www.stripes.com Open in urlscan Pro
3.33.168.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Effective URL:
https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Submission: On December 07 via api (December 7th 2021, 12:29:56 pm UTC) from US — Scanned from DE

Summary HTTP 388 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 82 IPs in 7 countries across 47 domains to perform 388 HTTP transactions. The main IP is 3.33.168.159, located in United States and belongs to AMAZON-02, US. The main domain is www.stripes.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 14th 2021. Valid for: a year.

This is the only time www.stripes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	3.33.168.159 3.33.168.159	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:ce00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1 15	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
7 14	202.212.180.67 202.212.180.67	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
11	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	54.161.145.16 54.161.145.16	14618 (AMAZON-AES) (AMAZON-AES)
1	104.102.29.148 104.102.29.148	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
5	2600:9000:224... 2600:9000:224a:f600:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:6600:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
7	18.66.248.94 18.66.248.94	16509 (AMAZON-02) (AMAZON-02)
8	2.21.140.111 2.21.140.111	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:fb:... 2a02:26f0:fb:5ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	3.13.244.143 3.13.244.143	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
7	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.89.22.184 104.89.22.184	16625 (AKAMAI-AS) (AKAMAI-AS)
4	46.137.184.71 46.137.184.71	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:6800:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
5	35.158.176.54 35.158.176.54	16509 (AMAZON-02) (AMAZON-02)
10	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:858	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:236... 2600:9000:236e:7c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.21.141.175 2.21.141.175	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	3.213.192.247 3.213.192.247	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:fb:... 2a02:26f0:fb:1b2::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223e:e200:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.22.38 13.32.22.38	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	34.247.9.63 34.247.9.63	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	2.22.33.114 2.22.33.114	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.21.142.98 2.21.142.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
2	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
23	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.248.53 18.66.248.53	16509 (AMAZON-02) (AMAZON-02)
4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
5	52.88.197.51 52.88.197.51	16509 (AMAZON-02) (AMAZON-02)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:b60... 2a02:26f0:b600:188::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:b60... 2a02:26f0:b600:182::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:ef:... 2a02:26f0:ef::5f65:4d5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:b60... 2a02:26f0:b600:19b::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	213.254.244.19 213.254.244.19	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	34.249.68.36 34.249.68.36	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4	3.229.193.232 3.229.193.232	14618 (AMAZON-AES) (AMAZON-AES)
1	35.172.120.178 35.172.120.178	14618 (AMAZON-AES) (AMAZON-AES)
21	2600:9000:224... 2600:9000:224a:d000:1e:efeb:b400:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.172.49.77 35.172.49.77	14618 (AMAZON-AES) (AMAZON-AES)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
6	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.88.27.164 52.88.27.164	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1	34.96.122.219 34.96.122.219	15169 (GOOGLE) (GOOGLE)
388	82

36 3.33.168.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1c0ff5298814abde.awsglobalaccelerator.com

www.stripes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:ce00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:ef::5c7b:c209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 202.212.180.67 (Nagoya, Japan) 7 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

epub.stripes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.161.145.16 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-145-16.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.29.148 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-148.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:224a:f600:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:6600:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.248.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-94.dus51.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.21.140.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-111.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

unwieldyhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:5ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.13.244.143 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-244-143.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
delivery.trinityaudio.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

cdn.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.22.184 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-22-184.deploy.static.akamaitechnologies.com

mc.us2.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.137.184.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-184-71.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:6800:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.158.176.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com

depart.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:858 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:7c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.192.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-192-247.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:1b2::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

