?size=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H3-29 200 57fgjj6v.js Show response
ad4m.at/ Frame 24DF 50 KB
17 KB 23ms
18ms Script
application/javascript 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10753
cf-polished: origSize=51099
x-guploader-uploadid: ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:10:52 GMT
server: cloudflare
etag: W/"74122576aed15d7733ede69522f341f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGUFA7gpdCC8oe%2BuucZ9QC7l%2BXG%2FCze4wBo%2FbI80X1cVwtrbs0KJeb1Oaw%2FWASv%2BS4qb692x1aKyjQ3RQPBzRdU9sgLxbuzmjTo1HeuF3Fo6Ejp3eIbI2cdwe888xZl5A%2Bt13Nw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672651995370
content-type: application/javascript; charset=utf-8
expires: Sat, 07 Aug 2021 12:12:01 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16036
cf-ray: 67b16fb63f062c2e-FRA
cf-bgj: minify

GET
H2 200 api.php Show response
media.blackbeats.fm/ Frame 6D21 195 B
333 B 70ms
20ms Document
text/html 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://media.blackbeats.fm/api.php?size=3

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

39a38502bcebf638a32652e575476590857fcfe97ba3e62782d49fc589c49fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: media.blackbeats.fm
:scheme: https
:path: /api.php?size=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 8E28 2 KB
2 KB 28ms
26ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 07 Aug 2021 16:11:14 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1188916
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep9x78TZ%2FgRb1KswQ7shGTcxIC7uHzTvn9OHyss2lzl9QGrtxY9sHBPLaTYx1juZeZc74B6qNgmFdf6RLezyD3NQLJhxY461FK90k1PCu4jgdp4zVjMdMSziqo77E%2BOIhRuxRSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67b16fb63f042c2e-FRA
content-encoding: br

GET
H2 200 / Show response
news8.de/ Frame A7EA 272 B
418 B 34ms
34ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D

Requested by

Host: news8.de
URL: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Db531tXO6oNJlg8a3P6Grc%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

f77af6de8abc55028a5bdb7044a5947cb25a844e7408dedd23ffb764f1cd2b0d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
news8.de/ Frame F0FC 416 B
562 B 34ms
33ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

c4e822f9cb88bd545b3bf63248866d63664bc732bc9f05ddd12e87be334178e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 117C 32 KB
8 KB 62ms
20ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 14:05:18 GMT
etag: "3435361896-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 117C 1 KB
1 KB 68ms
19ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=3974813
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: ece18c1a6a1e0ccacb5cd26eefb528330c22130c7990933480d8c1e76e9c214b

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 17:11:14 +0200
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 57fgjj6v.js Show response
ad4m.at/ Frame 117C 50 KB
17 KB 17ms
17ms Script
application/javascript 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date: Sat, 07 Aug 2021 15:11:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10753
cf-polished: origSize=51099
x-guploader-uploadid: ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:10:52 GMT
server: cloudflare
etag: W/"74122576aed15d7733ede69522f341f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XF48KlJJej979uyNUitHICVYbrw%2FILOD%2FdykV0rvsjgDX1Sr6PcaqA4MHbIjacKL6WlRnJgHr2oCrE8F1dABrTXY7v3YQI2rYJyJyV%2F8Feswo4BT924i9nTY2PY%2FAevWxyZuqs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672651995370
content-type: application/javascript; charset=utf-8
expires: Sat, 07 Aug 2021 12:12:01 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16036
cf-ray: 67b16fb65f3e2c2e-FRA
cf-bgj: minify

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 964A 2 KB
2 KB 18ms
17ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 07 Aug 2021 16:11:14 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1188916
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cn26fmTFG7zDchtA3Gd3myHqQrgT6GxpqDcuy%2Fc6tv5aJCAOgfivadTOxL0yyOml9A40zsDCGnRTmEU81dQMClajYKQxjeS44Ny7D941ap3UuzCIW2wmywr4RB7bRMMaHd3Z1aM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67b16fb66f7b2c2e-FRA
content-encoding: br

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 4F25 2 KB
2 KB 67ms
67ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 07 Aug 2021 16:11:14 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1188916
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1Zb%2Bioiwi079wYjtZ42IQz4a6k1QjbtLDbRo46jcIKN1KWX7Ikk7x7FYeBcgy4GEOtQqJL0pYaLDEU1lafrgW5GvFBPLcxF%2B2sE1G5qXGC8uuGJq4XJPyrlI55OQ56m3W2S238%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67b16fb67fa12c2e-FRA
content-encoding: br

GET
H2 200 / Show response
news8.de/ Frame 20AB 420 B
566 B 34ms
34ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Db531tXO6oNJlg8a3P6Grc%3D

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=5&referrer=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

5d1eb630e798831f5c29ac7097b62d07e564af903d76969faf1ecfbc9187596e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /?sess=lScuUtCfIm4q3XH5AJH28Db531tXO6oNJlg8a3P6Grc%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 index.html Show response
news8.de/tags/970/ Frame 37E6 206 B
403 B 33ms
33ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/tags/970/index.html

Requested by

Host: news8.de
URL: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

4407cec836d0ba4b3263da5870fb5202b5d4c921ceb174c9f434888ce1f171eb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /tags/970/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html
content-length: 206
last-modified: Mon, 05 Apr 2021 23:40:24 GMT
etag: "606b9fe8-ce"
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
accept-ranges: bytes

GET
H2 200 / Show response
news8.de/ Frame F0FC 272 B
418 B 34ms
33ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%3D

Requested by

Host: news8.de
URL: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

4eeade5e9ff2e5890309f3f5c5f5518da108156eb1df7a5c3f7012ccf8f5f6d8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /?sess=lScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:14 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

POST
H3-29 200 rs Show response
ad4m.at/ Frame 1FF7 427 B
909 B 38ms
38ms XHR
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1605de7f72eabec783f3059efb1ea733f22f67901f6159a8493c26add76cb3

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67b16fb6eb754a5b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e%2B%2FnYIlaj4eB86eGabSC4ra6xSt8CaLGMOhkG1bkG%2Bv0DnoL%2BXnJsaewaqTGfqdAogq2ZFyOZwrbP1YRIQpzwhylVGhK%2F5KD9q6q6Dqo0NiE2P27y%2BrYv%2Bcet84Z1bOU7UhPzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 52ms
34ms Preflight
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-v23g
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy2H8kNlI%2FEuw6GlXbn5RuA1%2FEsj4Hx%2FZuZLKL0x6IdRcHBzSG9%2FBumCidUit99sPTV%2B1koWV3xzzrktEhUGK2OikvUCd5v5kb%2F8C11x1uyXnViHNnH2BlUW3w5nsOJJsqqttI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67b16fb6aae54a5b-FRA

POST
H3-29 200 rs Show response
ad4m.at/ Frame 1158 427 B
913 B 33ms
33ms XHR
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dff329714386b84570b6a8fa01b647f3cd1962f277e7123bda519f9af5f834ff

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67b16fb6eb7d4a5b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpKV%2F637qSMRHx5SFaUmQQ8lYuEV%2Fclvt67WwBwUFLuPFnSH0wbepM%2Fnb3nplTaKTehcDfPmRI7qmGrV8BZsaJKT3BZUvfCx3MKj0utXM533g9k%2BOQC2rVPegBhpWxfhnjJN%2F2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 52ms
34ms Preflight
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-v23g
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BQ%2FTrvWGzkf290lzLBhCVnmtijZ%2BmpOjVvfSskzItRhlIQsoh9RmX7tc5tEH4l2Bxba8RwnBpPjRtp3yxcWtox8X7S0C5BWSy7JLxKm948Nwypk9%2FUi7rKV3Yt3U6ZGKMTx6FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67b16fb6aaed4a5b-FRA

POST
H3-29 200 rs Show response
ad4m.at/ Frame 24DF 428 B
908 B 23ms
22ms XHR
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80dbdaf974f071e3eb7c22d7518cb4ba4cef64e17050f477007ea1fe299b8516

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67b16fb6eb814a5b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FUjVcjnGSbP7W5FGEA5fbh3gHsMV2N7I5Cbgm%2FGFXCld6uVeg5W%2BU2dneNQg6Nmv371i62XaOrAtc5T7qu24pfuJFcOY4NXbBpCi9YaIiHiBdq0PaS%2FDgQy9YoSMl%2BBIfkvmSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 48ms
35ms Preflight
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-v23g
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0idMjNR6EHKA6NG1xGLBZQ3N6o1G%2B5xqhncdeR2jFL9OpS431ynQV7q6AkrOYWMY5ANDyB08jWOnBp9fKyoobGdMvxdm%2Brvz3I9J69IkNlNdcW1haF2acd83vYkhv4hf8OvQaqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67b16fb6aaea4a5b-FRA

GET
H2 200 / Show response
media.blackbeats.fm/ Frame 6D21 294 B
364 B 21ms
20ms Document
text/html 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://media.blackbeats.fm/?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

81350bb65207edf71735ba7c2ac1ceb729935fb3bb29336cb245760b9843345a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: media.blackbeats.fm
:scheme: https
:path: /?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:14 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
news8.de/ Frame 20AB 272 B
418 B 34ms
34ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D

Requested by

Host: news8.de
URL: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Db531tXO6oNJlg8a3P6Grc%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

f77af6de8abc55028a5bdb7044a5947cb25a844e7408dedd23ffb764f1cd2b0d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame 37E6 4 KB
2 KB 52ms
15ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=31
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2127
expires: Sun, 08 Aug 2021 15:10:25 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame 37E6 128 KB
17 KB 66ms
30ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c573c732d2128c552e994da083ff9b3065ba8dec95ba0055a7c095d34ba6006

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
expires: Sun, 08 Aug 2021 15:11:15 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 2CCA 2 KB
1 KB 26ms
25ms Document
text/html 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974813
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: f7ccf7d869c0dbec1e09ec505fa2f2ff0c292c82f3ab6c7c2b4eb1d1eb9d5184

Request headers

:method: GET
:authority: ad4.adfarm1.adition.com
:scheme: https
:path: /banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: UserID1=6993706019335962984
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

content-type: text/html
server: ADITIONSERVER v1.0
date: Sat, 07 Aug 2021 17:11:15 +0200
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=6993706019335962984; expires=Fri, 05-Nov-2021 14:11:14 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding: gzip

GET
H3-29 200 57fgjj6v.js
ad4m.at/ Frame 117C 50 KB
17 KB 19ms
19ms Other
application/javascript 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10754
cf-polished: origSize=51099
x-guploader-uploadid: ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:10:52 GMT
server: cloudflare
etag: W/"74122576aed15d7733ede69522f341f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNgOgTnlBEuxSa7Bql%2BwldB2OaWKGwU7SyFL5mZee83RvnXciorlrGRYuuLqqgMIqWMwhWlSwUjZhJpTcONqdg6gtyx5peQSQu5fwZ9U9i%2B2wP8LEX5vHWkntfRgUay7Fm3y7F0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672651995370
content-type: application/javascript; charset=utf-8
expires: Sat, 07 Aug 2021 12:12:01 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16036
cf-ray: 67b16fb6c8432c2e-FRA
cf-bgj: minify

GET
H2 200 index.html Show response
news8.de/tags/300/ Frame D18D 176 B
373 B 33ms
33ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/tags/300/index.html

Requested by

Host: news8.de
URL: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

fcfd15c7f0b0a71256f502ef5036597718039affb211d0dc79d233d332189b0e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /tags/300/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%3D

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
content-length: 176
last-modified: Mon, 05 Apr 2021 23:37:18 GMT
etag: "606b9f2e-b0"
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
accept-ranges: bytes

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 748A 2 KB
2 KB 25ms
25ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 07 Aug 2021 16:11:15 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1188917
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgAEoI7i%2F2U0L3WYgqDsWhYkU4L%2ByvZV0Nf2yriuvRgYL299sxJODJHgNnu%2FEWi%2BV8ldmcY94rjkEtPcrki%2B5arKg7fhIlNCu4sdMQN%2Bw8CSZBBIEBbDmkW5sP9YSW4ZfaKQxC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67b16fb6d8472c2e-FRA
content-encoding: br

GET
H2 200 index.html Show response
media.blackbeats.fm/tags/300/ Frame 32F7 176 B
321 B 20ms
20ms Document
text/html 51.210.32.121
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://media.blackbeats.fm/tags/300/index.html

Requested by

Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.210.32.121 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3172585.ip-51-210-32.eu

Software

nginx /

Resource Hash

1f4480fa7856a1d26bab53c2971742436870c5a29c0a92621ba9e531bfe45d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: media.blackbeats.fm
:scheme: https
:path: /tags/300/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.blackbeats.fm/?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://media.blackbeats.fm/?sess=lScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%3D

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
last-modified: Fri, 12 Mar 2021 02:15:33 GMT
etag: W/"604acec5-b0"
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 pahb_n.prod.js Show response
imagesrv.adition.com/banners/268/xml/pa_static/pb/native/ Frame 2CCA 27 KB
8 KB 20ms
20ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: c8a971105c9d001834b7d079ca4367c9084cda1a380a1cd1bac3a7444d668a95

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 12:04:46 GMT
etag: "4107272520-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8271

POST
H3-29 200 rs Show response
ad4m.at/ Frame 1E15 428 B
907 B 27ms
26ms XHR
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98a5308cad05e22fb1b2cd3fef9e8a4b6e36a4c40ccc5448c5b18509af7ac2f7

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67b16fb72c0d4a5b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaH4FBI2DppB3cdibR1G9Q25e8VsBfxgUa69EUwTyoqFzbv9oOxOXX9U%2BGU27dlnaAL0wu%2BtKAFagnKSbILBWAm3msWdapuu%2BhpZfNW8Klg9YBMy9YVqwsR9dmu1TS%2F9JA2AFFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame 32F7 4 KB
2 KB 17ms
16ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2127
expires: Sun, 08 Aug 2021 15:11:07 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame 32F7 161 KB
20 KB 36ms
35ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e41737123352f13269e3a050498250bec5f93eafbd51b0196e205963282e353d

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
expires: Sun, 08 Aug 2021 15:11:15 GMT

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 24ms
23ms Preflight
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-v23g
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnlNBBwyMpUSPaCNaKUW%2BsZ3lAsKtUszHWzgwW%2BJHMP%2FdkSlciQZ2r5PKhYzjtrRgm1bA8op5t%2Bt0ppaPrZJqrz9m18bb2Y2mTG%2BJl6UWu8hrfNK1CzqCeno%2BC2q0Jd0Own%2BWE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67b16fb70bbf4a5b-FRA

GET
H2 200 index.html Show response
news8.de/tags/970/ Frame 8463 206 B
403 B 34ms
33ms Document
text/html 62.171.186.137
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://news8.de/tags/970/index.html

Requested by

Host: news8.de
URL: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.171.186.137 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmd55357.contaboserver.net

Software

nginx /

Resource Hash

4407cec836d0ba4b3263da5870fb5202b5d4c921ceb174c9f434888ce1f171eb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: news8.de
:scheme: https
:path: /tags/970/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/?sess=lScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%2BUTOk%3D

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
content-length: 206
last-modified: Mon, 05 Apr 2021 23:40:24 GMT
etag: "606b9fe8-ce"
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
accept-ranges: bytes

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 3BC3 6 KB
4 KB 22ms
20ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

402e513ca34aa6d35bddfcad0de240ea0b0526a043b4f3acf278586b03f14584

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb70ffd645b-FRA
content-encoding: br

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame D18D 4 KB
2 KB 30ms
30ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2127
expires: Sun, 08 Aug 2021 15:11:07 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame D18D 137 KB
18 KB 33ms
33ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: daacfee1569b76fa9414660cf872192412208382730681d6b2ffee6aff92b7f5

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
expires: Sun, 08 Aug 2021 15:11:15 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame 117C 428 B
919 B 21ms
21ms XHR
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d2e0f76071588d1746ccbf9ce01eaca39687f28d7d107cf9c4208dc4dd8c994

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67b16fb72c174a5b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp6YQbO51HPghe2fyYBTuSE6c50CjtQp10qFAd%2BbfCJ9Q5rfAM1%2F5%2FLhpI%2B31KL%2FT82Pift8dI%2F0dABw%2B7MoJ1%2FJEx6q8KUtLpqRxT6wTIt%2BN6dTzPdXatMKDbiXYf%2FrNSUy7cw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 17ms
16ms Preflight
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-v23g
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqTOlbnUzaVurlFqcnHNF6kAPHhQz7ikg5oQZaHg%2FKFmm%2BwpPyoETQBHUibTo%2FbaPLMxPoCiq9sP%2FMntxFk9IbMlUP%2FkgcmvTJprgpjsieKV%2Fe8%2F6En0MSLI3PyO1A%2BSe0e0wJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67b16fb71be54a5b-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame EDEE 6 KB
3 KB 27ms
26ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

178398989662f303ed39ae8a97a0d539cdf6961673b7d62eb8eca5a28511c0a4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb71801645b-FRA
content-encoding: br

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ Frame 37E6 26 B
270 B 216ms
74ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:4B36_91EFC191:01BB_610EA293_2E82B33:5C80
X-IPLB-Instance: 29894
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 37E6 38 KB
16 KB 26ms
26ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Sun, 08 Aug 2021 15:11:04 GMT

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame 37E6
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

71 KB
21 KB

24ms
10ms

Script
application/x-javascript

2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fbc18d8db6012565449eef0a113333f5b8d04c86bd3b3492439b9907fc7f5ad6

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 13:41:47 GMT
Server: AkamaiNetStorage
ETag: "e8f732091957bed1c7bcdd3debf0feba:1628170909.685334"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21457

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Sat, 07 Aug 2021 15:11:14 GMT
content-length: 0

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ Frame 32F7 26 B
271 B 217ms
78ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:4B3A_91EFC191:01BB_610EA293_2E89B96:27B7E
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 32F7 38 KB
16 KB 27ms
26ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Sun, 08 Aug 2021 15:11:04 GMT

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame 32F7
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

71 KB
21 KB

33ms
18ms

Script
application/x-javascript

2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fbc18d8db6012565449eef0a113333f5b8d04c86bd3b3492439b9907fc7f5ad6

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 13:41:47 GMT
Server: AkamaiNetStorage
ETag: "e8f732091957bed1c7bcdd3debf0feba:1628170909.685334"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21457

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Sat, 07 Aug 2021 15:11:14 GMT
content-length: 0

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 62F8 6 KB
4 KB 32ms
32ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3631a40b02e37ac72fb723559e041101305586dd6feb9b75dcc7cb9e8d58f7b4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb72805645b-FRA
content-encoding: br

GET
H2 200 main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/ Frame 2CCA 5 KB
1 KB 20ms
18ms Stylesheet
text/css 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 12:03:20 GMT
etag: "1564275050-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1400

GET
H2 200 prebid2.1.0.js Show response
imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/ Frame 2CCA 174 KB
47 KB 25ms
24ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 568dd1d03aaa979a84f4bb146bc456de281b39b3877dc0a5763d77fabc6fc34a

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 12:10:52 GMT
etag: "166203873-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 48224

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 3BC3 64 KB
8 KB 20ms
19ms Stylesheet
text/css 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 247298
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Sat, 07 Aug 2021 16:11:15 GMT
last-modified: Mon, 26 Jul 2021 09:04:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67b16fb738f02c2e-FRA
cf-bgj: minify