93da6388290466c633595cf19441a508.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223e:e200:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.22.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-38.fra56.r.cloudfront.net

api-location-prd.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.247.9.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.22.33.114 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-33-114.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.98 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-98.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-53.dus51.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.88.197.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-197-51.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:b600:188::2c79 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:b600:182::4469 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5f65:4d5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:b600:19b::2c79 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.254.244.19 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20223.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20246.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.68.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.229.193.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-193-232.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.120.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-120-178.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:224a:d000:1e:efeb:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)

content1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.49.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-49-77.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.27.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-27-164.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.122.219 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 219.122.96.34.bc.googleusercontent.com

gallery.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com tpc.googlesyndication.com 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com pagead2.googlesyndication.com	603 KB
50	stripes.com 7 redirects www.stripes.com epub.stripes.com	872 KB
37	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com content1.avantisvideo.com	2 MB
31	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	342 KB
28	doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	267 KB
21	2mdn.net s0.2mdn.net	250 KB
17	revcontent.com assets.revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	161 KB
14	googletagservices.com www.googletagservices.com	294 KB
14	trinitymedia.ai trinitymedia.ai vd.trinitymedia.ai depart.trinitymedia.ai	718 KB
10	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com acdn.adnxs.com	41 KB
10	doubleverify.com cdn.doubleverify.com tps.doubleverify.com tps20223.doubleverify.com tps20246.doubleverify.com	191 KB
9	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	204 KB
8	mailchimp.com downloads.mailchimp.com gallery.mailchimp.com	1 MB
8	typekit.net use.typekit.net p.typekit.net	116 KB
7	stripe.com js.stripe.com q.stripe.com m.stripe.com	74 KB
7	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	218 KB
7	googleapis.com ajax.googleapis.com imasdk.googleapis.com fonts.googleapis.com	738 KB
6	google-analytics.com www.google-analytics.com	40 KB
5	teads.tv cdn.teads.tv s8t.teads.tv t.teads.tv a.teads.tv	169 KB
5	pelcro.com js.pelcro.com www.pelcro.com api-location-prd.pelcro.com	201 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	google.com adservice.google.com www.google.com	1 KB
4	postrelease.com jadserve.postrelease.com	3 KB
4	googletagmanager.com www.googletagmanager.com	187 KB
3	unwieldyhealth.com unwieldyhealth.com	31 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	cloudflare.com cdnjs.cloudflare.com	86 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	24 KB
2	stripe.network m.stripe.network	17 KB
2	pinterest.com widgets.pinterest.com	568 B
2	reddit.com www.reddit.com	954 B
2	google.de adservice.google.de www.google.de	1 KB
2	bugsnag.com sessions.bugsnag.com	140 B
1	adsrvr.org match.adsrvr.org	544 B
1	crwdcntrl.net id.crwdcntrl.net	337 B
1	rlcdn.com api.rlcdn.com	328 B
1	avplayer.com player.avplayer.com	71 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	pubmatic.com ads.pubmatic.com	53 KB
1	adsafeprotected.com static.adsafeprotected.com	481 B
1	moatads.com z.moatads.com	1 KB
1	trinityaudio.ai delivery.trinityaudio.ai	8 KB
1	list-manage.com mc.us2.list-manage.com	2 KB
1	simpli.fi tag.simpli.fi	789 B
1	ntv.io s.ntv.io	113 KB
388	47