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 3BC3 12 KB
13 KB 28ms
26ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60976
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycds2iXyMjyt9pZkx_VDJ9YD8kBW6DgpLbEL5MIQjwKqKb-KSktrkP_NkXSj9OnjYKoCx0255ULKTy-KmVrcEvbeUhla8tQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqFidPZYPpQO%2BEukOTx3xnK6ei%2BllI7CQbfB2bLCEjMmGEOl3OShD5VA2Dytjm902JdhQnWVAzbcdAG69jCLbNg26uH7H16yWdDdx%2FnaItqL71Cw%2BIXSH9hX1lzihPxfngWmBBcSz0h8RRn%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 67b16fb73808645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 3BC3 10 KB
11 KB 17ms
16ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82284
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdsEsRwR2tEQS1bQMLHTieGhupmn03sQlsHtPatB2pK-uHWPdFKGecPgNmllSjmrU69cr5mtBwgVO1QsX0TEpj6F7VlOnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfYkexzoi0jrYKV%2FBnGY%2FcKtnF8Wzqxxdgy7vo0vX33wOAW2P34NU6qcHF9d6IE%2BLtzXBRYJo8DpxmedgcUmH2FdRSRXo87UqFxM9Lg75vRl2osqifWH213Bqxp4qOdGGHhnBAHteMGKp2WC"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 67b16fb73809645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 3BC3 18 KB
19 KB 29ms
27ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59249
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSWSP8ioKL%2Br1hyc3SJCigsY4uQjZZhsx7FhmT%2BFrs1pVvhs%2F37FNpB1fX9qFc%2FspbgzHTxrL4bmD%2FUu6XtaaItIx3agfj0MPDC71CIVoVlbbNuXmxJvZFDiFUj4gHeHAI7WC%2B%2BdXAUHQ3JN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67b16fb7380a645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 3BC3 2 KB
2 KB 19ms
17ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58332
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduJSOyHuUy7cn8Lfj3MDejhvDr0RCV2KoVaOB7hUMeUxS05vwVNd0ugJbC-1EkQVZptxLODte-GtiMt0B0gDYNwW6UaOw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQqg8bRJDgNtCGRuQumUaA1%2B%2BDe7ugPD20bPeVNDiopCMn%2Fd9rvLQI50nxf%2BkraqoHjX5VoTtxY%2BCOV8%2B6m%2BKHKtxxig9iQgfSf1kedemJls9PNpWcmCT5gp9ykW09VQHTYhNRgXkzvyORXv"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67b16fb7380b645b-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3BC3 43 B
704 B 120ms
69ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneiddr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7oneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 3BC3 15 KB
15 KB 29ms
28ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61568
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdulB8pbm7pBn3bbe0k2xBLL42wX9H7URiKXcJZ-1oY0IahYULVzYqoedEyFD3rejCq47u6w0xxhy_yTkrEVhA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVHA9KPwSqsYGqNmhxh1ekuIQUX7Jf3q1YYoiV%2FMBphgxhoJbGXOICOP73GEza02MuOeL%2Bn6Hif4RXRMvBpwnmQsq57mOmfLNsIM9B4KN%2FQbyjjxkjDK9CE4YO21eRaxpAGJameJGISl26lQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 67b16fb7380c645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 50270FD72C446983BEB21B8530CF7FFBE962FE2F43651A11D0A8FEBB3609FEEA311FBBDD45019DBDBBE9392739119AFD9E15B3F6D7305E11B283370B610DD798.
assets.ad4m.at/product_image/ Frame 3BC3 489 KB
491 KB 31ms
30ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/50270FD72C446983BEB21B8530CF7FFBE962FE2F43651A11D0A8FEBB3609FEEA311FBBDD45019DBDBBE9392739119AFD9E15B3F6D7305E11B283370B610DD798.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541cd5f041147f67b3fb70550fc735265c3e5930bb8db2716d5cd7aa22dd6f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=lIUygg==, md5=fLfh5GRv46g5qemv56lBaA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61690
cf-polished: origFmt=png, origSize=770312
x-guploader-uploadid: ADPycdsCGzS26Mi-haj8LScK42gSMLQacATUFHVidAmVatPLL6YTZyK0OBxxQgYlftz9cLpfHDfbQj_fQZtUiEpihvSK7vrvNw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="50270FD72C446983BEB21B8530CF7FFBE962FE2F43651A11D0A8FEBB3609FEEA311FBBDD45019DBDBBE9392739119AFD9E15B3F6D7305E11B283370B610DD798.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 500762
last-modified: Mon, 17 May 2021 13:20:36 GMT
server: cloudflare
etag: "7cb7e1e4646fe3a839a9e9afe7a94168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9MkC4I9znsI7NRx0mniTcrjWh9EvfKVb6HCBmO8xnS1YqzeIvWmME%2F7zEA3PaGlDRo6FTcDuKTlzlNE%2B6l2Bi9BlpxR0MEL5i3H7nImjXx4KzyQhfFagIjelvzS7Pb75PivnbNRof7M4wUi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1621257635998488
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 770312
accept-ranges: bytes
cf-ray: 67b16fb7380d645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 3BC3
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_300x250&actionid=879111&produkt...

0
607 B

1219ms
41ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_300x250&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Aug 2021 05:11:15 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: D5E857B3:1652_91EFC182:01BB_610EA293_4054D4A:AE76
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_300x250&actionid=879111&produktid=ratenkredit&dt_url=
Cache-control: private
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ Frame 37E6 0
280 B 176ms
50ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=18763&f=31&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:34A6_36264064:01BB_610EA293_D8B79D:1FC07
X-IPLB-Instance: 20686
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
geo: rbx

GET
H2 200 sync Show response
gum.criteo.com/ Frame 37E6 49 B
362 B 41ms
12ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 07 Aug 2021 15:11:14 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1627
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 37E6 4 KB
4 KB 148ms
24ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Last-Modified: Mon, 31 May 2021 09:07:48 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: D5E857B3:8276_91EFC0A6:01BB_610EA293_374A81E9:260F0
ETag: "60b4a764-10b7"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 78D9 2 KB
823 B 112ms
57ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075077

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1628349075077
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame E82C 2 KB
968 B 61ms
39ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abab9b80a557a76eef66e183dd4d9c124eaf3d5396758d6d54c8739c107c9b0b

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://news8.de
set-cookie: zc=6daad735-8ede-45e7-6d13-787d9f93bdd8; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%A4%F3C%BA%98%AD%09%AEBt%CE%3D%F8%D2%CD%AA%2A%81%8A%82%14%F0%DF%B1m%F9%0A%CE%BE%25%01%15W%F7%05%9B%1C%CB%04%D7%EF%AB%D6%19%AB%8E%27%B2%0E%081%29%8F%B4%9Cw%BC%EF%85%7D%2A%82%D8%05hOO%BE%883I%B6%09u%9F%9E%DC%1Ao%CC%EEPx%E6%A9%8C%85%F3N%F5%22%BFS+%E2%23%E4u%11n%B4%C6m%AEO; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb76ba14401-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 37E6 24 KB
9 KB 34ms
11ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 14 Aug 2021 15:11:15 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12763/ Frame 37E6 3 KB
3 KB 181ms
32ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12763/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7458b398b6bdb94abc1699144ff8a0bc7ba2abda0d0ab04f6a6fa2b3f8732e5b

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Cache-Control: max-age=604800, public
Connection: keep-alive
Content-Length: 3010
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 37E6 25 KB
26 KB 157ms
35ms Script
text/javascript 13.224.89.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-192.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 18:35:21 GMT
Via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 74154
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 2_ColL31WdGrdYx1cZ1SXN2RS3S_xfduxwkmVTL9sad5gOKNuPlXEQ==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ Frame 37E6 37 KB
13 KB 114ms
38ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 14:21:16 GMT
Server: Apache
ETag: "764e29-930b-5c8f8dd771a64"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=907
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sat, 07 Aug 2021 15:26:22 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/ Frame 37E6 540 KB
168 KB 19ms
15ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 693da80d296c48fa32c8a41070cdb891f51396d19791a5facc56048053eee1b5

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 15:38:42 GMT
server: nginx
etag: W/"60f99102-86e2f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 171723
expires: Sun, 08 Aug 2021 15:10:47 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 37E6
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIJ1vQ8aXte_dkrT9w54yek&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEIJ1vQ8aXte_dkrT9w54y...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3561940820630504267&opid=apx&ops=&utidl=tech:goo:CAESEIJ1vQ8aXte_dkrT9w54yek&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

43 B
1 KB

40ms
40ms

Image
image/gif

54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , France, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:22 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
date: Sat, 07 Aug 2021 15:11:22 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ Frame D18D 26 B
270 B 192ms
74ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:4B4A_91EFC191:01BB_610EA293_2E7E14B:58F7
X-IPLB-Instance: 29820
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame D18D 38 KB
16 KB 34ms
33ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Sun, 08 Aug 2021 15:11:04 GMT

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame D18D
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

71 KB
21 KB

23ms
10ms

Script
application/x-javascript

2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fbc18d8db6012565449eef0a113333f5b8d04c86bd3b3492439b9907fc7f5ad6

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 13:41:47 GMT
Server: AkamaiNetStorage
ETag: "e8f732091957bed1c7bcdd3debf0feba:1628170909.685334"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21457

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Sat, 07 Aug 2021 15:11:14 GMT
content-length: 0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ Frame 32F7 0
270 B 1207ms
1092ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=16549&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:16 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:3494_36264064:01BB_610EA293_D80E92:28513
X-IPLB-Instance: 38437
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 sync Show response
gum.criteo.com/ Frame 32F7 49 B
362 B 29ms
12ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 07 Aug 2021 15:11:15 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1212
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 32F7 4 KB
4 KB 139ms
27ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Last-Modified: Mon, 31 May 2021 09:07:48 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: D5E857B3:8288_91EFC0A6:01BB_610EA293_374885BF:260F3
ETag: "60b4a764-10b7"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 44C3 2 KB
823 B 101ms
57ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075089

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1628349075089
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.blackbeats.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://media.blackbeats.fm/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 5715 2 KB
1 KB 39ms
28ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2791e6c382af1b8b09795a199e1c519fee4c84aa9bb53781c05b6e76d2b46f2c

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://media.blackbeats.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://media.blackbeats.fm/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://media.blackbeats.fm
set-cookie: zc=6966ef52-8c66-4b8a-614c-8a02a1e09ac4; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%1C5%D7O%FA%25%3EY%F2%87%B6%AC%C62j%81v%1D%03r%86%DB%8FE%D2%E8_%F0r%88%CB%D6%25%5B%A6%E7%E3%99%13p%7D%BD~%FA%26Wl%A6%AB%7B%B2%AAO%02%7CE%91tB%82%C1B%A2%3E%FF7%DA%D6J7%26%83E%E7M%CD%B2q%EC%C2%DA%7C%D5%AE%01m%22%DE%DD32%C4%E5%C4%27H%09%1B%D5%023S%F6%27%8E; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb76ba34401-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 32F7 24 KB
9 KB 19ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 14 Aug 2021 15:11:15 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12763/ Frame 32F7 3 KB
3 KB 169ms
32ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12763/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7458b398b6bdb94abc1699144ff8a0bc7ba2abda0d0ab04f6a6fa2b3f8732e5b

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Cache-Control: max-age=604800, public
Connection: keep-alive
Content-Length: 3010
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 32F7 25 KB
26 KB 144ms
34ms Script
text/javascript 13.224.89.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-192.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 18:35:44 GMT
Via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 74131
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: KQJ5cgRP7msAvSQ_-VrKKPSE9HiE6PZoJ-rCVOKpGY5y5HnVw_x3Qw==

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 32F7 6 KB
3 KB 60ms
20ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=261720&uid=themoneytizer
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:06:40 GMT
Server: nginx
ETag: W/"5e8cdd50-17e9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials: true
Expires: Sat, 14 Aug 2021 15:11:15 GMT

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ Frame 32F7 37 KB
13 KB 138ms
32ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 14:21:16 GMT
Server: Apache
ETag: "764e29-930b-5c8f8dd771a64"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=907
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sat, 07 Aug 2021 15:26:22 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/ Frame 32F7 540 KB
168 KB 27ms
26ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=16549&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 693da80d296c48fa32c8a41070cdb891f51396d19791a5facc56048053eee1b5

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 15:38:42 GMT
server: nginx
etag: W/"60f99102-86e2f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 171723
expires: Sun, 08 Aug 2021 15:10:47 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 32F7
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECfB1jVDw4i1YEJl1HKhGWo&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3561940820630504267&opid=apx&ops=&utidl=tech:goo:CAESECfB1jVDw4i1YEJl1HKhGWo&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

43 B
1 KB

53ms
31ms

Image
image/gif

54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Requested by

Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , France, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:22 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A19666486591&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
date: Sat, 07 Aug 2021 15:11:22 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 1EE9 6 KB
4 KB 30ms
30ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c8c89ff673515f81be106a2ced1a2fe6e33ebc3d5a9ef39c5e9c757c0504bb4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb759342c2e-FRA
content-encoding: br

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 9A37 6 KB
4 KB 27ms
23ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93dcc95c316eedcc38bb8258c8ee9f91b99fa2183f8390c0597ae4dc89e430d5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb7694c2c2e-FRA
content-encoding: br

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ Frame D18D 0
270 B 346ms
244ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=18763&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:34B6_36264064:01BB_610EA293_D816CB:2850C
X-IPLB-Instance: 38437
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 sync Show response
gum.criteo.com/ Frame D18D 1 B
55 B 1465ms
1464ms Script
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: -1
cache-control: private, max-age=0
content-type: text/html

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame D18D 4 KB
4 KB 138ms
25ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Last-Modified: Mon, 31 May 2021 09:17:17 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: D5E857B3:8276_91EFC0A6:01BB_610EA293_374A81FF:260F0
ETag: "60b4a99d-10b7"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 899C 2 KB
823 B 77ms
58ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075114

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1628349075114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 60C0 2 KB
948 B 38ms
34ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 508db7b583e2c8b111568bb31ac669acee7f18ec5c8bc7e75f1867944bdb164a

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://news8.de
set-cookie: zc=79c087bf-0e09-4f2f-5b57-90c1e3581940; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%9Aqu%03%A0%29%7D%87%7F%CB%14%9D+%7F%21%28z%9B%D9%99%F4%ED%B5%CF%BD%D6%3F%C7%89%FEP%A6%CABn%F48%E7%FA4%F3%E6%15%BFPd%03%B6%CE%F4S%C4%E5%26Qz%05r%5B%80R%0A%7D%F9%BB%CAy5%9A%F7%2C%7F%28%7BE%5E%0EL%5B%F45c%D3x%C4%A0%26%E5%02%98%C2%D7C%F6%A11%13%3D_%2BV%0C%97y%88; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb78be84401-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame D18D 24 KB
9 KB 17ms
6ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 14 Aug 2021 15:11:15 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12763/ Frame D18D 3 KB
3 KB 178ms
32ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12763/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7458b398b6bdb94abc1699144ff8a0bc7ba2abda0d0ab04f6a6fa2b3f8732e5b

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Cache-Control: max-age=604800, public
Connection: keep-alive
Content-Length: 3010
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame D18D 25 KB
26 KB 162ms
33ms Script
text/javascript 13.224.89.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-192.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 18:35:21 GMT
Via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 74154
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: ub_aXXoYJY39N08CvK74fwXHWRLkCn5bqSJ6PAvZwqstYgQtl0R2cg==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ Frame D18D 37 KB
13 KB 123ms
37ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 14:21:16 GMT
Server: Apache
ETag: "764e29-930b-5c8f8dd771a64"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=907
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sat, 07 Aug 2021 15:26:22 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/ Frame D18D 540 KB
168 KB 18ms
15ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 693da80d296c48fa32c8a41070cdb891f51396d19791a5facc56048053eee1b5

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 15:38:42 GMT
server: nginx
etag: W/"60f99102-86e2f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 171723
expires: Sun, 08 Aug 2021 15:10:47 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame D18D
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGOP6-EFajvfWhMHd_8rGds&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEGOP6-EFajvfWhMHd_8rG...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3426966216555745417&opid=apx&ops=&utidl=tech:goo:CAESEGOP6-EFajvfWhMHd_8rGds&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19666128040&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

43 B
1 KB

45ms
44ms

Image
image/gif

54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A19666128040&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Requested by

Host: news8.de
URL: https://news8.de/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , France, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:22 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A19666128040&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
date: Sat, 07 Aug 2021 15:11:22 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame 8463 4 KB
2 KB 33ms
29ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=31
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2127
expires: Sun, 08 Aug 2021 15:10:25 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame 8463 128 KB
17 KB 32ms
29ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c573c732d2128c552e994da083ff9b3065ba8dec95ba0055a7c095d34ba6006

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16722
expires: Sun, 08 Aug 2021 15:11:15 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 3BC3 12 KB
12 KB 422ms
101ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 5955eb69dbf851dda975c4ec5010fe4a4b3034240fd05584ee5450c8b51db10a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:15 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame EDEE 64 KB
8 KB 27ms
24ms Stylesheet
text/css 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 247298
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Sat, 07 Aug 2021 16:11:15 GMT
last-modified: Mon, 26 Jul 2021 09:04:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67b16fb799a02c2e-FRA
cf-bgj: minify

GET
H3-29 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame EDEE 12 KB
13 KB 66ms
62ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60976
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycds2iXyMjyt9pZkx_VDJ9YD8kBW6DgpLbEL5MIQjwKqKb-KSktrkP_NkXSj9OnjYKoCx0255ULKTy-KmVrcEvbeUhla8tQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhGJv0124D%2BE3XJ9VG61BTHmHHp3mzlTzuit2PK77ZuRRpv2eXqriXmtEA%2B4%2FiElAmEs%2FzX%2FTH%2BsnPoT3Gg3FxucstSeR48gVjGYUqbACV1TMVuh6fGnjVb2APZ5iADDBprrPCTjP6nasCsU"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 67b16fb799a52c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame EDEE 10 KB
11 KB 27ms
23ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82284
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdsEsRwR2tEQS1bQMLHTieGhupmn03sQlsHtPatB2pK-uHWPdFKGecPgNmllSjmrU69cr5mtBwgVO1QsX0TEpj6F7VlOnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWVq4clbe2SYki3wYNn4Cqj4m26pUyYbZNLiu%2FPn1bIHc74ReFQpS6aGf1fYgrOeCO6%2BgU9%2FVFvtCRf6%2BMijy8cPWevE1rbrs66mKD1xHshO0IfVP9Iqpdkx1re30H98hAnin9AejoJK5WnQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 67b16fb799a92c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame EDEE 18 KB
19 KB 67ms
63ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59249
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mfe6MJm3u3bsv3bEefVPJsx9YrHJMJ6g0teD5a%2F%2BRJkdsaBgTqsWIEdexLd1memM7QNVZhqeO5bzq9Ton72cg5sr3tmMhQxmyU1FGR3laS4%2F6KDusHnI3mIw29fCGTMyV9y8LbKaFTlyWU4K"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67b16fb799ac2c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame EDEE 2 KB
3 KB 64ms
61ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58332
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduJSOyHuUy7cn8Lfj3MDejhvDr0RCV2KoVaOB7hUMeUxS05vwVNd0ugJbC-1EkQVZptxLODte-GtiMt0B0gDYNwW6UaOw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbS1UEdaOtFWi1MF4gUsHRaAjlrrbpuWpngDNyLbUlqyvyb7wzUIyr%2FM8udWevmlB8%2FPZSQ%2FwWWx%2BlAJdgMUxLTQmGiaV1fuHKdeu5kVVtrxIGKIDSik%2BZcewDGGuRuP%2B9B6jcmMHWFzezAP"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67b16fb799b12c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EDEE 43 B
704 B 154ms
81ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneiddr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7oneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame EDEE 15 KB
16 KB 68ms
65ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61568
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdulB8pbm7pBn3bbe0k2xBLL42wX9H7URiKXcJZ-1oY0IahYULVzYqoedEyFD3rejCq47u6w0xxhy_yTkrEVhA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5L7Jw4eN8fixT%2Bniw25%2BS%2FOVe%2FEADEm9DX%2FvJd1byiSf8daIbfcVBgR6FTiWsJBgReWGw0n57Ie2k1K8PpJE9uztx5yEYj%2FI70s8AO%2BZB%2B4qMZy2SzILN8qlMzP%2FsVIoBt0Zd7WjMDPnFHgu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 67b16fb799b32c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 8EBD8603989238586F45CCA2ABCD49692693CFE263A8BB411BE4E591D42447B938C0A8E1DED85F80AA8F739E40599E1B3F67C962D9FAB297D5B2F78174DD8A11
assets.ad4m.at/ Frame EDEE 45 KB
46 KB 68ms
65ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/8EBD8603989238586F45CCA2ABCD49692693CFE263A8BB411BE4E591D42447B938C0A8E1DED85F80AA8F739E40599E1B3F67C962D9FAB297D5B2F78174DD8A11
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5619957e57f4831d8ced7fadec4ddb973d4f1a3d3a6e881b30a544359e49557

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=T1rHXA==, md5=LGdqKzv0+KWdm610JEI1vg==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57635
cf-polished: qual=85, origFmt=jpeg, origSize=116330
x-guploader-uploadid: ADPycdtCuOrQLAANK3qMNfFxgtwF_EV8YUhrWE84bZdWtI8v_AtVciXqrs6BKbdo5ET-SgTXOUQI4UYuG2tH0TWzTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46168
last-modified: Fri, 20 Dec 2019 11:48:34 GMT
server: cloudflare
etag: "2c676a2b3bf4f8a59d9bad74244235be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJUPOK7yKu9GThNSEPSc5xu3gnQPsdn3UOKm3FWg7J%2BpAHiya7DNNa%2BI9%2FgLyL7VXCyjhhWMhO%2BTjxhBwvjvfXN2vxHBmkY%2Fn125szAFNfR3KBE%2BDfq3s1%2B%2FhDGj99gZQF%2BefgC7AdtaZZBF"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1576842514308047
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 116330
accept-ranges: bytes
cf-ray: 67b16fb799b62c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame EDEE
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_970x250&actionid=920184&produkt...

0
178 B

1220ms
47ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_970x250&actionid=920184&produktid=girodirekt&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Aug 2021 05:11:15 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: D5E857B3:1652_91EFC182:01BB_610EA293_4054D4C:AE76
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_970x250&actionid=920184&produktid=girodirekt&dt_url=
Cache-control: private
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 32F7 1 KB
1 KB 104ms
12ms Script
application/javascript 2600:9000:2190:d400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:18:39 GMT
content-encoding: gzip
age: 3157
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: dZpnuUUrlnFpiXVO2kCLdCNnmees-Pt0FHp9lck3GTfVe8AnEGQ3vA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2CCA 2 KB
1 KB 23ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210807

Requested by

Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1afb84eb9fca2019242bb0d4023575048d39c9bfe40fab06c52786687f2faac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 18
x-jsd-version: 1.0.1062
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 924
etag: W/"694-3vIM58LfaIpPj0xtc3RHRroKx8E"
x-served-by: cache-fra19134-FRA
x-jsd-version-type: version
date: Sat, 07 Aug 2021 15:11:15 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2CCA 256 B
1 KB 111ms
78ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d5039abaee4cb9946ee653dd1e51918f75eb091d6d149c1068f1b7e2eab5ef88

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 79ff2448-3bee-4077-9409-14ee405fbcea
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ad4.adfarm1.adition.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 256
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST cdb
bidder.criteo.com/ Frame 2CCA 0
0

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 37E6 1 KB
1 KB 22ms
12ms Script
application/javascript 2600:9000:2190:d400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:18:39 GMT
content-encoding: gzip
age: 3157
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 486cijMNbLKAHHOOO315b13TrYwnSUyt8MsrVs5zPSU6aG1XsbdQnA==

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 62F8 64 KB
8 KB 35ms
33ms Stylesheet
text/css 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 247298
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Sat, 07 Aug 2021 16:11:15 GMT
last-modified: Mon, 26 Jul 2021 09:04:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67b16fb83b0d2c2e-FRA
cf-bgj: minify

GET
H3-29 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 62F8 12 KB
13 KB 40ms
38ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60976
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycds2iXyMjyt9pZkx_VDJ9YD8kBW6DgpLbEL5MIQjwKqKb-KSktrkP_NkXSj9OnjYKoCx0255ULKTy-KmVrcEvbeUhla8tQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tNubrA5temPRu2TjzpcoKVyPAiGVk0nPsaMPunTjLmDFv1xo%2BqnU0S5rqbRlU9ybHfdnWg3%2FuHGarmWMKnTXPBMRmxwF2mEKvLM7TGBgDfFRXfBPUYe99G2TXOYIMFR7OcZiDne7GqJ23pB"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 67b16fb83b202c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 62F8 10 KB
11 KB 39ms
36ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82284
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdsEsRwR2tEQS1bQMLHTieGhupmn03sQlsHtPatB2pK-uHWPdFKGecPgNmllSjmrU69cr5mtBwgVO1QsX0TEpj6F7VlOnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2x7g%2FZfAjNS5nFGoVDylEB6qBy%2BqssSB6vkJ0wG%2ByFIuRizJOIxXM11ZH2N8lpquKPEgKXNwxvC%2BRkCUVBcirZ3WG0ArtdMc5b9TqtHP4z%2FfhkyLSzvPweaq1xdpme7T5vFRwZTVgDyERX3j"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 67b16fb83b3a2c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 62F8 18 KB
19 KB 58ms
55ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59249
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MErWgPzGw7HeatLiVPwXidjjuL%2BO0s7LE9hV4arG9ViR82n9t7%2Fa3pPc8Nk1GoosBv%2Fg5CE5XwQMXD%2BOUTnfXH5Fr9tO6%2FmafS%2BgqYyMgwv%2Fgq4Deki8%2FSyu3GwxchyHgJwyUjreW9keUy%2Bu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67b16fb83b402c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 62F8 2 KB
3 KB 46ms
44ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58332
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduJSOyHuUy7cn8Lfj3MDejhvDr0RCV2KoVaOB7hUMeUxS05vwVNd0ugJbC-1EkQVZptxLODte-GtiMt0B0gDYNwW6UaOw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5JoFDHAayx4Fe41zOvNelBWBqBVFszToP4rnTYknwpFrgVMOsnzmu99FCaEsAd8zJWQi76GZEpe13V3V2b2NiREBeaAzEbqoKdm1yt28%2FIC9dVc5Ef%2B9K%2F%2BDRexG3uzp2XKGI5exnC%2FXvNn"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67b16fb83b432c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 62F8 43 B
704 B 114ms
54ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneiddr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7oneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 62F8 15 KB
16 KB 39ms
37ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61568
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdulB8pbm7pBn3bbe0k2xBLL42wX9H7URiKXcJZ-1oY0IahYULVzYqoedEyFD3rejCq47u6w0xxhy_yTkrEVhA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0H2ilyIu84gxr6XXy1UI%2FSUkHfKp%2FV3PmLQlEylz2Hll4856QeLWt8y3eSCU23%2B767i4wTVALCyMUfPqYdzGMxzJhcmWz%2BjliCcJeZdLjwp55%2BqS2ohLa%2BojlY78GWUYS0WfYw6OvHg198ta"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 67b16fb83b482c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 8EBD8603989238586F45CCA2ABCD49692693CFE263A8BB411BE4E591D42447B938C0A8E1DED85F80AA8F739E40599E1B3F67C962D9FAB297D5B2F78174DD8A11
assets.ad4m.at/ Frame 62F8 45 KB
46 KB 45ms
43ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/8EBD8603989238586F45CCA2ABCD49692693CFE263A8BB411BE4E591D42447B938C0A8E1DED85F80AA8F739E40599E1B3F67C962D9FAB297D5B2F78174DD8A11
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5619957e57f4831d8ced7fadec4ddb973d4f1a3d3a6e881b30a544359e49557

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=T1rHXA==, md5=LGdqKzv0+KWdm610JEI1vg==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57635
cf-polished: qual=85, origFmt=jpeg, origSize=116330
x-guploader-uploadid: ADPycdtCuOrQLAANK3qMNfFxgtwF_EV8YUhrWE84bZdWtI8v_AtVciXqrs6BKbdo5ET-SgTXOUQI4UYuG2tH0TWzTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46168
last-modified: Fri, 20 Dec 2019 11:48:34 GMT
server: cloudflare
etag: "2c676a2b3bf4f8a59d9bad74244235be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irSCL5pHRilpZqaCQHMr%2F307o6mFskoZQKiQXQ7co6g5VcCwahSWkULcIT4mxUFHJzE%2FcD%2BfjkGO3OZy%2F1veRPhsb2dmyN%2F3%2B2pGBWMiNYy1spkypX%2BY6CiTw39xHIxRuh0IujYfzPCSwGXN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1576842514308047
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 116330
accept-ranges: bytes
cf-ray: 67b16fb83b4a2c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 62F8
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produkt...

0
179 B

1124ms
49ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produktid=girodirekt&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Aug 2021 05:11:15 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: D5E857B3:1652_91EFC182:01BB_610EA293_4054D50:AE76
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40028
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produktid=girodirekt&dt_url=
Cache-control: private
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ Frame 8463 26 B
271 B 75ms
74ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:4B3A_91EFC191:01BB_610EA293_2E89B9A:27B7E
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 8463 38 KB
16 KB 16ms
16ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Sun, 08 Aug 2021 15:11:04 GMT

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame 8463
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

71 KB
21 KB

9ms
8ms

Script
application/x-javascript

2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fbc18d8db6012565449eef0a113333f5b8d04c86bd3b3492439b9907fc7f5ad6

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 13:41:47 GMT
Server: AkamaiNetStorage
ETag: "e8f732091957bed1c7bcdd3debf0feba:1628170909.685334"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21457

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Sat, 07 Aug 2021 15:11:14 GMT
content-length: 0

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame EDEE 12 KB
12 KB 963ms
106ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_970x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 42371e2f0fee6b91ceb589e1407abece69e32e5fe2a59ba6ef80f6b2432407ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:16 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:16 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ Frame 8463 0
280 B 28ms
27ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=18763&f=31&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx
X-IPLB-Request-ID: D5E857B3:34A6_36264064:01BB_610EA293_D8B7A5:1FC07
X-IPLB-Instance: 20686
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
geo: rbx

GET
H2 200 sync Show response
gum.criteo.com/ Frame 8463 49 B
362 B 12ms
12ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 07 Aug 2021 15:11:15 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1427
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 8463 4 KB
4 KB 24ms
24ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Last-Modified: Mon, 31 May 2021 09:17:17 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: D5E857B3:8276_91EFC0A6:01BB_610EA293_374A8203:260F0
ETag: "60b4a99d-10b7"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6B2A 2 KB
823 B 24ms
24ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1628349075343

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1628349075343
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame DF96 95 B
412 B 26ms
26ms Document
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://news8.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=79c087bf-0e09-4f2f-5b57-90c1e3581940; zsc=%9Aqu%03%A0%29%7D%87%7F%CB%14%9D+%7F%21%28z%9B%D9%99%F4%ED%B5%CF%BD%D6%3F%C7%89%FEP%A6%CABn%F48%E7%FA4%F3%E6%15%BFPd%03%B6%CE%F4S%C4%E5%26Qz%05r%5B%80R%0A%7D%F9%BB%CAy5%9A%F7%2C%7F%28%7BE%5E%0EL%5B%F45c%D3x%C4%A0%26%E5%02%98%C2%D7C%F6%A11%13%3D_%2BV%0C%97y%88
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://news8.de
set-cookie: zc=79c087bf-0e09-4f2f-5b57-90c1e3581940; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%E7e%D9E%3A2.%0C%26%22%8B%89%80V%18%BA%5E%87e%C0%DBT%81%3E%C1p%D1%88%9E5%13%A9L%3D%07%F84%0C%0D%15%ED-5%05%83%29f2%3A%A4%9F%82iN5%CC.%A6%08S8%2F%A1%0F%BC%98%25%82G%BE%3D%F3%C6%B7K%3B%7F%0C%F5%CC%21%EEM%05%D7%5Dn%B3%18%87%D4%CC%5B%FE%A5%ABb%F5Oj%01zt%9Fe; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb8ef8f4401-FRA

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 8463 24 KB
9 KB 7ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 14 Aug 2021 15:11:15 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12763/ Frame 8463 3 KB
3 KB 32ms
32ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12763/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7458b398b6bdb94abc1699144ff8a0bc7ba2abda0d0ab04f6a6fa2b3f8732e5b

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Cache-Control: max-age=604800, public
Connection: keep-alive
Content-Length: 3010
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 8463 25 KB
26 KB 35ms
34ms Script
text/javascript 13.224.89.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-192.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 18:35:21 GMT
Via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 74154
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: IkoC-Dx6CGf_GqGBo8JnfFQv0uJ5W8Na_e2euAAHZHZPhpJwldfkmw==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ Frame 8463 37 KB
13 KB 30ms
29ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 14:21:16 GMT
Server: Apache
ETag: "764e29-930b-5c8f8dd771a64"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=907
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sat, 07 Aug 2021 15:26:22 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/ Frame 8463 540 KB
168 KB 16ms
16ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_40/build_rb_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=18763&formatId=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 693da80d296c48fa32c8a41070cdb891f51396d19791a5facc56048053eee1b5

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 15:38:42 GMT
server: nginx
etag: W/"60f99102-86e2f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 171723
expires: Sun, 08 Aug 2021 15:10:47 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 8463
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELDgZNXtxTv-b2MDSn1xi8I&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELDgZNXtxTv-b2MDSn1xi...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2523836470160306372&opid=apx&ops=&utidl=tech:goo:CAESELDgZNXtxTv-b2MDSn1xi8I&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19666677774&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

43 B
1 KB

32ms
31ms

Image
image/gif

54.36.109.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A19666677774&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.183 , France, ASN16276 (OVH, FR),

Reverse DNS

p08.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:22 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A19666677774&sd=Y2FzY2FkZXNSZW1haW5pbmc9OCZjYXNjYWRlc0RvbmU9MiZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
date: Sat, 07 Aug 2021 15:11:22 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame D18D 1 KB
1 KB 11ms
11ms Script
application/javascript 2600:9000:2190:d400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:18:39 GMT
content-encoding: gzip
age: 3157
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nxXOMAk6_SrB5pwHq0kCo2wzU-3-ZOGDlijoycYbTmhX3_7b6tIVqQ==

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 37E6 109 B
538 B 3164ms
44ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 624bdc70b073a9b87de97e54222c047b2768328c49cfb4dc94acdbfdbc915bfe

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news8.de
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 06 Sep 2021 15:11:18 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 37E6 44 B
323 B 3116ms
33ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://news8.de
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 406D 0
247 B 27ms
25ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://news8.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

Server: nginx/1.14.2
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: D5E857B3:8276_91EFC0A6:01BB_610EA293_374A821A:260F0
X-IPLB-Instance: 30196

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 62F8 12 KB
12 KB 1120ms
106ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: d94908f89e43bb333a4f0d122a41b5ec14272d7659ef0158dd135b611bdd1c78

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:16 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:16 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 61EF 0
247 B 26ms
26ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fmedia.blackbeats.fm%2Ftags%2F300%2Findex.html&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://media.blackbeats.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://media.blackbeats.fm/

Response headers

Server: nginx/1.14.2
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: D5E857B3:8288_91EFC0A6:01BB_610EA293_374885D6:260F3
X-IPLB-Instance: 30196

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 9A37 64 KB
8 KB 30ms
30ms Stylesheet
text/css 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 247298
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Sat, 07 Aug 2021 16:11:15 GMT
last-modified: Mon, 26 Jul 2021 09:04:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67b16fb92d1d2c2e-FRA
cf-bgj: minify

GET
H3-29 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 9A37 12 KB
13 KB 42ms
42ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60976
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycds2iXyMjyt9pZkx_VDJ9YD8kBW6DgpLbEL5MIQjwKqKb-KSktrkP_NkXSj9OnjYKoCx0255ULKTy-KmVrcEvbeUhla8tQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6Qh3TxsxwkKkHdup8DZmqmtCTmzj9DQscxgNXrShl24%2BL8U%2Bss7%2FHEVGjmWWnHGas8CsVrP5Av2Phu6E%2F2C9GgRUO1C1EDZkWYii3fLoaUi28FbZzDHTxYCsRqE3ZshDRuGgLOYk%2BA7%2B2PW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 67b16fb92d202c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 9A37 10 KB
11 KB 31ms
30ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82284
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdsEsRwR2tEQS1bQMLHTieGhupmn03sQlsHtPatB2pK-uHWPdFKGecPgNmllSjmrU69cr5mtBwgVO1QsX0TEpj6F7VlOnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPQ78pNp9bIOMhEzu7ddRUN5pxfAOCXxs5Ui8Ze5UGwNLC7ub3mfPJl9Z%2FjsnSk9mgZ5E%2FQPYQEIVU1yEf9B0kobXGhp5s3hylE2uzReT8DkoDrmYAHTpqag1%2B38NX2Vv%2FQs8B0SUwUw1Fjw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 67b16fb92d212c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 9A37 18 KB
19 KB 32ms
30ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59249
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmWJxkB1m6POGPRI72%2Buo8cj2v1QKiM3nphLn6T5%2B%2Bjc3dUICQPX5umjHq5Kt7NQHDve9xIhvw5fwQKRDdoHedMRPAEzmhRg7ZqGRJ7BFiUw1lLwpo8gnV9lJxypfsli7qC2T3EA9ivUpio2"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67b16fb92d242c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 9A37 2 KB
3 KB 33ms
32ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58332
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduJSOyHuUy7cn8Lfj3MDejhvDr0RCV2KoVaOB7hUMeUxS05vwVNd0ugJbC-1EkQVZptxLODte-GtiMt0B0gDYNwW6UaOw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2qQwehpeWBQOORl5E4k4Cuvv53GvjGPO0SVsJTSj04muG6ouWN3T5yelUz8%2FlopSNRdayZI3bvZtEUdpv%2FSjPAXMZy1TSvQ9dyMMh2y6eXC5Gg%2BzTqyO7viQFpdHBWUTw9XSNdTzQ3rpzBQ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67b16fb92d252c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9A37 43 B
704 B 53ms
52ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneiddr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7oneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 9A37 15 KB
16 KB 33ms
32ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61568
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdulB8pbm7pBn3bbe0k2xBLL42wX9H7URiKXcJZ-1oY0IahYULVzYqoedEyFD3rejCq47u6w0xxhy_yTkrEVhA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FNquh1N%2F5u6GF%2FE0EyPbp0XgidQE7k1F0lCpwZ%2FZmdmcZOjbThIbQXpm6D%2Bqrfl2pt2Odes%2BZbWzmDxkLtgmqXOH2p4Ew5QHjs88IYwodT4kXWD7fS%2FBrGASDvHDo2xZBdktmCQdM3JLpt3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 67b16fb92d282c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 50270FD72C446983BEB21B8530CF7FFBE962FE2F43651A11D0A8FEBB3609FEEA311FBBDD45019DBDBBE9392739119AFD9E15B3F6D7305E11B283370B610DD798.
assets.ad4m.at/product_image/ Frame 9A37 489 KB
490 KB 34ms
31ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/50270FD72C446983BEB21B8530CF7FFBE962FE2F43651A11D0A8FEBB3609FEEA311FBBDD45019DBDBBE9392739119AFD9E15B3F6D7305E11B283370B610DD798.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c541cd5f041147f67b3fb70550fc735265c3e5930bb8db2716d5cd7aa22dd6f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=lIUygg==, md5=fLfh5GRv46g5qemv56lBaA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61690
cf-polished: origFmt=png, origSize=770312
x-guploader-uploadid: ADPycdsCGzS26Mi-haj8LScK42gSMLQacATUFHVidAmVatPLL6YTZyK0OBxxQgYlftz9cLpfHDfbQj_fQZtUiEpihvSK7vrvNw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="50270FD72C446983BEB21B8530CF7FFBE962FE2F43651A11D0A8FEBB3609FEEA311FBBDD45019DBDBBE9392739119AFD9E15B3F6D7305E11B283370B610DD798.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 500762
last-modified: Mon, 17 May 2021 13:20:36 GMT
server: cloudflare
etag: "7cb7e1e4646fe3a839a9e9afe7a94168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0Abh9itDKggxZgTGjilidLxGFDd5HactRFjvkFtNNUEnelSg7oDr2wzWu1K02r%2Bdk1pZLVXOrXXN1vyXuvdtj3bVSALRXJNHkrseTePp5rZM42z7d5Bx%2FlFR0FJFBcaw5v1wuB9PieIhmW%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1621257635998488
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 770312
accept-ranges: bytes
cf-ray: 67b16fb92d2f2c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 9A37
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_970x250&actionid=879111&produkt...