	Domain	Requested by
36	www.stripes.com	www.stripes.com
23	pagead2.googlesyndication.com	srcdoc ad.doubleclick.net tpc.googlesyndication.com 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com www.stripes.com securepubads.g.doubleclick.net www.googletagservices.com
23	tpc.googlesyndication.com	www.stripes.com securepubads.g.doubleclick.net 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
21	content1.avantisvideo.com	player.avplayer.com
21	s0.2mdn.net	imasdk.googleapis.com 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com www.stripes.com s0.2mdn.net
14	securepubads.g.doubleclick.net	www.googletagservices.com cd.connatix.com securepubads.g.doubleclick.net www.stripes.com 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
14	www.googletagservices.com	www.stripes.com securepubads.g.doubleclick.net 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com www.googletagservices.com
14	epub.stripes.com	7 redirects www.stripes.com
12	img.connatix.com	www.stripes.com
10	vid.connatix.com	cd.connatix.com
8	googleads4.g.doubleclick.net	ad.doubleclick.net www.stripes.com
7	downloads.mailchimp.com	www.stripes.com downloads.mailchimp.com
7	use.typekit.net	www.stripes.com use.typekit.net
6	ib.adnxs.com	player.aniview.com acdn.adnxs.com
6	images.revcontent.com	www.stripes.com
6	trends.revcontent.com	js.pelcro.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com js.pelcro.com
6	vd.trinitymedia.ai	trinitymedia.ai www.stripes.com
6	capi.connatix.com	www.stripes.com cd.connatix.com
5	events1.avantisvideo.com	js.pelcro.com
5	93da6388290466c633595cf19441a508.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	depart.trinitymedia.ai	js.pelcro.com vd.trinitymedia.ai
4	track1.aniview.com	www.stripes.com player.aniview.com
4	cdn.doubleverify.com	s0.2mdn.net www.stripes.com
4	ad.doubleclick.net	www.googletagservices.com
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	jadserve.postrelease.com	s.ntv.io www.stripes.com
4	cdn.avantisvideo.com	www.stripes.com cdn.avantisvideo.com
4	assets.revcontent.com	www.stripes.com assets.revcontent.com
4	www.googletagmanager.com	www.stripes.com www.googletagmanager.com
3	q.stripe.com	www.stripes.com
3	js.stripe.com	js.pelcro.com js.stripe.com
3	api-public.addthis.com	s7.addthis.com
3	www.google.com	securepubads.g.doubleclick.net www.stripes.com tpc.googlesyndication.com
3	unwieldyhealth.com	www.stripes.com js.pelcro.com
3	s7.addthis.com	www.stripes.com s7.addthis.com
3	trinitymedia.ai	www.stripes.com vd.trinitymedia.ai
3	cdnjs.cloudflare.com	www.stripes.com s0.2mdn.net
2	tps20246.doubleverify.com	cdn.doubleverify.com
2	tps20223.doubleverify.com	cdn.doubleverify.com
2	acdn.adnxs.com	player.aniview.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	secure.adnxs.com	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	player.aniview.com	cdn.avantisvideo.com player.aniview.com
2	widgets.pinterest.com	s7.addthis.com
2	www.reddit.com	s7.addthis.com
2	t.teads.tv	www.stripes.com
2	mug.criteo.com	www.stripes.com
2	gum.criteo.com	1 redirects
2	api-location-prd.pelcro.com	js.pelcro.com
2	fonts.googleapis.com	vd.trinitymedia.ai
2	sessions.bugsnag.com	js.pelcro.com
2	static.avantisvideo.com	cdn.avantisvideo.com
2	js.pelcro.com	www.stripes.com js.pelcro.com
2	platform.twitter.com	www.stripes.com platform.twitter.com
2	cds.connatix.com	www.stripes.com cd.connatix.com
2	static.chartbeat.com	www.stripes.com
1	gallery.mailchimp.com
1	m.stripe.com	m.stripe.network
1	sync.aniview.com	player.aniview.com
1	go1.aniview.com	player.aniview.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	player.avplayer.com	cdn.avantisvideo.com
1	play.aniview.com	cdn.avantisvideo.com
1	cdn.revcontent.com	www.stripes.com
1	www.google.de	www.stripes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a.teads.tv	s8t.teads.tv
1	syndication.twitter.com	platform.twitter.com
1	fonts.gstatic.com	fonts.googleapis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	s8t.teads.tv	cdn.teads.tv
1	ping.chartbeat.net	www.stripes.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ads.pubmatic.com	assets.revcontent.com
1	static.adsafeprotected.com	www.stripes.com
1	z.moatads.com	s7.addthis.com
1	delivery.trinityaudio.ai	vd.trinitymedia.ai
1	www.pelcro.com	js.pelcro.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	pubads.g.doubleclick.net	www.stripes.com
1	mc.us2.list-manage.com	downloads.mailchimp.com
1	cdn.teads.tv	www.stripes.com
1	mab.chartbeat.com	static.chartbeat.com
1	p.typekit.net	use.typekit.net
1	tag.simpli.fi	www.stripes.com
1	s.ntv.io	www.stripes.com
1	cd.connatix.com	1 redirects
1	ajax.googleapis.com	www.stripes.com
388	95

This site contains links to these domains. Also see Links.