0
178 B

1059ms
47ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_970x250&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Aug 2021 05:11:15 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: D5E857B3:1652_91EFC182:01BB_610EA293_4054D56:AE76
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40028
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6oneid__webplexmedia_advancedad_970x250&actionid=879111&produktid=ratenkredit&dt_url=
Cache-control: private
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 1EE9 64 KB
8 KB 31ms
30ms Stylesheet
text/css 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 247298
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Sat, 07 Aug 2021 16:11:15 GMT
last-modified: Mon, 26 Jul 2021 09:04:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67b16fb92d222c2e-FRA
cf-bgj: minify

GET
H3-29 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 1EE9 12 KB
13 KB 41ms
40ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60976
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycds2iXyMjyt9pZkx_VDJ9YD8kBW6DgpLbEL5MIQjwKqKb-KSktrkP_NkXSj9OnjYKoCx0255ULKTy-KmVrcEvbeUhla8tQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYutrqbpa9U0BD7tKAx0IOAVdzMzL%2F9XeC7Wag0md7wvD385gxMe1biX8qtq9gUmKAjny8zNDN2D5FCtFeZB5r1BRaJpmw4gCYctCjBSjErbhG3qYAMmTMQ3S7KvGf50SLTB74F9eFE0QAEw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 67b16fb92d2b2c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 1EE9 10 KB
11 KB 62ms
60ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82284
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdsEsRwR2tEQS1bQMLHTieGhupmn03sQlsHtPatB2pK-uHWPdFKGecPgNmllSjmrU69cr5mtBwgVO1QsX0TEpj6F7VlOnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJzhsSx3cLKQtlyGYOwq%2FG%2FkBlg9%2Bf0scZnatt%2B0NAoqqbb2FYIwrY9fvLz59ETC6JXzL4PeRp0grEaEy1h9xChIDIQRRsM5rYcbd9j9PM%2Fx5nnnKxA%2BbG8pwFPzzIvBj1fcqs1enlSjXeIg"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 67b16fb92d302c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 1EE9 18 KB
19 KB 62ms
60ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59249
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrusSv8hqHKiS7rcI3ZLgu%2BRYASKLkM1EDephzOztG0OP36l5dPSsN8XYeP0IyAnhAfqhoMT8MiGSaLl4Ru90zexAVuM9u6UHouQL%2BPGpJfGzlSz5%2F6aM9RAIHNrpdiAG76kV4gsHFn2s1ua"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67b16fb92d322c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 1EE9 2 KB
3 KB 62ms
60ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58332
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduJSOyHuUy7cn8Lfj3MDejhvDr0RCV2KoVaOB7hUMeUxS05vwVNd0ugJbC-1EkQVZptxLODte-GtiMt0B0gDYNwW6UaOw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOlUucJUdDFYCIOJlefuha2NCTESMHS%2FHU%2BuAcQESBlbcueD57ac7SNhUCTiW4rvFfTlYtGU%2BLzEUNA62VkxaMEmI1HcQ22nfs2Mn5I95ExI27cB3zCTUY3FDBaqQkqBp3MuZqqKWLU%2F%2Bvaq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67b16fb92d592c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1EE9 43 B
704 B 105ms
53ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneiddr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7oneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 1EE9 15 KB
16 KB 62ms
60ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61568
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdulB8pbm7pBn3bbe0k2xBLL42wX9H7URiKXcJZ-1oY0IahYULVzYqoedEyFD3rejCq47u6w0xxhy_yTkrEVhA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eEQuu4jzCVtzvcrmfuYvuVpvP74zWUW3iGWg2viPZr%2BBOnRp3i48mUKGQzBQYVfL7fOPmbeVUJ20EYfu4H6H7F5I3R4n6hqcNAxE23VsZPRYg%2B%2B5tc83t70lFdH1yu5FH9STw%2FXCiSaKjoN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 67b16fb92d5e2c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 8EBD8603989238586F45CCA2ABCD49692693CFE263A8BB411BE4E591D42447B938C0A8E1DED85F80AA8F739E40599E1B3F67C962D9FAB297D5B2F78174DD8A11
assets.ad4m.at/ Frame 1EE9 45 KB
46 KB 63ms
59ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/8EBD8603989238586F45CCA2ABCD49692693CFE263A8BB411BE4E591D42447B938C0A8E1DED85F80AA8F739E40599E1B3F67C962D9FAB297D5B2F78174DD8A11
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5619957e57f4831d8ced7fadec4ddb973d4f1a3d3a6e881b30a544359e49557

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=T1rHXA==, md5=LGdqKzv0+KWdm610JEI1vg==
date: Sat, 07 Aug 2021 15:11:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57635
cf-polished: qual=85, origFmt=jpeg, origSize=116330
x-guploader-uploadid: ADPycdtCuOrQLAANK3qMNfFxgtwF_EV8YUhrWE84bZdWtI8v_AtVciXqrs6BKbdo5ET-SgTXOUQI4UYuG2tH0TWzTA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46168
last-modified: Fri, 20 Dec 2019 11:48:34 GMT
server: cloudflare
etag: "2c676a2b3bf4f8a59d9bad74244235be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqlJ6raAmVIpjYYuGCbR3P4ZkvWLlXQmJXpbrsZOwKdBvSfRgmQ1J3I3o1v4xaeDnE0roDli9tKNZCIpFHU8NyI2U7D2v4JlpkLO7PYNg%2BqqRs5XCLTUNtrFr0d2rny8UnBDB48jkWwHQiyX"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1576842514308047
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:15 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 116330
accept-ranges: bytes
cf-ray: 67b16fb92d5f2c2e-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 1EE9
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produkt...

0
179 B

1036ms
49ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produktid=girodirekt&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Bad Schwalbach, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 07 Aug 2021 05:11:15 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:11:15 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: D5E857B3:16A4_91EFC182:01BB_610EA293_4064DC7:1282E
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3Moneid__webplexmedia_advancedad_300x250&actionid=920184&produktid=girodirekt&dt_url=
Cache-control: private
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5715
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&...
https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258

95 B
153 B

57ms
43ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fb9794f4401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 41075d2a-1ecc-410b-8f24-5232c8cdf9a3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5715
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2...
https://mwzeom.zeotap.com/mw?google_gid=CAESEFeyvnjnvDicicQ9KpqTC5E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce3...

95 B
153 B

35ms
35ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEFeyvnjnvDicicQ9KpqTC5E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fbb5eb84401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEFeyvnjnvDicicQ9KpqTC5E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5715
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef52-8c66-4b8a-614c-8a02a1e09ac4%26reqId%3Df76b0723-aaf7-41f8-402c-ce309b...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef52-8c66-4b8a-614c-8a02a1e09ac4%26reqId%3Df76b0723-aaf7-41f8-402c-ce309b...
https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc...

95 B
233 B

17ms
16ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fcd3e224401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5715
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=50783381750508615571174002981623352748&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b09230...

95 B
153 B

39ms
39ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=50783381750508615571174002981623352748&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fcf3bf44401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v012-0d93da951.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7/JO9Bn0QEg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=50783381750508615571174002981623352748&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5715
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=ZlngyZ3nwp6yGizNhzuM1osp3XkYobro%2BS41iYitP1U%3D

95 B
256 B

21ms
21ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=ZlngyZ3nwp6yGizNhzuM1osp3XkYobro%2BS41iYitP1U%3D
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fe60bfa4401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:22 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=ZlngyZ3nwp6yGizNhzuM1osp3XkYobro%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5715
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6966ef5...
https://mwzeom.zeotap.com/mw?cid=e000610e-a294-4500-acd6-7cc146949b9b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce30...

95 B
153 B

48ms
48ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=e000610e-a294-4500-acd6-7cc146949b9b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fc0cd544401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Sat, 07 Aug 2021 15:11:16 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=e000610e-a294-4500-acd6-7cc146949b9b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sat, 07 Aug 2021 15:13:27 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 5715 541 B
415 B 52ms
46ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8f4c80fcdd7b354298366e842ca569e2d4530cc5849bdd14445d89c3530a52

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 67b16fb938754401-FRA
date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 32F7 109 B
545 B 3145ms
47ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: b80ab7b24df3af376fcc8f0135f6b2001f8357c55fe241cff17d1b58c10dac94

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://media.blackbeats.fm
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 06 Sep 2021 15:11:18 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 32F7 44 B
130 B 3095ms
35ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://media.blackbeats.fm
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E82C
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&...
https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258

95 B
153 B

24ms
24ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fb9b9f04401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 29bc2f9b-9ea0-4595-84f6-d72134a64093
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E82C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2...
https://mwzeom.zeotap.com/mw?google_gid=CAESEMlzoImsvffOD1fGFuzqdLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f8...

95 B
153 B

30ms
29ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEMlzoImsvffOD1fGFuzqdLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fbb5eb24401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEMlzoImsvffOD1fGFuzqdLg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E82C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad735-8ede-45e7-6d13-787d9f93bdd8%26reqId%3D68179a63-fd07-477c-7fea-2f85f3...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad735-8ede-45e7-6d13-787d9f93bdd8%26reqId%3D68179a63-fd07-477c-7fea-2f85f3...
https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc...

95 B
306 B

16ms
16ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fcd3e294401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E82C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=6daad735-8ede-45e7-6d13-787d9f93bdd8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=6daad735-8ede-45e7-6d13-787d9f93bdd8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=75690017678168102843307564103886423746&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472...

95 B
153 B

17ms
17ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=75690017678168102843307564103886423746&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fcf4c354401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcscanary-prod-irl1-1-v018-0d697b020.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0ZLa+o1iTmQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=75690017678168102843307564103886423746&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E82C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=VGZc7t8uVQGjC8uYjkMSfO2fchpafWVj%2BS41iYitP1U%3D

95 B
233 B

22ms
21ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=VGZc7t8uVQGjC8uYjkMSfO2fchpafWVj%2BS41iYitP1U%3D
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fe60bf94401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:22 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=VGZc7t8uVQGjC8uYjkMSfO2fchpafWVj%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E82C
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D6daad73...
https://mwzeom.zeotap.com/mw?cid=a40d610e-a294-4c00-af15-7c3eaefaf56c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85...

95 B
153 B

21ms
21ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=a40d610e-a294-4c00-af15-7c3eaefaf56c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fc0cd564401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Sat, 07 Aug 2021 15:11:16 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=a40d610e-a294-4c00-af15-7c3eaefaf56c&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sat, 07 Aug 2021 15:13:27 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame E82C 541 B
473 B 31ms
29ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4f994af5363856befca71e0fa5b73478d1c71ad8a557d23660a0883160abac1

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 67b16fb9387b4401-FRA
date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C0
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&...
https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258

95 B
153 B

25ms
24ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fb9da6d4401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c4370aaa-938c-4832-9cd4-a895694eae2d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8563344052665610748&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2...
https://mwzeom.zeotap.com/mw?google_gid=CAESECHJYfolMpvQ_JnwpEN_1dM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe5...

95 B
153 B

20ms
20ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESECHJYfolMpvQ_JnwpEN_1dM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fbb5eb74401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESECHJYfolMpvQ_JnwpEN_1dM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087bf-0e09-4f2f-5b57-90c1e3581940%26reqId%3Db04fb981-6c68-4c03-7705-fe53bc...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087bf-0e09-4f2f-5b57-90c1e3581940%26reqId%3Db04fb981-6c68-4c03-7705-fe53bc...
https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc...

95 B
335 B

36ms
35ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fcd3e2d4401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=3ac5065e-1b8d-476a-a73a-f621be54d5af&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C0
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=79c087bf-0e09-4f2f-5b57-90c1e3581940&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=79c087bf-0e09-4f2f-5b57-90c1e3581940&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=87184685948734193712898779371216851634&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0a...

95 B
153 B

18ms
18ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=87184685948734193712898779371216851634&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fcf6c7b4401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v012-08328c47a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WXdi+0T/TRM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=87184685948734193712898779371216851634&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C0
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hqXSccse2AqjC8uYjkMSfBBxNd7865N7%2BS41iYitP1U%3D

95 B
234 B

34ms
34ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hqXSccse2AqjC8uYjkMSfBBxNd7865N7%2BS41iYitP1U%3D
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fe60bfb4401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:22 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=hqXSccse2AqjC8uYjkMSfBBxNd7865N7%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 60C0
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D79c087b...
https://mwzeom.zeotap.com/mw?cid=163c610e-a294-4000-a995-b59af1c2ce92&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53...

95 B
176 B

20ms
20ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=163c610e-a294-4000-a995-b59af1c2ce92&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 67b16fc0cd574401-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Sat, 07 Aug 2021 15:11:16 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=163c610e-a294-4000-a995-b59af1c2ce92&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sat, 07 Aug 2021 15:13:27 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 60C0 541 B
415 B 34ms
32ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62040cfd36fa85db5922aacafc5ae806215c5f219ce1b3caff595ad0fa8f9e4d

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 67b16fb9387f4401-FRA
date: Sat, 07 Aug 2021 15:11:15 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H2 200 pixel;r=1173745401;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.blackbeats.fm%2Ftags%2F300%2Findex.html;ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlS...
pixel.quantserve.com/ Frame 32F7 35 B
371 B 13ms
11ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1173745401;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fmedia.blackbeats.fm%2Ftags%2F300%2Findex.html;ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D;uht=2;fpan=1;fpa=P0-338492922-1628349075398;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=media.blackbeats.fm;je=0;sr=1600x1200x24;dst=1;et=1628349075398;tzo=-120;ogl=

Requested by

Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=771378667;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html;ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13B...
pixel.quantserve.com/ Frame 37E6 35 B
371 B 12ms
12ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=771378667;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html;ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D;uht=2;fpan=1;fpa=P0-470201570-1628349075399;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=news8.de;je=0;sr=1600x1200x24;dst=1;et=1628349075399;tzo=-120;ogl=

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 09A7 0
247 B 25ms
25ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnews8.de%2Ftags%2F300%2Findex.html&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://news8.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

Server: nginx/1.14.2
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: D5E857B3:8276_91EFC0A6:01BB_610EA293_374A8223:260F0
X-IPLB-Instance: 30196

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame D18D 44 B
110 B 3083ms
36ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://news8.de
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame D18D 109 B
538 B 3127ms
43ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 60413f8e1fc3b0e944a8acff9aa96bf9378cbc803016e7511710e5047edcf31e

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news8.de
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 06 Sep 2021 15:11:18 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ Frame 37E6 1 KB
2 KB 173ms
31ms Script
application/javascript 54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d05b05ece98098a1cdd85995d6c8dd087a569cd288399cd78bedeb9d4c374380

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1060
Expires: Mon, 26 Jul 2021 14:30:12 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ Frame 32F7 1 KB
2 KB 205ms
31ms Script
application/javascript 54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D&hn_ver=18&fid=59f90329-fd79-44d1-a850-57a8b362cb4c

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6eaa1f78cc8a6a02747786d3b8ee49978ce14a40891517a79c5bd250894c1ba5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1065
Expires: Mon, 26 Jul 2021 14:30:12 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ Frame D18D 1 KB
2 KB 234ms
31ms Script
application/javascript 54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D&hn_ver=18&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

54f4d6caa51cea4c738ad9d594dd599a2b0694293a654f017c96a4b69b3fa26b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1054
Expires: Mon, 26 Jul 2021 14:30:12 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 37E6 84 KB
30 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 07:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:24:51 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 32F7 84 KB
30 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 07:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:24:51 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 8463 1 KB
1 KB 13ms
12ms Script
application/javascript 2600:9000:2190:d400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 14:18:39 GMT
content-encoding: gzip
age: 3157
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: OuhtYtfVFxuOGosk3eQFaoATI7rok_7fkQRUEE4gU8yt7PBGaZY8nw==

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame A546 0
247 B 30ms
24ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://news8.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://news8.de/

Response headers

Server: nginx/1.14.2
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: D5E857B3:8276_91EFC0A6:01BB_610EA293_374A822F:260F0
X-IPLB-Instance: 30196

GET
H2 200 pixel;r=1075886686;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnews8.de%2Ftags%2F300%2Findex.html;ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0...
pixel.quantserve.com/ Frame D18D 35 B
210 B 10ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1075886686;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnews8.de%2Ftags%2F300%2Findex.html;ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D;uht=2;fpan=1;fpa=P0-176762260-1628349075429;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=news8.de;je=0;sr=1600x1200x24;dst=1;et=1628349075428;tzo=-120;ogl=

Requested by

Host: news8.de
URL: https://news8.de/tags/300/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame D18D 84 KB
30 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 07:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:24:51 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ Frame 8463 44 B
110 B 3045ms
35ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://news8.de
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 8463 109 B
537 B 3091ms
44ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 86499a701374f3477774f06df9345b25c9db190ab8715b23ea52e6999e5a7bae

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news8.de
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 06 Sep 2021 15:11:18 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ Frame 8463 1 KB
2 KB 221ms
32ms Script
application/javascript 54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=da36529c-3af8-4a21-be85-df4259ac7926

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

51ebab3a69faf0b0b1e36725bc67bb1386b3e77c84aafb347a77d4fc7a6ff863

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1060
Expires: Mon, 26 Jul 2021 14:30:12 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 9A37 12 KB
12 KB 2340ms
107ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_970x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=970&d=250&e=&g=09fab698c9395e363b19e26870582e2f%2F17902028044893834189&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: c8bd65c322299d28db40b7f48d125d9e534000c97210e0f24485f3d3c3744af0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:17 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:17 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 1EE9 12 KB
12 KB 2516ms
107ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=fbadbd35dacf186462e8ee9d326634b6%2F14064891543399937470&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 553afe173b775da39454152ea25a8c9466589690615b2c2466ef654a9b22fba9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:17 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:17 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame E82C 0
0 21ms
20ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=6daad735-8ede-45e7-6d13-787d9f93bdd8&reqId=68179a63-fd07-477c-7fea-2f85f369472f&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=79c087bf-0e09-4f2f-5b57-90c1e3581940; zsc=%E7e%D9E%3A2.%0C%26%22%8B%89%80V%18%BA%5E%87e%C0%DBT%81%3E%C1p%D1%88%9E5%13%A9L%3D%07%F84%0C%0D%15%ED-5%05%83%29f2%3A%A4%9F%82iN5%CC.%A6%08S8%2F%A1%0F%BC%98%25%82G%BE%3D%F3%C6%B7K%3B%7F%0C%F5%CC%21%EEM%05%D7%5Dn%B3%18%87%D4%CC%5B%FE%A5%ABb%F5Oj%01zt%9Fe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb9ba0f4401-FRA

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 8463 84 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 07:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:24:51 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame 60C0 0
0 20ms
20ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=79c087bf-0e09-4f2f-5b57-90c1e3581940&reqId=b04fb981-6c68-4c03-7705-fe53bcadd0ad&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=79c087bf-0e09-4f2f-5b57-90c1e3581940; zsc=%E7e%D9E%3A2.%0C%26%22%8B%89%80V%18%BA%5E%87e%C0%DBT%81%3E%C1p%D1%88%9E5%13%A9L%3D%07%F84%0C%0D%15%ED-5%05%83%29f2%3A%A4%9F%82iN5%CC.%A6%08S8%2F%A1%0F%BC%98%25%82G%BE%3D%F3%C6%B7K%3B%7F%0C%F5%CC%21%EEM%05%D7%5Dn%B3%18%87%D4%CC%5B%FE%A5%ABb%F5Oj%01zt%9Fe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb9ca2d4401-FRA

GET
H2 204 cmp
spl.zeotap.com/ Frame 5715 0
0 30ms
30ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=6966ef52-8c66-4b8a-614c-8a02a1e09ac4&reqId=f76b0723-aaf7-41f8-402c-ce309b092303&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=79c087bf-0e09-4f2f-5b57-90c1e3581940; zsc=%E7e%D9E%3A2.%0C%26%22%8B%89%80V%18%BA%5E%87e%C0%DBT%81%3E%C1p%D1%88%9E5%13%A9L%3D%07%F84%0C%0D%15%ED-5%05%83%29f2%3A%A4%9F%82iN5%CC.%A6%08S8%2F%A1%0F%BC%98%25%82G%BE%3D%F3%C6%B7K%3B%7F%0C%F5%CC%21%EEM%05%D7%5Dn%B3%18%87%D4%CC%5B%FE%A5%ABb%F5Oj%01zt%9Fe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b16fb9ca314401-FRA