Domain
ww2.stripes.com
veteranjobs.stripes.com
europe.stripes.com
guam.stripes.com
japan.stripes.com
korea.stripes.com
okinawa.stripes.com
obituaries.stripes.com
militarychild.stripes.com
bestofgermany.stripes.com
bestofpacific.stripes.com
letterstosanta.stripes.com
penpal.stripes.com
printshop.stripes.com
www.stripesstore.com
twitter.com
www.facebook.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
epub.stripes.com
dodcio.defense.gov
adclick.g.doubleclick.net
www.addthis.com

Subject Issuer	Validity	Valid
*.stripes.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
assets.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
trinitymedia.ai Sectigo ECC Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.pelcro.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
downloads.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
unwieldyhealth.com R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-09-27`	a year	crt.sh
*.postrelease.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
depart.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-28` - `2021-12-28`	a year	crt.sh
pelcro.com Sectigo RSA Extended Validation Secure Server CA	`2020-02-25` - `2022-02-18`	2 years	crt.sh
delivery.trinityaudio.ai Sectigo RSA Domain Validation Secure Server CA	`2021-08-30` - `2022-08-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
cdn.revcontent.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
images.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
outstreamedia.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
gallery.mailchimp.com GTS CA 1D4	`2021-10-23` - `2022-01-21`	3 months	crt.sh

This page contains 39 frames:

Primary Page: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Frame ID: CFBDB7D8B8ED9945135A3E9E2AC4AB6C
Requests: 199 HTTP requests in this frame

Frame: https://cds.connatix.com/p/141495/connatix.player.dc.js
Frame ID: AF39A1ECF49F516CA9B837DFDD11E496
Requests: 18 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Frame ID: 650819ABCF1AFE09A32B3CF8DABB3305
Requests: 7 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 3A7CB50150442D3E517760F39CDB27CD
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com
Frame ID: 3B96F028A8D8DB49BC11334E4A420B75
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap
Frame ID: 17184B7D16C7BFF144519D005A22789C
Requests: 2 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=7fe08c7b-d555-4a65-9bd5-8d47b96fa8ec&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Frame ID: 9BAAE708CB7BC3A717D0C14DF2C4D558
Requests: 6 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E920515E1CDEADDA95DDB8FD522CA53D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F3A2AC8F43812A4130778645441BC334
Requests: 1 HTTP requests in this frame

Frame: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC37B131EB95C5732C804DEE161103F7
Requests: 1 HTTP requests in this frame

Frame: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 62178816753CBDD35D13D22547FFE32D
Requests: 17 HTTP requests in this frame

Frame: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 359ADEBEF4FCF49702007236FC65A8AA
Requests: 14 HTTP requests in this frame

Frame: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1BB61F0887EB691BEF650045A90959AA
Requests: 14 HTTP requests in this frame