GET
H2 200 pixel;r=323216557;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html;ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13B...
pixel.quantserve.com/ Frame 8463 35 B
210 B 10ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=323216557;labels=Categories.artsandentertainment;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnews8.de%2Ftags%2F970%2Findex.html;ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D;uht=2;fpan=1;fpa=P0-861874344-1628349075485;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;d=news8.de;je=0;sr=1600x1200x24;dst=1;et=1628349075485;tzo=-120;ogl=

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame 32F7 0
530 B 144ms
36ms XHR
application/x-javascript 54.217.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.215.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 15:11:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://media.blackbeats.fm
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame 37E6 0
519 B 176ms
35ms XHR
application/x-javascript 54.217.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.215.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 15:11:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://news8.de
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame D18D 0
519 B 211ms
35ms XHR
application/x-javascript 54.217.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.215.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 15:11:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://news8.de
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame 8463 0
519 B 245ms
36ms XHR
application/x-javascript 54.217.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.215.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Aug 2021 15:11:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://news8.de
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3BC3 60 KB
61 KB 350ms
35ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zmpZOOhCPWgwSGI0KhEOhezEiMOIyjV9
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 09:15:25 GMT
server: AmazonS3
age: 65842
etag: "a36c650003d82cecddad8f5c37f2cc75"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 06 Aug 2021 20:53:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61522
x-amz-cf-id: MN42ZF9CIil8PlBeiDyRr9NKq-ei5mmg0BLKO9CqFUEa3EUMT38D_w==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 3BC3 79 B
374 B 882ms
39ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOI5.LtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4JlpD_DK1civnEm_U_CvqCSFQ_01kKJA237lY5BSmVjMk..Ll&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221628349075%22%2C%22%22%2C%22%22%2C%22%22%2C%221636125075%22%2C%22oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=8d66616ded3c5c33f1de5ae3c09a804a&userIP=213.232.87.179&doAffectv=1&wgtime=1628349075
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:16 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 3BC3 25 KB
26 KB 2529ms
31ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid45raEf5fmdXfWC9HdtAtDXrTdtZtKBoneid__asuidaiQzPg4BtrKHBvaO086sSNfXwNxHD7bjasuid__wortsuchen_advancedad_300x250&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15579&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2C2wXU6fqfM1msVHWHkt8tbdDCztgt7Q6&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C489hEf5fw3MsGH9HdtzCrqRfdtZtrzb&c=300&d=250&e=&g=586b68c330bd43820c189acf9a0e9eea%2F14574838194327438216&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:18 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:18 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 37E6 0
214 B 173ms
24ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=4b9a6354d24ece06&gdpr=0
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

an_fire
s.cpx.to/ Frame 37E6
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fnews8.de%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3...
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=6f5e9ed0-e31c-4657-8c3...

95 B
865 B

32ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:16 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9bf93b2a-17aa-4885-a42e-f06f55b9c654
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame 37E6
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D77D060-10A6-4407-BAFB-B2E2C52DE297&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9

95 B
881 B

72ms
32ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D77D060-10A6-4407-BAFB-B2E2C52DE297&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:15 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D77D060-10A6-4407-BAFB-B2E2C52DE297&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9
date: Sat, 07 Aug 2021 15:11:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 37E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&google_gid=CAESEA3YeWCvEXDENMFxII0R33k&google_cver=1

95 B
804 B

31ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&google_gid=CAESEA3YeWCvEXDENMFxII0R33k&google_cver=1

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&google_gid=CAESEA3YeWCvEXDENMFxII0R33k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 37E6
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&gdpr=0&cklb=1

0
436 B

81ms
26ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&gdpr=0&cklb=1
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6f5e9ed0-e31c-4657-8c36-7c2e6f9fd6b9&gdpr=0&cklb=1
pragma: no-cache
date: Sat, 07 Aug 2021 15:11:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame 37E6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

95 B
876 B

84ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ Frame 37E6 43 B
220 B 1102ms
23ms Image
image/gif 3.126.30.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.30.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-30-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame 32F7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

95 B
876 B

115ms
32ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Requested by

Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ Frame 32F7 43 B
220 B 1095ms
23ms Image
image/gif 3.126.30.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D&hn_ver=18&fid=59f90329-fd79-44d1-a850-57a8b362cb4c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.30.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-30-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

an_fire
s.cpx.to/ Frame 32F7
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fmedia.blackbeats.fm%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28LVj3O7...
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D&hn_ver=18&fid=59f90329-fd79-4...

95 B
865 B

48ms
32ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D&hn_ver=18&fid=59f90329-fd79-44d1-a850-57a8b362cb4c

Requested by

Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:16 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b119fe0f-3f15-4d8b-9f57-97fcd890769d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D&hn_ver=18&fid=59f90329-fd79-44d1-a850-57a8b362cb4c
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 32F7 0
214 B 166ms
24ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=4b9a63398ff5a911&gdpr=0
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 32F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&google_gid=CAESEDaomwluf_JNhFzBJMHk5GU&google_cver=1

95 B
804 B

60ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&google_gid=CAESEDaomwluf_JNhFzBJMHk5GU&google_cver=1

Requested by

Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&google_gid=CAESEDaomwluf_JNhFzBJMHk5GU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 32F7
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D59f90329-fd79-44d1-a850-57a8b362cb4c&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&gdpr=0&cklb=1

0
435 B

80ms
26ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&gdpr=0&cklb=1
Requested by: Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=59f90329-fd79-44d1-a850-57a8b362cb4c&gdpr=0&cklb=1
pragma: no-cache
date: Sat, 07 Aug 2021 15:11:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame 32F7
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D59f90329-fd79-44d1-a850-57a8b362cb4c
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D59f90329-fd79-44d1-a850-57a8b362cb4c
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=59f90329-fd79-44d1-a850-57a8b362cb4c

95 B
881 B

170ms
32ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=59f90329-fd79-44d1-a850-57a8b362cb4c

Requested by

Host: media.blackbeats.fm
URL: https://media.blackbeats.fm/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:15 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=59f90329-fd79-44d1-a850-57a8b362cb4c
date: Sat, 07 Aug 2021 15:11:15 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame D18D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

95 B
876 B

32ms
32ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Requested by

Host: news8.de
URL: https://news8.de/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ Frame D18D 43 B
220 B 1086ms
23ms Image
image/gif 3.126.30.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D&hn_ver=18&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.30.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-30-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame D18D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&google_gid=CAESEF_8ovh43yMsrtDthhf4V9I&google_cver=1

95 B
804 B

91ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&google_gid=CAESEF_8ovh43yMsrtDthhf4V9I&google_cver=1

Requested by

Host: news8.de
URL: https://news8.de/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&google_gid=CAESEF_8ovh43yMsrtDthhf4V9I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame D18D 0
214 B 164ms
31ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=4b9a61adaefc49bb&gdpr=0
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame D18D
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D3d0daa1b-34e2-4838-b209-b68311b19dd0&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&gdpr=0&cklb=1

0
435 B

58ms
26ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&gdpr=0&cklb=1
Requested by: Host: news8.de
URL: https://news8.de/tags/300/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0&gdpr=0&cklb=1
pragma: no-cache
date: Sat, 07 Aug 2021 15:11:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame D18D
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d0daa1b-34e2-4838-b209-b68311b19dd0
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d0daa1b-34e2-4838-b209-b68311b19dd0
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0

95 B
881 B

138ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0

Requested by

Host: news8.de
URL: https://news8.de/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:15 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=73796169-F590-45D8-9C3B-4B5776D0A712&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0
date: Sat, 07 Aug 2021 15:11:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

an_fire
s.cpx.to/ Frame D18D
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fnews8.de%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY...
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D&hn_ver=18&fid=3d0daa1b-34e2-4838-b209-b6...

95 B
865 B

61ms
32ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D&hn_ver=18&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0

Requested by

Host: news8.de
URL: https://news8.de/tags/300/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:16 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bc35c32b-fa4e-4de7-b123-f7902c9ac569
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D&hn_ver=18&fid=3d0daa1b-34e2-4838-b209-b68311b19dd0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame 8463
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

95 B
876 B

64ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=3ac5065e-1b8d-476a-a73a-f621be54d5af&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ Frame 8463 43 B
220 B 1042ms
23ms Image
image/gif 3.126.30.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=da36529c-3af8-4a21-be85-df4259ac7926
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.30.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-30-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame 8463
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dda36529c-3af8-4a21-be85-df4259ac7926
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dda36529c-3af8-4a21-be85-df4259ac7926
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A2B2DC11-4948-4B80-B007-7BA9C45562B4&fid=da36529c-3af8-4a21-be85-df4259ac7926

95 B
881 B

106ms
33ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A2B2DC11-4948-4B80-B007-7BA9C45562B4&fid=da36529c-3af8-4a21-be85-df4259ac7926

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:15 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A2B2DC11-4948-4B80-B007-7BA9C45562B4&fid=da36529c-3af8-4a21-be85-df4259ac7926
date: Sat, 07 Aug 2021 15:11:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

an_fire
s.cpx.to/ Frame 8463
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3Dhttps%253A%252F%252Fnews8.de%252F%253Fsess%253DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3...
https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=da36529c-3af8-4a21-be8...

95 B
865 B

76ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sat, 07 Aug 2021 15:11:16 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:16 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b079c7b8-12cf-44ae-bea1-c0c8f61e281a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8563344052665610748&pid=12763&ref=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&hn_ver=18&fid=da36529c-3af8-4a21-be85-df4259ac7926
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 8463 0
214 B 132ms
34ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=4b9a601eaf157baa&gdpr=0
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 8463
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dda36529c-3af8-4a21-be85-df4259ac7926&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=da36529c-3af8-4a21-be85-df4259ac7926&gdpr=0&cklb=1

0
75 B

48ms
26ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=da36529c-3af8-4a21-be85-df4259ac7926&gdpr=0&cklb=1
Requested by: Host: news8.de
URL: https://news8.de/tags/970/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:16 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=da36529c-3af8-4a21-be85-df4259ac7926&gdpr=0&cklb=1
pragma: no-cache
date: Sat, 07 Aug 2021 15:11:16 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 8463
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=da36529c-3af8-4a21-be85-df4259ac7926
https://s.cpx.to/ca.png?dsp=dbm&fid=da36529c-3af8-4a21-be85-df4259ac7926&google_gid=CAESEBoAhWmbiCp_0SDLTCXVvEU&google_cver=1

95 B
804 B

110ms
31ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=da36529c-3af8-4a21-be85-df4259ac7926&google_gid=CAESEBoAhWmbiCp_0SDLTCXVvEU&google_cver=1

Requested by

Host: news8.de
URL: https://news8.de/tags/970/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sat, 07 Aug 2021 15:11:15 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=da36529c-3af8-4a21-be85-df4259ac7926&google_gid=CAESEBoAhWmbiCp_0SDLTCXVvEU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/ Frame 32EE 5 KB
1 KB 19ms
18ms Stylesheet
text/css 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 12:03:20 GMT
etag: "1564275050-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1400

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 32EE 32 KB
8 KB 19ms
18ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 14:05:18 GMT
etag: "3435361896-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 32EE 1 KB
1019 B 20ms
19ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=3974821&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 6b6a534121f800ed3e28fe63358783e98c499cde5bb5ace1473eda34c907f0ec

Request headers

Referer: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 17:11:15 +0200
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/ Frame 5FBA 5 KB
1 KB 18ms
18ms Stylesheet
text/css 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 12:03:20 GMT
etag: "1564275050-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1400

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 5FBA 32 KB
8 KB 21ms
20ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: br
last-modified: Tue, 27 Jul 2021 14:05:18 GMT
etag: "3435361896-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 5FBA 1 KB
1019 B 20ms
19ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=3974816&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 2b2163725f2a157ed84dd708a1a8acaa041e6c05e94d8d045c32ab4c31ca9376

Request headers

Referer: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 17:11:15 +0200
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 2CCA 83 KB
27 KB 48ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Aug 2021 15:11:15 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 32EE 19 B
392 B 20ms
20ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=3974821&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974813%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D4%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/89.0.4389.72%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1245948631%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=6993706019335962984&wi=34424918&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974821&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 17:11:15 +0200
server: ADITIONSERVER v1.0
etag: 6993706023617167721
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
content-length: 19
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 5FBA 19 B
401 B 20ms
19ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=3974816&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974813%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D495573400%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D929%2526size%253D4%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/89.0.4389.72%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1245948631%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=6993706019335962984&wi=34424918&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974816&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D495573400%26e%3D0%26s%3D0%26p%3D0%26sid%3D929%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1245948631&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 17:11:15 +0200
server: ADITIONSERVER v1.0
etag: 6993706023617429865
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
content-length: 19
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 10A2 11 KB
5 KB 13ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news8.de

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=news8.de
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4.adfarm1.adition.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4.adfarm1.adition.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1823
set-cookie: uid=fe316734-d99f-4531-ae78-db5100e79fee; expires=Thu, 01 Sep 2022 15:11:15 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sat, 07 Aug 2021 15:11:15 GMT
content-length: 4664

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 2CCA 83 KB
27 KB 37ms
13ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://ad4.adfarm1.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:15 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Aug 2021 15:11:15 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 10A2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=0&topUrl=news8.de
https://mug.criteo.com/sid?cpp=U5zl4HxhZ1lNMWUwWFR3cThkZ2VDOEJmZ0dHaGFkVUJ3SWxLemhpWUpuTnhvSXpiTjdPSDllNjVUZ3UzNDBqRWFpQ293M09Kemdsa1gyY21hRzBydktValpxNFIyVzRXU1Z3cUZJeGQydUVCM0l5cTFpT29IWThrdzFKbU...

334 B
555 B

58ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=U5zl4HxhZ1lNMWUwWFR3cThkZ2VDOEJmZ0dHaGFkVUJ3SWxLemhpWUpuTnhvSXpiTjdPSDllNjVUZ3UzNDBqRWFpQ293M09Kemdsa1gyY21hRzBydktValpxNFIyVzRXU1Z3cUZJeGQydUVCM0l5cTFpT29IWThrdzFKbUxZNjkwMUJZdWdlU1lnL1hkM1c4QXVXbnJYWHFpdUtQeUN2S2daMHhUNWRQazNsNnIySkxvSkVGZFJZT3VzQ2UyOUZaU1huVEpUeW9WYUJwTWUwR1pacXdYc2hUYWR3PT18&cppv=2

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=495573400&e=0&s=0&p=0&sid=929&size=4&referrer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

110e57503a055fe16b827f983f1723366df17676ac05e650300f3f12e082b55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 07 Aug 2021 15:11:15 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2527
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 07 Aug 2021 15:11:15 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=U5zl4HxhZ1lNMWUwWFR3cThkZ2VDOEJmZ0dHaGFkVUJ3SWxLemhpWUpuTnhvSXpiTjdPSDllNjVUZ3UzNDBqRWFpQ293M09Kemdsa1gyY21hRzBydktValpxNFIyVzRXU1Z3cUZJeGQydUVCM0l5cTFpT29IWThrdzFKbUxZNjkwMUJZdWdlU1lnL1hkM1c4QXVXbnJYWHFpdUtQeUN2S2daMHhUNWRQazNsNnIySkxvSkVGZFJZT3VzQ2UyOUZaU1huVEpUeW9WYUJwTWUwR1pacXdYc2hUYWR3PT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1632
content-length: 455
expires: 0

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 3BC3 63 B
270 B 142ms
45ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOISZmrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.eaDdodmcK4rTOyJfwdjTlfe2Rc7L1eWNNW5BNlYiJ4uy.2tc
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:16 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EDEE 60 KB
61 KB 32ms
32ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_970x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zmpZOOhCPWgwSGI0KhEOhezEiMOIyjV9
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 09:15:25 GMT
server: AmazonS3
age: 65843
etag: "a36c650003d82cecddad8f5c37f2cc75"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 06 Aug 2021 20:53:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61522
x-amz-cf-id: nmeJiC2WKfh28gJY8OxxFhmLV27a1omP8v2f2vpfM-btU1ndUa9u0A==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame EDEE 79 B
374 B 1389ms
36ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOF8IARhk6Hb9LarUqUdHz16rgPtFFg4Jh5DsQs.BN1eNubHb9WJMStbtHjmVxv5icCmVWN9e4WX3NlY5DtTpuy.3Ph&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221628349076%22%2C%22%22%2C%22%22%2C%22%22%2C%221636125076%22%2C%22oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250%22%5D%7D&wgchecksum=c0a89107dc120d673043f58c9681709c&userIP=213.232.87.179&doAffectv=1&wgtime=1628349076
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_970x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:17 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame EDEE 25 KB
26 KB 6227ms
31ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__asuidoxTjMhA6o8PygHStHQ2-DFq0gbp5Um03asuid__webplexmedia_advancedad_728x90&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=970&d=250&e=&g=640c82c91c4dc9914ac60efb45ae686b%2F5546294418706596526&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_970x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:22 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame EDEE 63 B
270 B 1110ms
42ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOF8__iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KBSIdI_FeAiwnwdMtFTxYMJ5tFFg4K1kl1BNlY6RjPxU..AMS
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:17 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 62F8 60 KB
61 KB 32ms
31ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zmpZOOhCPWgwSGI0KhEOhezEiMOIyjV9
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 09:15:25 GMT
server: AmazonS3
age: 65843
etag: "a36c650003d82cecddad8f5c37f2cc75"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 06 Aug 2021 20:53:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61522
x-amz-cf-id: Tob8tJeQS0SBdaqcDf69sR1alrRys74e6-kD9ErCkdKjqyJ2sRYrwQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 62F8 79 B
374 B 1266ms
34ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOF.IARhk6Hb9LarUqUdHz16rgPtFFg4Jh5Dufs.BN1eNubHb9WJMStbtHjmVxv5icCmVWN9e4WX3NlY5DtFMfs.EyU&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221628349076%22%2C%22%22%2C%22%22%2C%22%22%2C%221636125076%22%2C%22oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=d56e958e318fe4cf7291e76d2126367f&userIP=213.232.87.179&doAffectv=1&wgtime=1628349076
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:17 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 62F8 25 KB
26 KB 5927ms
31ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid61eTef3feAxfeHmHYtktxVmsmt1T2doneid__asuiddZ7sJQAsHXYTEQa78FjkwfZRXrrZB2bUasuid__UIMOesterreich_advancedad_300x250&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14044%2C15573&b=q7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQ%2Cdr4tEfkf4BEuEHjHwtEtKQjFKtRtGg7%2CWwEUrfdf2zmSYH5Hjtxt3eGt7twtJ3M&f=R4zugfQf31rSkHwH3tzC7KJfWtxtm5e%2CKAzuRfZfKAJT5HMHktzCgGquKtrtwQr%2C5kZuXfEfDrYFpH7HMtkC5X1fbtktV37&c=300&d=250&e=&g=154f20b2da25856f41348670a7a3130e%2F5336100232677426910&i=27720%2C25007%2C26474&j=21%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:22 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3BC3 16 B
232 B 87ms
86ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:17 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 932ms
31ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:17 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 62F8 63 B
270 B 1069ms
44ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOF._0Rhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtQs.BN1eNubHb9WJMStbtHjmVxv5icCmVWN9e4WX3NlY5DtFMfs.1wv
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:17 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EDEE 16 B
232 B 105ms
104ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:17 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 97ms
32ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:17 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 62F8 16 B
232 B 94ms
94ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:17 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 32ms
32ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:17 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9A37 60 KB
61 KB 31ms
31ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_970x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zmpZOOhCPWgwSGI0KhEOhezEiMOIyjV9
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 09:15:25 GMT
server: AmazonS3
age: 65844
etag: "a36c650003d82cecddad8f5c37f2cc75"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 06 Aug 2021 20:53:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61522
x-amz-cf-id: sIO3IulwYh3-D-s-8vNop-8UgF6jKKehC4traIaFNkOP5dH99BwC7A==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 9A37 79 B
374 B 257ms
34ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOOTeVMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiey.25.eaDdodmcK4rTOyJfwgjjNpp0iJ3A0KFgBFY5BNlrAqjMk.9Pk&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221628349077%22%2C%22%22%2C%22%22%2C%22%22%2C%221636125077%22%2C%22oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250%22%5D%7D&wgchecksum=2ea919995a31b0d63b222d328df8d947&userIP=213.232.87.179&doAffectv=1&wgtime=1628349077
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_970x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:18 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 9A37 25 KB
26 KB 4993ms
31ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__asuidoxTjMhA6o8PygHStHQ2-DFq0gbp5Um03asuid__webplexmedia_advancedad_728x90&wglinkid=3247721
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_970x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_970x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:22 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 9A37 63 B
270 B 44ms
44ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOOTc2MAR0odm_dhrxbuJjkWxv5iJ3A0KAGYilV.lV9dYeS9Re4GSraU_9zAAvqCSFQ_01kKJA237lY5BSmxfpw.CiB
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:17 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1EE9 60 KB
61 KB 31ms
31ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zmpZOOhCPWgwSGI0KhEOhezEiMOIyjV9
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 09:15:25 GMT
server: AmazonS3
age: 65845
etag: "a36c650003d82cecddad8f5c37f2cc75"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 06 Aug 2021 20:53:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61522
x-amz-cf-id: RwHCEETRJKWeaJesbn-4j_xoAjwz16nyMcQkPzWs6QfU3ft-6Ak5Qw==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 1EE9 79 B
374 B 13005ms
39ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOTeo4mr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_jV.lV9dYeS9Re4GSraU_9zApxv5icCmVWN9e4WX3NlY5DtFMfs.BpY&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221628349077%22%2C%22%22%2C%22%22%2C%22%22%2C%221636125077%22%2C%22oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250%22%5D%7D&wgchecksum=ac6a512e94d0b6b8b35fde1f3b39f8ee&userIP=213.232.87.179&doAffectv=1&wgtime=1628349077
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 64c0f240c3d024bcba2a9a327a596f5392be33be8ec23a04045423daf224287c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:30 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 1EE9 25 KB
26 KB 4814ms
31ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__asuidoxTjMhA6o8PygHStHQ2-DFq0gbp5Um03asuid__webplexmedia_advancedad_728x90&wglinkid=3247721
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidR4zugfQf31rSkHwH3tzC7KJfWtxtm5eoneid__webplexmedia_advancedad_300x250&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5hzt3tAWQoneid__webplexmedia_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:22 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 1EE9 63 B
270 B 95ms
41ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcOTg7FMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.eaDdodmcK4rTOyJfwjMrgPuVr914VecL57GY5BNv_0TjV..rO
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:18 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9A37 16 B
232 B 105ms
105ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 32ms
31ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame D18D 0
421 B 84ms
29ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28Jg0te9VhwlZN38auY8jEd8%253D&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-AK-INITIAL-GEO: CC:[NL], RC:[], CN:[EU], CIP:[213.232.87.179], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://news8.de
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sat, 07 Aug 2021 15:11:18 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 37E6 0
421 B 115ms
31ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-AK-INITIAL-GEO: CC:[NL], RC:[], CN:[EU], CIP:[213.232.87.179], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://news8.de
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sat, 07 Aug 2021 15:11:18 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 8463 0
421 B 143ms
29ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fnews8.de%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28H13BRAciOl8uxPXN3%252BUTOk%253D&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news8.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-AK-INITIAL-GEO: CC:[NL], RC:[], CN:[EU], CIP:[213.232.87.179], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://news8.de
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sat, 07 Aug 2021 15:11:18 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ Frame 32F7 0
432 B 178ms
36ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fmedia.blackbeats.fm%2F%3Fsess%3DlScuUtCfIm4q3XH5AJH28LVj3O7Zj6TTUa6vDFqIiws%253D&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://media.blackbeats.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:18 GMT
X-AK-INITIAL-GEO: CC:[NL], RC:[], CN:[EU], CIP:[213.232.87.179], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://media.blackbeats.fm
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sat, 07 Aug 2021 15:11:18 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1EE9 16 B
232 B 109ms
109ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 31ms
31ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:18 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H/1.1