Frame: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F7085325325BC972639E4BACB8613405
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurD5r20k_J3h80T5c_EWOhFvOuCheq2XxrrJ22bMmEGZykaIIave_30ll0rBjTRFSAi0S4pbMSOyB5PBWrhkkKeXz-hEe0ZiJ5kGCwpMBA9o66ek1Nw5bfk-lXwljAUZkGN4UlkVEC3-V_T5CPIjcQgLPazMChSr2oJYxNC4ixnAeOmePvn9c3kR7yCcaFtYZsgv2EXOSYgaiIcWXHVh1ys23akEGWZY6yvGEfRL5S5o8quscbpnDHrRcJfeFxq-gu3eR-Rvi8Ff_j5scF2R1akzlCnPMGScwe2s59oSt-Y369X1Ky0-v8lASaDXJzBZ7_&sig=Cg0ArKJSzGh3YjDnuZl1EAE&uach_m=[UACH]&adurl=
Frame ID: AF77C132C6D0C7E6C9EA77CBA440FFF8
Requests: 8 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: 07F7A05A18F448A2BE372F07F2E1305D
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: E82FEA7C6B175E31B041A6CE53AADEE5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: A2874A0E83EA4BDB5A670CF8A8737241
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: FCECEDEBAD9DC983FEE7FC0A32598309
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: F07E2B49713136C35E5E5112FB32EE91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4D723FC88801EA219D5CEBBAF08B50F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B2E72F2E7C754CDAA4AE0238FA90DC2C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5130BF321DB9E494D145ABFDDE827C3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A07FBEC1B814B7D7771725E56C955D1D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4E1E706FE62F08A84668405DFB020A81
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A9827F17D2AA919FC4AE064F2FFFC8B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 931968433081B59170455A7A404226D4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
Frame ID: 08CEE3704F148B9CB32450624D86F4A2
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
Frame ID: 10B5BDAB84BFC872B20895DC1F7E6DF8
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1874.js
Frame ID: 5C508DB63C1C16015617A28519D9324D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1874.js
Frame ID: 112F33663CB7B8B0ECB3962916CFDBA5
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Frame ID: 33662684C6EBF690C711CBAEC73DB854
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 61010A4DE5519B9694F1C5416151D370
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1638880186076-952371687883-005920-000-002504&biddername=55&key=4335068151476890128
Frame ID: 8F14BD25BD5135187DBE896895F7A37A
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4B580D184E882EF733D90F8C697299F3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 037D2DE16B30C803C39FCE52B6AD48CF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CB9BB13B39DC4EB39EC518B28C3E0D89
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 53330A0E08FC83F3B981690726D244F6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CDEBE9F74644094D1BCD828436E0B59D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Report says Russian hackers haven’t eased spying efforts | Stars and StripesEmailPrintRedditTwitterFacebookPinterestAddThis

Page Statistics

388
Requests

97 %
HTTPS

43 %
IPv6

47
Domains

95
Subdomains

82
IPs

7
Countries

9514 kB
Transfer

21258 kB
Size

51
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://ww2.stripes.com/subscribe/support-our-mission
Title: Support our mission

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/communities
Title: Communities

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/veterans/valoans
Title: VA Loans

Search URL Search Domain Scan URL

URL: https://veteranjobs.stripes.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/rewards-for-readers
Title: Rewards for readers

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/epaper
Title: ePaper

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/archives-faq
Title: Archives/Library

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/epaper/special-publications
Title: Special Publications

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/apps
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/newsletters
Title: Email Newsletters

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/digital-access
Title: Digital Access

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/home-delivery
Title: Home Delivery

Search URL Search Domain Scan URL

URL: https://europe.stripes.com/
Title: Stripes Europe

Search URL Search Domain Scan URL

URL: https://guam.stripes.com/
Title: Stripes Guam

Search URL Search Domain Scan URL

URL: https://japan.stripes.com/
Title: Stripes Japan

Search URL Search Domain Scan URL

URL: https://korea.stripes.com/
Title: Stripes Korea

Search URL Search Domain Scan URL

URL: https://okinawa.stripes.com/
Title: Stripes Okinawa

Search URL Search Domain Scan URL

URL: https://obituaries.stripes.com/
Title: In Memoriam

Search URL Search Domain Scan URL

URL: https://militarychild.stripes.com/
Title: Month of the Military Child

Search URL Search Domain Scan URL

URL: https://bestofgermany.stripes.com/
Title: Best of Germany

Search URL Search Domain Scan URL

URL: https://bestofpacific.stripes.com/
Title: Best of the Pacific

Search URL Search Domain Scan URL

URL: https://letterstosanta.stripes.com/
Title: Letters to Santa

Search URL Search Domain Scan URL

URL: https://penpal.stripes.com/
Title: Pen Pal

Search URL Search Domain Scan URL

URL: https://printshop.stripes.com/
Title: Printshop

Search URL Search Domain Scan URL

URL: https://www.stripesstore.com/
Title: eStore

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help
Title: customer help

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact
Title: contact us

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/miscellaneous-faq
Title: faq

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/advertise
Title: advertise with us

Search URL Search Domain Scan URL

URL: https://twitter.com/starsandstripes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stripesmedia/