200
OK

Cookie set beacon Show response
ap.lijit.com/ Frame D7CB
Redirect Chain

https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=
https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1

5 KB
2 KB

20ms
20ms

Document
text/html

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=261720&uid=themoneytizer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 8f9c468f5fcdbd66391a27b735f0a38e29f7119d6790d7c6ad71fb492974ac50

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://media.blackbeats.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=4630bf26c217f6a8ef5034b0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://media.blackbeats.fm/

Response headers

Server: nginx
Date: Sat, 07 Aug 2021 15:11:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxdkDkSwzAMxP6i2kXEQ1rma5n83bHjhiihobBLfsYc77lM4RmyY9iNlal14VqdveOenecLDN3%2B61Tpuriqdp%2F4vQgOVBAyhE4KcILhM%2F5HIxUaIt%2BenbzMbt59R0deIC%2FgT8xnu8f3BB9VVjo%3D;Path=/;Domain=.lijit.com;Expires=Sun, 07-Aug-2022 15:11:22 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=4630bf26c217f6a8ef5034b0;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ams1

Redirect headers

Server: nginx
Date: Sat, 07 Aug 2021 15:11:22 GMT
Content-Length: 0
Set-Cookie: ljt_reader=4630bf26c217f6a8ef5034b0;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap3ams1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=

43 B
934 B

337ms
22ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:22 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK svr
match.prod.bidr.io/cookie-sync/ Frame D7CB 43 B
430 B 138ms
36ms Image
image/gif 52.49.238.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.238.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

reporting
ap.lijit.com/dsp/google/ Frame D7CB
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=NDYzMGJmMjZjMjE3ZjZhOGVmNTAzNGIw&gdpr=1
https://ap.lijit.com/dsp/google/reporting?gdpr=1

43 B
567 B

25ms
25ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT

43 B
930 B

120ms
21ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:23 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=_5r5nKiZ8Jjkz6_K-p_kzv6aqsrkn_jNqskMx-UL

43 B
964 B

379ms
19ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=_5r5nKiZ8Jjkz6_K-p_kzv6aqsrkn_jNqskMx-UL
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=_5r5nKiZ8Jjkz6_K-p_kzv6aqsrkn_jNqskMx-UL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame D7CB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t

0
0

32ms
32ms

Image
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame D7CB 0
0 19ms
15ms Image
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame D7CB
Redirect Chain

https://um.simpli.fi/lj_match?r=1628349082888&gdpr=1&gdpr_consent=
https://um.simpli.fi/no_match_opted_out

0
272 B

17ms
16ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 07 Aug 2021 15:11:26 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sat, 07 Aug 2021 15:11:25 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Fri, 06 Aug 2021 15:11:25 GMT

GET tum
ums.acuityplatform.com/ Frame D7CB 0
0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=QvAb2rGNxInjsEojo9DM&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
https://ce.lijit.com/merge?pid=86&3pid=QvAb2rGNxInjsEojo9DM&pi=sovrn&gdpr_consent=&gdpr=1&tc=1&dnr=1

0
433 B

21ms
21ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=QvAb2rGNxInjsEojo9DM&pi=sovrn&gdpr_consent=&gdpr=1&tc=1&dnr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:26 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:26 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=86&3pid=QvAb2rGNxInjsEojo9DM&pi=sovrn&gdpr_consent=&gdpr=1&tc=1&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D7CB 0
239 B 1426ms
105ms Image
image/gif 69.173.151.80
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.151.80 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
Content-Type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=1871316022223639565

43 B
2 KB

22ms
22ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=1871316022223639565
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:24 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=1871316022223639565
Date: Sat, 07 Aug 2021 15:11:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D7CB
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NDYzMGJmMjZjMjE3ZjZhOGVmNTAzNGIw&gdpr=1

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NDYzMGJmMjZjMjE3ZjZhOGVmNTAzNGIw&gdpr=1

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NDYzMGJmMjZjMjE3ZjZhOGVmNTAzNGIw&gdpr=1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=49&3pid=lLKchT9eD4PH&ev=1&pid=558511&gdpr_consent=&gdpr=1

43 B
2 KB

17ms
17ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=49&3pid=lLKchT9eD4PH&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ce.lijit.com/merge?pid=49&3pid=lLKchT9eD4PH&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84459f4bbf-bf4hn
expires: -1

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=

43 B
2 KB

25ms
25ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:23 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D7CB 0
239 B 352ms
29ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame D7CB 43 B
146 B 1339ms
23ms Image
image/gif 3.121.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.111.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-111-29.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=97bbb535-044e-468b-9f0c-77ec36f9dbf2

43 B
2 KB

19ms
18ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=97bbb535-044e-468b-9f0c-77ec36f9dbf2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=97bbb535-044e-468b-9f0c-77ec36f9dbf2
Date: Sat, 07 Aug 2021 15:11:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame D7CB
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6816354831067533009&ref=%2Feucm%2Fp%2Fsv
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

23ms
23ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
data.adsrvr.org/track/cmf/ Frame D7CB 70 B
264 B 35ms
33ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=4630bf26c217f6a8ef5034b0&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=dd6d610e-a29b-4800-8a8b-998825f3d822&gdpr=1&gdpr_consent=

43 B
2 KB

19ms
19ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=dd6d610e-a29b-4800-8a8b-998825f3d822&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:23 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:13:35 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=dd6d610e-a29b-4800-8a8b-998825f3d822&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 07 Aug 2021 15:13:34 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D7CB
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=4630bf26c217f6a8ef5034b0&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:0efe82cd0b8366e646ecd3cd47201e8e

43 B
2 KB

21ms
21ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:0efe82cd0b8366e646ecd3cd47201e8e
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:24 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sat, 7 Aug 2021 15:11:23 GMT
server: Aorta/20210715-1901da7
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
Location: https://ce.lijit.com/merge?pid=84&3pid=c:0efe82cd0b8366e646ecd3cd47201e8e
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-20-249.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H2 200 0608867b Show response
rtb.gumgum.com/usync/ Frame 0431 4 KB
2 KB 3140ms
46ms Document
text/html 52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3edd1b207393c64f5edf062c170c441e9aa89dd99d12bee1309328f1f4d87983

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_eb02cd62-cd0e-4600-b20f-394955628b3a; Domain=.gumgum.com; Expires=Sun, 07-Aug-2022 15:11:26 GMT; Path=/; Secure; SameSite=None
etag: W/"0cbfb3e409bbfb4599034855b0b7d31af"
timing-allow-origin: *
content-encoding: gzip

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame 38F7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...

776 B
811 B

23ms
23ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 96bec150eeeca6e42b80995dced2129f266adaa80f38d599b851625cc8e1e208

Request headers

:method: GET
:authority: us-u.openx.net
:scheme: https
:path: /w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=a8eafb87-87b6-0f4a-2b4a-309435689956|1628349085
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=a8eafb87-87b6-0f4a-2b4a-309435689956|1628349085; Version=1; Expires=Sun, 07-Aug-2022 15:11:26 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628349086|gekin0vNiygu; Version=1; Expires=Sun, 22-Aug-2021 15:11:26 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.213.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: text/html
content-length: 476
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=a8eafb87-87b6-0f4a-2b4a-309435689956|1628349085; Version=1; Expires=Sun, 07-Aug-2022 15:11:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.213.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date: Sat, 07 Aug 2021 15:11:25 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B4BC 14 KB
5 KB 1079ms
23ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=130177
expires: Mon, 09 Aug 2021 03:21:00 GMT
date: Sat, 07 Aug 2021 15:11:23 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set merge Show response
ce.lijit.com/ Frame 4649
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=1&3pid=3303476057242999071&gdpr=1&gdpr_consent=

43 B
942 B

314ms
21ms

Document
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=1&3pid=3303476057242999071&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: ce.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ap.lijit.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=4630bf26c217f6a8ef5034b0; ljtrtbexp=eJxdkDkSwzAMxP6i2kXEQ1rma5n83bHjhiihobBLfsYc77lM4RmyY9iNlal14VqdveOenecLDN3%2B61Tpuriqdp%2F4vQgOVBAyhE4KcILhM%2F5HIxUaIt%2BenbzMbt59R0deIC%2FgT8xnu8f3BB9VVjo%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

Server: nginx
Date: Sat, 07 Aug 2021 15:11:23 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: _ljtrtb_1=3303476057242999071;Path=/;Domain=.lijit.com;Expires=Sun, 07-Aug-2022 15:11:23 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdkDkSwzAMxP6i2kXEQ1rma5n83bHjhiihobBLfsYc77lM4RmyY9iNlal14VqdveOenecLDN3%2B61Tpuriqdp%2F4vQgOVBAyhE4KcILhM%2F5HIxUaIt%2BenbzMbt59R0deIC%2FgT8xnu8f3BB9VVjo%3D;Path=/;Domain=.lijit.com;Expires=Sun, 07-Aug-2022 15:11:23 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=4630bf26c217f6a8ef5034b0;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap3ams1

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=3303476057242999071; Domain=.turn.com; Expires=Thu, 03-Feb-2022 15:11:22 GMT; Path=/; Secure; SameSite=None
location: https://ce.lijit.com/merge?pid=1&3pid=3303476057242999071&gdpr=1&gdpr_consent=
content-length: 0
date: Sat, 07 Aug 2021 15:11:22 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DFA1 14 KB
5 KB 1078ms
25ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=261720&gdpr_consent=&us_privacy=&dnr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ap.lijit.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ap.lijit.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=130177
expires: Mon, 09 Aug 2021 03:21:00 GMT
date: Sat, 07 Aug 2021 15:11:23 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B4BC 0
42 B 79ms
23ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27612703&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:24 GMT
content-length: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 38F7
Redirect Chain

https://ce.lijit.com/merge?pid=76&3pid=17a81a1e-c485-0ab0-3620-4eda29fe95f9&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=76&3pid=17a81a1e-c485-0ab0-3620-4eda29fe95f9&gdpr=1&gdpr_consent=&dnr=1

0
433 B

17ms
16ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=17a81a1e-c485-0ab0-3620-4eda29fe95f9&gdpr=1&gdpr_consent=&dnr=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:26 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:26 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=76&3pid=17a81a1e-c485-0ab0-3620-4eda29fe95f9&gdpr=1&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 38F7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=503b610e-a29e-4f00-83b1-7b0906ca274b

43 B
106 B

26ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=503b610e-a29e-4f00-83b1-7b0906ca274b
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 07 Aug 2021 15:13:38 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=503b610e-a29e-4f00-83b1-7b0906ca274b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 07 Aug 2021 15:13:37 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 38F7
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hcS8atLHtWqexbU8gc2haYvH6T6elLk_gc3Q6xji

43 B
180 B

27ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hcS8atLHtWqexbU8gc2haYvH6T6elLk_gc3Q6xji
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hcS8atLHtWqexbU8gc2haYvH6T6elLk_gc3Q6xji
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 38F7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8374526786484615130

43 B
106 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8374526786484615130
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8374526786484615130
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 38F7 70 B
264 B 34ms
33ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=7b46c4de-2e31-30bd-719c-f87c514faaab&gdpr=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 38F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTcyOTE3MTQtZTc0Ni02ZTE5LTY0N2MtYTJjNTliYWQ2NGNi
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTcyOTE3MTQtZTc0Ni02ZTE5LTY0N2MtYTJjNTliYWQ2NGNi&google_tc=

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTcyOTE3MTQtZTc0Ni02ZTE5LTY0N2MtYTJjNTliYWQ2NGNi&google_tc=

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTcyOTE3MTQtZTc0Ni02ZTE5LTY0N2MtYTJjNTliYWQ2NGNi&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 38F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGkPnktS_oxd0evASSXDs2g&google_cver=1

43 B
106 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGkPnktS_oxd0evASSXDs2g&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGkPnktS_oxd0evASSXDs2g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=5006092630810152960

35 B
237 B

44ms
44ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=5006092630810152960
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:26 GMT
X-Proxy-Origin: 213.232.87.179; 213.232.87.179; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 623e0f37-186e-4634-a877-4ea9140fded9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=5006092630810152960
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0431 43 B
145 B 24ms
23ms Image
image/gif 3.121.111.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_eb02cd62-cd0e-4600-b20f-394955628b3a&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.111.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-111-29.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK sync
sync.srv.stackadapt.com/ Frame 0431 43 B
168 B 440ms
109ms Image
image/gif 54.209.16.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.16.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-16-83.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:26 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_eb02cd62-cd0e-4600-b20f-394955628b3a&gdpr=1&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1

35 B
237 B

36ms
35ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

40ms
39ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=Bt7m3Q9bsgxi&ev=1&pid=558355

35 B
237 B

41ms
40ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=Bt7m3Q9bsgxi&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=Bt7m3Q9bsgxi&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84459f4bbf-zpmjb
expires: -1

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 0431
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_eb02cd62-cd0e-4600-b20f-394955628b3a&obuid=ENC(C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzUyNkMxQzUtMDkwOS00Mjg3LUFDOUYtMUMyQTc3RDU4MTRE&gdpr=0&gdpr_consent=PM_CONSENT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DC6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP%2...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP&uid=C526C1C5-0909-4287-AC9F-1C2A77D5814D

0
311 B

96ms
95ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP&uid=C526C1C5-0909-4287-AC9F-1C2A77D5814D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:27 GMT
Cache-Control: no-cache
X-TraceId: 4fff8000e5508f18c5494a470d161966
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=C6njWQomBiTT47lPCwdYbPe8m53KXAra7UnE6iCCL7cvUzqlVrP2GlUqa9dC6UEP&uid=C526C1C5-0909-4287-AC9F-1C2A77D5814D
date: Sat, 07 Aug 2021 15:11:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=8c7b60ae-0624-08eb-16e7-e891991fabed

35 B
237 B

40ms
40ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=8c7b60ae-0624-08eb-16e7-e891991fabed
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=8c7b60ae-0624-08eb-16e7-e891991fabed
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-Hh5eNcJE2pc9e4zXRPx5CAM8UCc6_ld0WM6t~A

35 B
237 B

40ms
39ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-Hh5eNcJE2pc9e4zXRPx5CAM8UCc6_ld0WM6t~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 07 Aug 2021 15:11:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-Hh5eNcJE2pc9e4zXRPx5CAM8UCc6_ld0WM6t~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
https://rtb.gumgum.com/usersync?b=vnt&i=bc2b8769-f791-11eb-9319-5dd081209fa4

35 B
237 B

43ms
43ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=bc2b8769-f791-11eb-9319-5dd081209fa4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=bc2b8769-f791-11eb-9319-5dd081209fa4
Date: Sat, 07 Aug 2021 15:11:25 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: bc2b876a-f791-11eb-9319-5dd081209fa4

GET
H2 204 services
sync.technoratimedia.com/ Frame 0431 0
294 B 320ms
103ms Image
text/plain 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 626451452
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 0431 0
44 B 291ms
96ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:25 GMT
content-length: 0
server: a

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=87b516b0-6484-406a-a3e2-6c92148d9d3a

35 B
237 B

39ms
39ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=87b516b0-6484-406a-a3e2-6c92148d9d3a
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=87b516b0-6484-406a-a3e2-6c92148d9d3a
date: Sat, 07 Aug 2021 15:11:26 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 0431
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=1353685855538548563&gdpr=1&gdpr_consent=

35 B
237 B

39ms
39ms

Image
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=1353685855538548563&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=1353685855538548563&gdpr=1&gdpr_consent=
date: Sat, 07 Aug 2021 15:11:25 GMT
content-length: 0

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 0431 43 B
677 B 18ms
18ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=36&3pid=e_eb02cd62-cd0e-4600-b20f-394955628b3a
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:26 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1FB0 14 KB
5 KB 27ms
24ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=130174
expires: Mon, 09 Aug 2021 03:21:00 GMT
date: Sat, 07 Aug 2021 15:11:26 GMT
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 52DB 70 B
264 B 35ms
33ms Document
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BF94
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