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=1zWE9RI8pn6%2FXqPz1QfOofuHh8YYRSVfp1ZkSbC3rC3Gvmw0XQTSqzJ6NVNnzzn8sYZhvmkEyPdR%2FT8CWC765%2FdolAMhrtoDlEVe8ps8TxBo1kI1wRVJd2QGRP1hKjWfchWBmshG3wIVo98bGC91clPBFKkMWA4pQfuqGewuvRtPbmReMoaZH51dpD1BRvH%2FEE1%2BSSWJDmTqWdoSgmvzQGUTg1A4eHFeCNLqyEynJBPH8YN%2FbAqnpMJDKGggc0dzF4eFwaZpmRG10M8AnnfwYDzIGrYq%2BQxtu04wvHTgZuljvmFrsPEs9CR8wrORgWoOqhuhLtNyEBRs0euIhCOV6GX0CbDxrLhOCaM9JeN99JAZB26L7YE381evpqi4rzktQp6U%2B2ez9aBXHAv7nri9GY6ZNnXA3yw7nl0HvGAlpRrspfpyFM6qR5KR%2FvfP%2BtQoMQq1iuaD1Gj4pqbUYDl9ur1s6GO71xZJ8jh%2Fu4yka8PlsXvgmkZLgMVX8xBP%2BTSc3XfS0FsQ7hnVupyl3jnxr6eYuz2maY4zRhn2CTtsED0rqQ5MTufMplkhxF3XC4Q38LkrRFewJSAfq8TvA7%2BeFbA0unM2MIGPnY48ygCvb3RWrThGAg0wJhM%2Bq7GZX7TMWRQEnxd6s5E%2BiyycKZYHySXiEM9xfyNDFF7UFmXZ2CfcPbEpgFWzSaKDEl4EBQAHhpjbHiXu35Q0IkUWyerdd8bISzj9FR7CcDw%2BwcinNjROlet53nxfuMCIOaNYkxySjKN8AYI4Pkp%2BZbEQv8BBEgkXaanf%2BhHqcl3kWXq6DahPirpqgUEv8Uq0YoE1s9ybxiGsGPN2XgcDPywyxplYKHqmstGZCcWuFmb06ka69Ae%2BBSdZ%2BbfOATzPPHiUbfj%2BgalZ02pBJ4thWOysTrxIbrpoY1i33MPOXSpZwa2EiLUb8Not3AWh0V685ZsFnnR12Nr22Vjbe5iYUAXbICsaNZmsr5Uds%2BlNCB2YaTXsEbPCoIeJR8nP8aixxhFXUbc4MgJomR%2Bm%2F5y6JdIcyAd86CH8KiHuJfghLK9jYsH%2F5M6FaH7vfEGWsmkVIirDf%2BkAESxgvDGKXQhLELF2Mo628ADedJ1LeweIdxgrLevrzK1KrUWCCGsHlZYS2qmDVMu6fMdpwyw7jnkgE8c%2BS78%2BkHBMz6zGpUz6jn10cEzdM5sTAlwlqkT1pa9i6QfVlOLA%2Ftz2lKsZHKbyJuzRFJdvRxDuZY6D%2BHSkLIsZKzCH2CbGBvxO7i%2B1pNbn9KgQ1pucEaCj%2BLiSC0nPYVPI5nizC%2FJWsH1MXMLYcBqmlVd8Vmxsu9sagP2nk8tPBmk3QgrKxhzKwQXob1ACsfTYVGFXqoGxIjHxamrX8%2Bd5lDl8fCAxJ70tEZZcsr9jUIZphkjsAjL026kQAtKh11PZZE45uPiIdlBECV1ISwHHR6mXSlrpRQ37wgerkwR7cTaicSB9poLpfie%2BtQDsdG6Dbb7l1d9S91Z%2FvasbAfPwXTFwJdr0AProL8hzF6W%2Bwl4QIDfK6Fwb8GPRkHnfJi8xRjr0zJo1LkvwitzKdqTzTNZ3cYWE6m7N8VuGvpB209bfCMBhOPmN1G%2Bz4Qu4G1tLnfa2j1158l3vqvdwa%2FWAzxntFfTu9TBBtnlzb6Izpod%2FfEXghoVhmvH%2FNOoRtdHU4mP7xSGWmiZw4NZ9chiXdEdo7lN1V%2FeC4oltx7A3JPc%2BfMMtE4xXwDM3BjsEoeX4GJk7KmH%2Frqylo62u55eEVHvmirRKQDi2vcjdgSqR5VBmBbPm%2FVShUbHd6qDR6Rd413a%2BhyjAM7KeFPt77dEufyrLbUreYiGtiVmHkGLJgTL%2FtlyCpqX4Ibe5Op4VHM69dNa3ltGKco17AdcJFDWqB%2BG4Z37KEyJ5x4EKjg0sLhtGCn0la352Mr6p4Yg6E6frObBMm3GGvZAU502L1Sp0tImHQfhq4wMKQio8v6Qq2uBBptuuSFYUAfoYdgD9oEEfkNBYXsd3qoKFBQXpYDGwUbidvlzpwfp0OfCrVPMDnHIG9Nenl02wIYrHpSC5QBTnFZl%2B1w3nSVPwGjBK5k%2BAaKQxrPqb%2B6Tv5MQADI%2FFaloSY364wYql8zyLh8iuPCApRifp3JpZ1XUaziudNVRPrBcANw4qHFPGzOOVyKRy6%2F8O%2FdHr8dcmcZa2OXzgjNneZWtTeo9Qw9sUgy6JKaD6gSohN%2F0%2BdnIGb1dwP32Q8WHWDdzcbdUn7KCYDVtovtD0VuM8Xfl7fa%2FdXsyBxSUKbWTN3g2msrOVTrz%2BuizJ0f%2FStp8I&s2s=1
Title: Schockierende Neuigkeiten: Sein Geheimnis Wird Endlich GelüftetAmz Tutoring