1069ms
22ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 07 Aug 2021 15:11:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=gumgum
Date: Sat, 07 Aug 2021 15:11:26 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 4E20
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=503b610e-a29e-4f00-83b1-7b0906ca274b&gdpr=1&gdpr_consent=

35 B
237 B

40ms
39ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=503b610e-a29e-4f00-83b1-7b0906ca274b&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=503b610e-a29e-4f00-83b1-7b0906ca274b&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_eb02cd62-cd0e-4600-b20f-394955628b3a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 07 Aug 2021 15:13:38 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master cdg-pixel-x27
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=503b610e-a29e-4f00-83b1-7b0906ca274b&gdpr=1&gdpr_consent=
Expires: Sat, 07 Aug 2021 15:13:37 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame FE06
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg
https://rtb.gumgum.com/usersync?b=atm&i=YQ6ingADS2VZ0ABg&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg

35 B
237 B

39ms
39ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YQ6ingADS2VZ0ABg&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YQ6ingADS2VZ0ABg&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_eb02cd62-cd0e-4600-b20f-394955628b3a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YQ6ingADS2VZ0ABg&gdpr=1&gdpr_consent=&_test=YQ6ingADS2VZ0ABg
accept-ranges: bytes
date: Sat, 07 Aug 2021 15:11:26 GMT
via: 1.1 varnish
x-served-by: cache-fra19132-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1628349086.236902,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame 520C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent=&google_tc=

170 B
188 B

31ms
31ms

Document
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent=&google_tc=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sat, 07 Aug 2021 15:11:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lYjAyY2Q2Mi1jZDBlLTQ2MDAtYjIwZi0zOTQ5NTU2MjhiM2E=&gdpr=1&gdpr_consent=&google_tc=
date: Sat, 07 Aug 2021 15:11:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 364
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Aug-2021 15:26:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4B75 0
0 569ms
105ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Sat, 07 Aug 2021 15:11:26 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 3F07 0
0 1149ms
32ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sat, 07 Aug 2021 15:11:26 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 23E5
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YQ6in8Co8XkAAKzakOoAAAAA

35 B
237 B

40ms
40ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YQ6in8Co8XkAAKzakOoAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YQ6in8Co8XkAAKzakOoAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_eb02cd62-cd0e-4600-b20f-394955628b3a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 07 Aug 2021 15:11:27 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sat, 07 Aug 2021 15:11:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YQ6in8Co8XkAAKzakOoAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 3
X-SO-HostName: a-ad40365.dc2p.scaleout.jp
X-SO-LB-Hostname: m-tgng21.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":49,"gdpr":true,"ipv4":"0.0.0.0","key":"YQ6in8Co8XkAAKzakOoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40365"}
X-SO-Key: YQ6in8Co8XkAAKzakOoAAAAA
X-SO-IP: 213.232.87.179
X-SO-Cluster-ID: 49
X-SO-Upstream-ID: a-ad40365

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 22E2
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1870471597262945537

35 B
237 B

51ms
51ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1870471597262945537
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1870471597262945537
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_eb02cd62-cd0e-4600-b20f-394955628b3a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 07 Aug 2021 15:11:26 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDcyM7I0MTU1NhfiM9SNSkv390oJLUjSdfGR4jU0M7IwNrE0sDAzMDcFAHj6TzE0AAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 1 Sep 2022 15:11:26 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDcyM7I0MTU1NhfiM9SNSkv390oJLUjSdfEBANrpMOUlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRhbGJpYGFmYG4KAEhYBSEQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 1 Sep 2022 15:11:26 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1870471597262945537
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D5E5
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://rtb.gumgum.com/usersync?b=rth&i=QvAb2rGNxInjsEojo9DM&pi=gumgum

35 B
237 B

39ms
39ms

Document
image/gif

52.48.175.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=QvAb2rGNxInjsEojo9DM&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.175.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-175-241.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=QvAb2rGNxInjsEojo9DM&pi=gumgum
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_eb02cd62-cd0e-4600-b20f-394955628b3a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 07 Aug 2021 15:11:26 GMT Sat, 07 Aug 2021 15:11:26 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=QvAb2rGNxInjsEojo9DM&pi=gumgum
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1FB0 0
39 B 24ms
24ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97152980&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:26 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BF94 31 KB
10 KB 25ms
24ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3ad2ea68c40d3bb8c4594683dfd2d2b4ff59433d50672f7408d5a3365dbeb5d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33937
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Sun, 08 Aug 2021 00:37:04 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame BF94 284 B
536 B 26ms
25ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H2 200 sl.php Show response
view.webplexmedia.de/ Frame F4AD 384 B
442 B 22ms
22ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/sl.php?key=NTcw

Requested by

Host: news8.de
URL: http://news8.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

a6afa2d71945f652880192863aae765c0613fd01a19153d50a6749707df5515b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /sl.php?key=NTcw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 07 Aug 2021 15:11:31 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 57fgjj6v.js Show response
ad4m.at/ Frame F4AD 50 KB
17 KB 43ms
43ms Script
application/javascript 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/sl.php?key=NTcw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SjuJeA==, md5=dBIldq7RXXcz7eaVIvNB9g==
date: Sat, 07 Aug 2021 15:11:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10770
cf-polished: origSize=51099
x-guploader-uploadid: ABg5-UwzA1NP8biqno9Vaw0xTHoQmMvdJSR3x4G4jlcyEre9GG3n_HHRfNro3w5eawMode2puXzLIQE75TJzztyz1d4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 14 Jun 2021 12:10:52 GMT
server: cloudflare
etag: W/"74122576aed15d7733ede69522f341f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v67wuG3FBr9s5uGYA%2FzFzxb%2BgqjjeI1n8S1zS7xgVjqi8MZRaMxCUJ9Mjke95ciHmxUzsuSeLELnqtjMIu1IEnndvjJptxqYr7mghaijEgmWpslYSAH1gV0PLwpDjwxAWAjx%2BBY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623672651995370
content-type: application/javascript; charset=utf-8
expires: Sat, 07 Aug 2021 12:12:01 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16036
cf-ray: 67b1701b0f0a645b-FRA
cf-bgj: minify

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 5774 2 KB
2 KB 17ms
17ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:31 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sat, 07 Aug 2021 16:11:31 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1188933
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlDp%2FgF3gkwY4gNwyeGTg3uw02l%2Ff8g0PiGcJOWfkslztmq99abjvpLF4f1lCt4WvJBafFyepcaALDCVUmSGNJcbsSvi6AIxjN1SduX3C6cjrPlHMVlbLo35JfbS7FMUN5%2BOC%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67b1701b6ffe2c2e-FRA
content-encoding: br

POST
H3-29 200 rs Show response
ad4m.at/ Frame F4AD 435 B
913 B 24ms
23ms XHR
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f5223253b26b67e1ac0758fd9c7e252a82d0058fbd20b83e15d75a7ae343fa

Request headers

Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67b1701bba314a5b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZwNVUYYnSWekcwd4fEaYJpg9Ppd1v%2FXv9153z8J9iXsKWt6aLyxuy0LLrF4%2FlE2QyzdUAvA%2FMi5Ae8X3BsfaYCIWgErGRa6k3xllMTJh6z7R9M3HcBzuRT52Ow6XDS4J6f4C1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

OPTIONS
H3-29 200 rs
ad4m.at/ Frame 0
0 17ms
17ms Preflight
text/plain 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3-29
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:31 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: rs-v23g
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfh%2FZoFJziWdhPIIm62ZDSKBw5EKTTDB%2BbznzmgGroDs44mXpg3D%2FCNQZMSzdH%2BVcwOe9Mr5oz8AADq3PPHhbXdvqFN9omug9fl2ziIno1q54YRpRaKZoVZ%2B6U8sK%2BTAWv9yu8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67b1701b99ee4a5b-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 7D17 6 KB
4 KB 61ms
60ms Document
text/html 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c96a43c3819f36223a62c3ee58ad21cb4222af5b9b45032e9fa726551f8102

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://view.webplexmedia.de/

Response headers

date: Sat, 07 Aug 2021 15:11:31 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67b1701bdf5f645b-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 7D17 64 KB
8 KB 22ms
21ms Stylesheet
text/css 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:31 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 247301
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: Sat, 07 Aug 2021 16:11:31 GMT
last-modified: Mon, 26 Jul 2021 09:04:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 67b1701c49972c2e-FRA
cf-bgj: minify

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 7D17 38 KB
39 KB 30ms
30ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sat, 07 Aug 2021 15:11:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59147
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdvxFI6PIMe4ABsH5Zga8yQrV-C9IY3Mkz0nzse19fM6eTfbYwUe4pegfYenrCF7L4JkoNiFvrRIIAJVc5tCrw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2Bk2qntHs4EI9%2FxS8rjujF65jGCnBuyo5R49o6TDjH5o2LbRNqgMcxSSUn0EyhJ54TX6xLN0xHpRELx3Of7E5TSg3fErPgEziZq1yipaZbSSk5ImTR%2Fv2RAnkQynMMKjlTLanVD7RvapKNjN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 67b1701c4f85645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 7D17 84 KB
84 KB 31ms
28ms Image
image/jpeg 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sat, 07 Aug 2021 15:11:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1188842
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqKwmi4f6oKwkFsdu9Q7t5j2HGUI2wOaLLBfXSapR5k5nNPyo59600ecnlhv7lwGh0E%2FLzqJl%2FHHTEFgCeMCxUlrkReN2XxId7H33v8hdIZJ3yYRsiyY0ASbby10iJ57mbj0F6uVl6cLaXRA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sun, 08 Aug 2021 15:11:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 67b1701c4f86645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 7D17 9 KB
10 KB 50ms
47ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Sat, 07 Aug 2021 15:11:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57311
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdvS8QmpGcEkonHHSwNd1g0aR_njsD59sYb5PI-ig8dj2BIcHrhksehWeJi2rGLf81GXs71oejs9aUyJJ4zWOgYyKDWOrQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXjHrLgW3HmYlXsFjiITcJz73iXrfaemGAWfV%2FP%2FBKecJNotMsdloNPMmTrErOnJikElr3TLkO7%2BajZV1YlBK73YC36B4HblcuQsrz%2F8Ad4hxYQyOJ1rQHaRcZcySOH9QlbDVg%2BvokpUemxs"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 67b1701c4f87645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 9F8480D91FC90CEC937B7FF94C307232BDE28C4F8D6CC43D5B1B0B57541ECD5622E54A9DE7BDF62469D14A7839BF40A1B33366BEA2926BBB62C8E4AE5BD7F13B
assets.ad4m.at/product_image/ Frame 7D17 17 KB
17 KB 33ms
31ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9F8480D91FC90CEC937B7FF94C307232BDE28C4F8D6CC43D5B1B0B57541ECD5622E54A9DE7BDF62469D14A7839BF40A1B33366BEA2926BBB62C8E4AE5BD7F13B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4acc7be68530c88688a069775a856107c5a32ca9f5582123860913e21f613b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ZlUNKw==, md5=ac5yEgPd5TfDmMe6ou0UDg==
date: Sat, 07 Aug 2021 15:11:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244737
cf-polished: qual=85, origFmt=jpeg, origSize=92320
x-guploader-uploadid: ADPycdvW3TnUf5oFC27wZEal9jp2rNwiZVUfz2jvOLrugGcdT4hg29X6pGhFq2trumhofOkaa87Hbe0sMSfGnFYOFaMhzaN_yA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17214
last-modified: Mon, 08 Mar 2021 11:52:25 GMT
server: cloudflare
etag: "69ce721203dde537c398c7baa2ed140e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdS0iglJVoQUqbmFxpJolHq2puSmMVoYSBUxJ2wlUzDh76Wzs8TqSvquHw1p8CScg8DzNqpxKgNWmHjfqIvMo88et8C0n0uuxEKD7aWf725PoNo0Yj8OwzvOngMSvY%2Fdt%2BZiSL7Qk284win%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615204345005772
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 92320
accept-ranges: bytes
cf-ray: 67b1701c4f88645b-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame 7D17
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021080717113153997436175X117663V1225131106MSoneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_adv...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20210807171131539974361...

43 B
747 B

78ms
27ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021080717113153997436175X117663V1225131106MSoneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250&wfid=117663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Lich, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 15:11:31 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sat, 07 Aug 2021 15:11:31 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021080717113153997436175X117663V1225131106MSoneidKAzuRfZf2b2c5HMHktPtBB3HKtrtwqXoneid__webplexmedia_advancedad_Desktop_300x250&wfid=117663
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 7D17 18 KB
19 KB 39ms
37ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sat, 07 Aug 2021 15:11:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59265
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu8yFNSVixOkzyVy-xS6S5hRAwVn-9Oz6_PXiPiU9sxlRPRwyMKBYIwy26hEHJe9l1jbKPrU_cl315Z4yjT_iCtb-iZ7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf0z8ulDa7WJuoHDIez6dHZ5P5oF5p91lkg2iiK2W2sV100UFt%2BtqeaqQPbTgqTVXwVLJTATkuEcY2MKQ9sPMeZy%2BaCvDiKj82Vx%2FH1h9xm7%2BS%2FrnLONBatsE%2BLcyR56X3AF4gBCsL0sYL8I"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 67b1701c4f89645b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 7D17 2 KB
2 KB 42ms
41ms Image
image/webp 2606:4700:3039::6815:c02f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c02f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sat, 07 Aug 2021 15:11:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58348
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycduJSOyHuUy7cn8Lfj3MDejhvDr0RCV2KoVaOB7hUMeUxS05vwVNd0ugJbC-1EkQVZptxLODte-GtiMt0B0gDYNwW6UaOw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ni9fLhyzsB8LGLoly1dahd%2Bu943I0Oz3Em0xKzmy%2B3PxQDWN%2FEK6DZNht%2F1R86l2lIugdAtJ5s2tuEC5nu0kiHSqzMoJ08W%2Bn6Ju6XVZqQ0T7ZL9nM9eSJ0xfrSqVQo6PYRqhs4KNIt%2Bhzzi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sun, 08 Aug 2021 15:11:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 67b1701c4f8a645b-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7D17 43 B
704 B 56ms
54ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidZkVuwfBf8gXCmHDHDt3t68MUXtJtxeWoneid__webplexmedia_advancedad_Desktop_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 7D17 12 KB
12 KB 104ms
104ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidGzXtBfpfkXRsKHeHGtBCpPDTJtjtek6oneid__webplexmedia_advancedad_Desktop_300x250&viewref=oneidJ6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7oneid__webplexmedia_advancedad_Desktop_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 85782a5de8660637a22e87fcb7dfc89a5daed3f4ceb8391891b739a6e03f03c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:31 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:31 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7D17 60 KB
61 KB 31ms
31ms Script
application/javascript 13.224.96.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidGzXtBfpfkXRsKHeHGtBCpPDTJtjtek6oneid__webplexmedia_advancedad_Desktop_300x250&viewref=oneidJ6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7oneid__webplexmedia_advancedad_Desktop_300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-83.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: zmpZOOhCPWgwSGI0KhEOhezEiMOIyjV9
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 09:15:25 GMT
server: AmazonS3
age: 65858
etag: "a36c650003d82cecddad8f5c37f2cc75"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 06 Aug 2021 20:53:53 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 61522
x-amz-cf-id: fMwekpgEKzbBj14bli0ckFRNm474O8PqaWDEOhCPO6-5DJnEpcvnVQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 7D17 79 B
374 B 36ms
35ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcTlOIB4i.uJtHoqvynx9MsFyxYM914Ve_clrH0Y.0Y.KI6JuJtJ9XvjBz9KyZjjNpp0iJ3A0KFgBFY5BNlr91xU..8Ui&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221628349091%22%2C%22%22%2C%22%22%2C%22%22%2C%221783869091%22%2C%22oneidJ6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7oneid__webplexmedia_advancedad_Desktop_300x250%22%5D%7D&wgchecksum=ed1aeb74088b0456a1e34625f0a3eda0&userIP=213.232.87.179&doAffectv=1&wgtime=1628349091
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidGzXtBfpfkXRsKHeHGtBCpPDTJtjtek6oneid__webplexmedia_advancedad_Desktop_300x250&viewref=oneidJ6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7oneid__webplexmedia_advancedad_Desktop_300x250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Epsom, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:31 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 7D17 85 KB
85 KB 85ms
31ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidp6rf1fgfj9WfKC4HmtztQ7Yhbt7tkmoneid__asuidNb0p3fYxw9F3aPtW4fF9VcsZE1dWMzYHasuid__wortsuchen_advancedad_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24673%2C37798%2C14044&b=J6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7%2CKAzuRfZf2b2c5HMHktPtBB3HKtrtwqX%2CZkVuwfBf8gXCmHDHDt3t68MUXtJtxeW&f=GzXtBfpfkXRsKHeHGtBCpPDTJtjtek6%2CkZjU5f3fwXwc4HwHetmCVVqCPtmtpAB%2C9EzTMfmfYk4UKHBH2tzCVK4t5tRtZmA&c=300&d=250&e=&g=54a65a972806688b87b3f625ebf5188e%2F6700670425995663625&i=20430%2C20773%2C25007&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_Desktop_300x250&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Aug 2021 15:11:31 GMT
Last-Modified: Sat, 07 Aug 2021 15:11:31 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 7D17 63 B
270 B 100ms
46ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1ieFxcTlOF9iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KBSIdI_FeAiwnwdMuHyxYMJ5tFFg4K1kl1BNlY6RcApw.5q_
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 07 Aug 2021 15:11:31 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7D17 16 B
232 B 132ms
132ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 07 Aug 2021 15:11:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 32ms
32ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 07 Aug 2021 15:11:32 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 close.png
view.webplexmedia.de/ 578 B
770 B 249ms
249ms Image
image/png 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/close.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

f99ec5195bb3174b4416402cde79ed86dc28ff5710ef480aa2ba549d10ea6baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 15:11:34 GMT
last-modified: Fri, 04 Dec 2020 00:56:47 GMT
server: nginx
etag: "5fc9894f-242"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 578
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.1.0&cb=13299035964

Domain: ums.acuityplatform.com
URL: https://ums.acuityplatform.com/tum?umid=27&uid=4630bf26c217f6a8ef5034b0&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

3206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:40:45	Name: IDE Value: AHWqTUlou6lpimfDlnxyXcX3FbQZJfW0XYlbe3CANntpTAHyebedKhtGj0mswBWIasY
.pubmatic.com/	1970-01-19 22:28:45	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-19 22:28:45	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 22:28:45	Name: SyncRTB3 Value: 1629504000%3A220
.pubmatic.com/	1970-01-19 20:20:35	Name: KTPCACOOKIE Value: YES
.openx.net/	1970-01-19 20:40:45	Name: pd Value: v2\|1628349086\|gekin0vNiygu
.lijit.com/	1970-01-20 05:04:45	Name: ljt_reader Value: d02c6e4df8b473ac9898798c
.gumgum.com/	1970-01-20 05:04:45	Name: vst Value: e_eb02cd62-cd0e-4600-b20f-394955628b3a
.pubmatic.com/	1970-01-19 22:28:45	Name: KADUSERCOOKIE Value: C526C1C5-0909-4287-AC9F-1C2A77D5814D
.lijit.com/	1970-01-20 05:04:45	Name: _ljtrtb_36 Value: e_eb02cd62-cd0e-4600-b20f-394955628b3a
.openx.net/	1970-01-20 05:04:45	Name: i Value: a8eafb87-87b6-0f4a-2b4a-309435689956\|1628349085

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://consent.cookiefirst.com/banner/324595083/static/js/main.95b1.chunk.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://consent.cookiefirst.com/banner/324595083/static/js/main.95b1.chunk.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: http://news8.de/wp-content/cache/wmac/js/wmac_0e5d43f7f51799ce869ab0581ea01a63.js(Line 5) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad4.adfarm1.adition.com
ad4m.at
ads.pubmatic.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
analytics.webgains.io
aorta.clickagy.com
ap.lijit.com
api.rlcdn.com
api.webgains.io
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.tmyzer.com
c1.adform.net
cdn.jsdelivr.net
ce.lijit.com
ced-ns.sascdn.com
cm.g.doubleclick.net
consent.cookiefirst.com
cookie-matching.mediarithmics.com
creativecdn.com
cs.emxdgt.com
d.turn.com
d2zur9cc2gf1tx.cloudfront.net
data.adsrvr.org
diapi.webgains.com
dpm.demdex.net
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imagesrv.adition.com
jadserve.postrelease.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.blackbeats.fm
mug.criteo.com
mwzeom.zeotap.com
news8.de
onetag-sys.com
p.cpx.to
p.rfihub.com
partner.blau.de
pb.media01.eu
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pool.grid-data.bidswitch.net
portal.blau.de
pr-bh.ybp.yahoo.com
pv.medialead.de
px.owneriq.net
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.cpx.to
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tag.leadplace.fr
tg.socdm.com
token.rubiconproject.com
track.webgains.com
um.simpli.fi
ums.acuityplatform.com
us-u.openx.net
view.webplexmedia.de
ww1097.smartadserver.com
www.awin1.com
www.fesch.tv
www.google.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
bidder.criteo.com
ums.acuityplatform.com
104.109.78.125
104.111.239.217
104.111.242.53
124.146.215.51
13.224.89.192
13.224.96.83
142.250.185.162
145.239.192.166
145.239.193.130
145.239.193.145
150.136.156.92
151.101.14.49
151.139.241.23
159.253.128.183
178.250.2.146
18.195.155.181
18.195.66.88
18.209.200.15
185.184.8.65
185.29.135.227
185.33.220.243
185.33.221.11
185.64.189.110
185.64.189.114
185.64.190.78
185.64.190.79
185.86.137.17
185.86.139.115
185.86.139.93
193.0.160.128
198.148.27.140
2.18.233.180
2.18.233.201
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::13
213.19.147.44
217.79.188.10
217.79.188.46
2600:9000:2190:d400:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700:3039::6815:c02f
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba0b
2a04:4e42:3::485
3.120.52.200
3.121.111.29
3.126.30.34
34.120.133.55
34.194.112.31
34.98.64.218
37.157.4.41
38.91.45.7
46.236.13.147
51.210.32.121
51.38.120.206
51.83.106.180
51.91.68.112
52.19.186.105
52.205.83.58
52.210.129.48
52.215.101.139
52.48.175.241
52.49.238.187
52.58.67.48
52.95.124.165
54.209.16.83
54.217.215.116
54.36.109.183
54.38.64.100
54.77.182.98
62.171.186.137
66.155.71.149
67.202.110.23
69.173.144.138
69.173.151.80
70.42.32.191
72.251.249.9
76.223.111.131
78.46.85.162
81.29.72.47
82.113.101.236
84.200.5.215
88.198.250.30
89.187.169.47
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0071fa71bc6cb76506dfe6863764423ec9e264f8c1c5dce0c440c0a40d8628b4
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02b7260adf2469d0b9280c8d09f76b63a8539b8875403ac39ddd8a99cf68cbb7
056581eb31e79e98718114a4bd8c104cb64eec86bc5a996a28e61220f3aad189
071e057ebecf90a57041908e5d032bd501f8406f00a710380c0a4cfaa760f40b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0eb557b702cc18a1124071f84230da1dce26f0ea1ec3f7e22f8e005cd88c12d8
10ae22aea41981b389e05f80dc63ebf5e77750ce5999f64de95338fa5f40c6e1
10f5223253b26b67e1ac0758fd9c7e252a82d0058fbd20b83e15d75a7ae343fa
110e57503a055fe16b827f983f1723366df17676ac05e650300f3f12e082b55d
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
1466d1cece485b210c057e506ba4faa1f9c1bff3cbd019697f96ddc5b9a69db8
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
15f9c7dcb6d3f3fd50ac55a55f8a4168652122756d7763c13c333c9d4b8a36f0
16605bc846ec9816b10f9e506dbe9a26ffea1edf2ee5e0de128093ec545db85f
178398989662f303ed39ae8a97a0d539cdf6961673b7d62eb8eca5a28511c0a4
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
193a04fa09b754cb1103c7518253baf873320c898ed831c9783e42fae488523e
19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9
1a252ab44aea48932fabadc302800d16dce7195a44326b1bfe94fb5b3ab810f9
1c573c732d2128c552e994da083ff9b3065ba8dec95ba0055a7c095d34ba6006
1c70babefa9822756487660bc9f6efb38bc17af3b652453f469c1b688074e536
1c8c89ff673515f81be106a2ced1a2fe6e33ebc3d5a9ef39c5e9c757c0504bb4
1caed057552470fc3b136842ef9028755423c5d4d6f6171077e9b5b3fe9dbd03
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4480fa7856a1d26bab53c2971742436870c5a29c0a92621ba9e531bfe45d82
1fbb538a17483a9a9eeb8d35b34f819baedb4abb64d923e7215061578b2b0c9d
204f6229b02e0240aa79d280d9feb33e9bf107133e95366b03be92aaa4b604a0
20822478d32f7b9cebbe947fa565a20d155a5f710403e3bbea65ca814dbe8b8b
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405
2791e6c382af1b8b09795a199e1c519fee4c84aa9bb53781c05b6e76d2b46f2c
29183d3d9fdb6d5a2c32f0381bec16adf6d0894ca6eaa95e9166f9bcb18c33ab
291893cd65d7d54aabada9e28527bd80f507821155b8ec42734e061a5bfdeeaf
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2a1f470895f45ab9e7bd67a603458a662c16bd7628d2990cb311b87d0dec5c19
2a3214455e3a5ac54649add67e0bddd593f92fe190a09c22a2270c9bef891a72
2b2163725f2a157ed84dd708a1a8acaa041e6c05e94d8d045c32ab4c31ca9376
2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d27c29095dea63352f123ae16072ffbc141969fd70133b3b7c8cef75f0bcb47
2d2e0f76071588d1746ccbf9ce01eaca39687f28d7d107cf9c4208dc4dd8c994
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1605de7f72eabec783f3059efb1ea733f22f67901f6159a8493c26add76cb3
3631a40b02e37ac72fb723559e041101305586dd6feb9b75dcc7cb9e8d58f7b4
371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91
377f111f5b9b9a0f4b13fbd238493ecf98c07354de272b8558eb4cf8966714ee
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39a38502bcebf638a32652e575476590857fcfe97ba3e62782d49fc589c49fb8
39afb5b43ad3479d74513ef07e307097b124203a2df96ac79465d32fd868c0ac
3ad2ea68c40d3bb8c4594683dfd2d2b4ff59433d50672f7408d5a3365dbeb5d2
3ca4a66e78eefb628ae9d0afce83f347e735dd434b1f6d1b4c49d7418fef176f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edd1b207393c64f5edf062c170c441e9aa89dd99d12bee1309328f1f4d87983
3f12b65a5a2423005f6ddd17e9d293f0ebd2ab88c930052cead1167e709fb271
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
402e513ca34aa6d35bddfcad0de240ea0b0526a043b4f3acf278586b03f14584
4220b8fb111f64113c980bd3e70a5c0f7394cc6bb4f543598e0c5346a34bf4e9
42371e2f0fee6b91ceb589e1407abece69e32e5fe2a59ba6ef80f6b2432407ae
4407cec836d0ba4b3263da5870fb5202b5d4c921ceb174c9f434888ce1f171eb
463d403e36d6bc7e786ff1fb3c179f3b4f3222cc17c19c6bb448214ee125e07f
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
472b824439c2accd891b49625e554376dccf5e689423d419bee76df8efd69ecd
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeade5e9ff2e5890309f3f5c5f5518da108156eb1df7a5c3f7012ccf8f5f6d8
508db7b583e2c8b111568bb31ac669acee7f18ec5c8bc7e75f1867944bdb164a
51ebab3a69faf0b0b1e36725bc67bb1386b3e77c84aafb347a77d4fc7a6ff863
53a1ee0f1371425a273deed2af1b5d1ac4a123774b42d961589a23884d51d9c1
53e39a1601a6dcdbe8ac6e39d302c723232c2fc0a4cd88fa98a19d4eaf1797db
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
54f4d6caa51cea4c738ad9d594dd599a2b0694293a654f017c96a4b69b3fa26b
553afe173b775da39454152ea25a8c9466589690615b2c2466ef654a9b22fba9
568dd1d03aaa979a84f4bb146bc456de281b39b3877dc0a5763d77fabc6fc34a
56add9e00ab92ffe9f87350c2cce58d9a628ca3913a5e33bc04eddd372996a06
58d203996e05bf9a8c19e8e7fe4d2e2fe3d7a776966d92afae16149e5b7c1c2a
5955eb69dbf851dda975c4ec5010fe4a4b3034240fd05584ee5450c8b51db10a
5d1eb630e798831f5c29ac7097b62d07e564af903d76969faf1ecfbc9187596e
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
60413f8e1fc3b0e944a8acff9aa96bf9378cbc803016e7511710e5047edcf31e
62040cfd36fa85db5922aacafc5ae806215c5f219ce1b3caff595ad0fa8f9e4d
624bdc70b073a9b87de97e54222c047b2768328c49cfb4dc94acdbfdbc915bfe
6396d317db8811a77e0bb09dc75b43a9834588aa453e3b51a8d36a89c4dea77c
64c0f240c3d024bcba2a9a327a596f5392be33be8ec23a04045423daf224287c
650ac99ee8a6ef50220f78053e21bcc2c96a8e1a91d3a849f96c358c121b1d84
6634563eec684020fbbbeebc71f8e2f7fd7782e057c6e722abd19116bf8701b2
672837f7c3468f78dc467f095815667f2d257ee045d320ed95a19232937e54ba
67a80e1c7b36aa53913a77e36a8a6ed6e1e2f305e254476efab497ab7b967e69
693da80d296c48fa32c8a41070cdb891f51396d19791a5facc56048053eee1b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6a534121f800ed3e28fe63358783e98c499cde5bb5ace1473eda34c907f0ec
6d65d818e5e9a949560b900fbf950d482e4bc95e15c7e8182ba9da491616ddb2
6eaa1f78cc8a6a02747786d3b8ee49978ce14a40891517a79c5bd250894c1ba5
73f7738878e54c2dd6c2d79edf5763175124049d669c28543b9c80342ce5a17c
7458b398b6bdb94abc1699144ff8a0bc7ba2abda0d0ab04f6a6fa2b3f8732e5b
74ff499538cf591248810e8b569386c5efeec7eaa4ad1c51ba50a3842bdf7266
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7cc57368a0c50a6797e74ba8a99e457997b7280e497630d249913b8e064bac3e
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
8069568a348cd6820a8ec527a547c2c1f370206b9ec21e391563d8a8389aa04b
80dbdaf974f071e3eb7c22d7518cb4ba4cef64e17050f477007ea1fe299b8516
81350bb65207edf71735ba7c2ac1ceb729935fb3bb29336cb245760b9843345a
8156497af6e016c713379e4ecb3006cce8360d92d858eda6924aa40ba917c0fe
83306d07461a372b203197269e2232c11f21677397b9eeed15a7751145fe29f4
83ad7047ef955ca141076e0e6a500e57fc6596cdc5f5ab946e7ed13b4190e530
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85675b21d876f943c9198a07684efa7f2ed055a15905fa408da05b7fc8a24e55
85782a5de8660637a22e87fcb7dfc89a5daed3f4ceb8391891b739a6e03f03c1
85e267b92c6a639a35e54f01bb3bede4ff1bc3ff715bea017e04cc8d3d304abb
86499a701374f3477774f06df9345b25c9db190ab8715b23ea52e6999e5a7bae
86bca6ce011493365eba131df592f31e72f7251d7dd6fa0f1b723d3f107f8f6f
8b6d4698f1d2782fc265615021e4ed826ae859c976dcb8bde5dcb6d85c9bc10a
8ba7bdc71b3de54bebe0a12423eafdd7cb9924fee059f12c94c7b6a636f06a5e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9
8f54026d94ef1734a1a29ea411fd5fb0b09f02b438b799bf1a088485c4ba045d
8f9c468f5fcdbd66391a27b735f0a38e29f7119d6790d7c6ad71fb492974ac50
8fc9caebdbd3c806b3b9e5dacf22f17beb9ff689d9fa39c813187c9551aef4e9
90744aedca6ab38ce7686f085c62e22dc8f0457aa2a8ee97856e99c926742f8a
93dcc95c316eedcc38bb8258c8ee9f91b99fa2183f8390c0597ae4dc89e430d5
94fe52ff95c629524d8a7e9e8fc3ca1b353f5d11b12b7ffe2695d708879ade15
958b76a1a9b936a90ad2d7d51dea619af19dd0feb3a79876ccf447993815bae4
96bec150eeeca6e42b80995dced2129f266adaa80f38d599b851625cc8e1e208
97369337c2cb55e2288776903e059f2948167d99c46113c2fca804cef0118bbb
97589eaccfbe78ee0a2455024933ac3a5b79a9f6b753a5cda7e5c7010ec8b29d
98a5308cad05e22fb1b2cd3fef9e8a4b6e36a4c40ccc5448c5b18509af7ac2f7
99308092280fbb41913fd20a39ba3ff572a8bc24e62a169327357b84957dcb6f
997c32003a6e783337a31a800313fe2ef5429c60a8a8a56ae51261ceb2380f14
9d3f94088f77a589448abfffa4bfdddf23d695955b910306b0df53a112fb7f34
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a327f98329c040b225029235f30448bf290256baa8f76a4c04cb45b2eb1bc6ae
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4f994af5363856befca71e0fa5b73478d1c71ad8a557d23660a0883160abac1
a59d9605cf5a1376b381c4183098add88552e41b6b39ab9aff287c1fdc4ed6e4
a6afa2d71945f652880192863aae765c0613fd01a19153d50a6749707df5515b
a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde
abab9b80a557a76eef66e183dd4d9c124eaf3d5396758d6d54c8739c107c9b0b
af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34
b03bec9e9bb215c735a4323b2c71d906529b613498bc46eefa00fa0f1288ea8d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b190bec40be9563df5802aa246508502691500f57eb9018a96c2fe7bf22381e3
b304e59ed1d6399f00578b6053c731d259b5ad4ca1da7b4fc1a94d166eec7c30
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b4acc7be68530c88688a069775a856107c5a32ca9f5582123860913e21f613b5
b4bfd1f93a9e582f681467d1598a58f6f7331daa10f6543e99bc06ff0fefcf61
b5973c7b9e0fc3296016ea9c24884a4e84fbd9630fd9b4d88b697158d6a662e5
b5c96a43c3819f36223a62c3ee58ad21cb4222af5b9b45032e9fa726551f8102
b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675
b80ab7b24df3af376fcc8f0135f6b2001f8357c55fe241cff17d1b58c10dac94
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb3296813f7b54986ae0d9a55a8df2463a8b4278de212459b313cd765b8a4774
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bdbaae24cb5e89820feaa34c9363b83e4f7e3160e452d45c3b9b602b9b73b534
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c03e461ea1fda33e2b513dff9d33b70ec710e31d361a1a214f050142aef4f0ea
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c4e822f9cb88bd545b3bf63248866d63664bc732bc9f05ddd12e87be334178e2
c541cd5f041147f67b3fb70550fc735265c3e5930bb8db2716d5cd7aa22dd6f6
c7672b1f8efbb532817e72b70aa9f39f4616b10e2e7f008b2975d305d0c2998c
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c8a971105c9d001834b7d079ca4367c9084cda1a380a1cd1bac3a7444d668a95
c8bd65c322299d28db40b7f48d125d9e534000c97210e0f24485f3d3c3744af0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9aeea516311505aad685ba305da7f535e51bd3052f9cff8677a4c70be4ca55b
ca41986254f8635bb72b990cd85b62f0f5b4e5f1b39cd7670c1b441b6b8e7d2b
cceaa58cfc7773b7f4864d26b8854e3deb386ab0372b6cc33d38e3e875437eb6
d05b05ece98098a1cdd85995d6c8dd087a569cd288399cd78bedeb9d4c374380
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d12eb44c7f6038966737af70549631d70bb252740d2ccabbcf78ec866869333b
d1b063259e7524c5a021a237efe50c8a49ab49853044c5f9b51160197afc7c07
d5039abaee4cb9946ee653dd1e51918f75eb091d6d149c1068f1b7e2eab5ef88
d54c5d4437a375b209245dcbc00ee398305aa5c98ec41ec80d68c86229ddde26
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d6a00defdfe3d47a6aee5aa90130c0de98afaa7b038fb7b6843b8e7857dccb9f
d71b1722a86feb175cf26b030003b5bff5c708e070bc72b2e4cc2d8492129460
d93e8f042ec01770e430bf2b4822157f34589485e314bfe6a0ef9ee6297ffb31
d94908f89e43bb333a4f0d122a41b5ec14272d7659ef0158dd135b611bdd1c78
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daacfee1569b76fa9414660cf872192412208382730681d6b2ffee6aff92b7f5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5591b0180c992fbc51046c2569312fdefbcdbaf1aa24122411032485fe3f87
dff329714386b84570b6a8fa01b647f3cd1962f277e7123bda519f9af5f834ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41737123352f13269e3a050498250bec5f93eafbd51b0196e205963282e353d
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
e9e59ba4e632e360fe8208c449237f740804099b5e0b129553f34188b4cdca4a
eb2804c57d84be55ffe30a518a48a2f5ec355690957b6a253a9f798943b7217e
ece18c1a6a1e0ccacb5cd26eefb528330c22130c7990933480d8c1e76e9c214b
ee93ceb4bbba172808e8fe3e0a4d4e93574673dcd0e2d6bfa46099ec73715957
f18e4698b1282cf42ab3e3011e1027b7e2fab2afb339417e38a06449c5f10529
f1afb84eb9fca2019242bb0d4023575048d39c9bfe40fab06c52786687f2faac
f37c6e7ef0c554857a3504866eb2d8b75a0a950a713465032fbeb935d24747a2
f5619957e57f4831d8ced7fadec4ddb973d4f1a3d3a6e881b30a544359e49557
f65e0b4dcbd63c570b84bf48e5e1fb7dc4d7313817e69d7904ae3316cc9d1710
f65fde2255ae7ee1aecf2ac52c2d97f0333bf55f8a2a3f6cb48e7da07cf7b044
f77af6de8abc55028a5bdb7044a5947cb25a844e7408dedd23ffb764f1cd2b0d
f7ccf7d869c0dbec1e09ec505fa2f2ff0c292c82f3ab6c7c2b4eb1d1eb9d5184
f8f1334d1442c3698fbe8d079d59d4c1e72323bec634c9185d030ea7ca8fa052
f99ec5195bb3174b4416402cde79ed86dc28ff5710ef480aa2ba549d10ea6baa
fbc18d8db6012565449eef0a113333f5b8d04c86bd3b3492439b9907fc7f5ad6
fc7046deed2b11d3b722b5868bcdeeb5d7e0e05217d1e50103b8d4c05e43cc1b
fc8b4f2dd7593ae2d4f3badfc2b649df547760c1ad02ebc00a74a265ccabdeca
fc8f4c80fcdd7b354298366e842ca569e2d4530cc5849bdd14445d89c3530a52
fcfd15c7f0b0a71256f502ef5036597718039affb211d0dc79d233d332189b0e
ffa6b63bbede30e4937217f9d17cddf1a55a97b9f2c226011ed7b7a8ee2d7536

news8.de Open in urlscan Pro 62.171.186.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

495 Requests

89 %HTTPS

15 %IPv6

78 Domains

107 Subdomains

63 IPs

8 Countries

10355 kBTransfer

15129 kBSize

11 Cookies

11 Outgoing links

Redirected requests

495 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news8.de Open in urlscan Pro
62.171.186.137 Public Scan

Screenshot
Live screenshot

Full Image

495
Requests

89 %
HTTPS

15 %
IPv6

78
Domains

107
Subdomains

63
IPs

8
Countries

10355 kB
Transfer

15129 kB
Size

11
Cookies

495 HTTP transactions
0 data transactions