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=3y8oTPEI1xIWQj6MBGKn96qaTq9kH9jjrjRR4dBcb43FZRYsfWxctA4dcyIpzjE%2Bj757a8lwrRg5CPUfZb8Wiid4fWxR5NXQRgvRPsveFB50fTfyWswFXzGnY6s27wP5QXjrpvt0EPAnsqtl%2FmozTsUkemQSvL5t2ZFl5t4S29fCQWKZzWTdHJqQ7XpHgFPYuq3e5%2BU%2FVziYLbPsnvq8zrmUVthbM72mc%2FzH%2B%2BBXcaRGgD%2BBkGaWcoIwLGn5aG7MBqKdxzlyaHnHVn9Bcyu%2BR527fCi2wsuOmKXfqITyhBREAEmE2WEuEPCfTNDiDsO94MPia%2Bikpd0UOdOyDYilA9A%2F0kZLOmQWtin9HnIR9gfDZM4ZrWUt8hDYvjfBzOGx0UJ8oMnThwkqa1sZVko5u6fQA%2BNPBMJPgqTi0hiop31Z2%2FvD%2Bab%2FNmIESKbiGH%2FfaOraP%2BsW7PQ6RwXcuZc5OEBYeyXC%2FE4C%2FzT8mwzojy0ps84324G3nlOCLAAwvoFcO8qxabCJTiMyF55qSwFoOp4BeFfwiHzJUIFz2cpztu6rdeXXwNs8nmbRgfCdE8YGMQFWdIkwkUlggr8TqnUL7FkG6b3bdTvn7bactT93SuhCfEkNJbI1drdsIyDbN8U9AblbYClH6ZOfBXR5gF4D1CyLMri9Z1U6EH%2FiE3WrjiS%2Byur8EsxcLCJO6WPo9LINREa9fiUWnO5S9l93a%2FhVh2nEY8DWGnnoeAl4skEgJRlQIlsHrYjRhjBx2eh24avg%2FwSaX%2FPxwe%2Fex6evZlnG%2B6VxiT27rFIfRO5t0cRsixoOO0DJvZUdEEjEJ9vG1S01GhckpVLM9aV2B3n7okPqD%2BTOVHCNAMRRBXUyUigQS2HSWATnVz68IjYzbYigL4YChzkHUUj0ylS9fbD4gO%2BrDPaHPd1sAbEKQ5Ez3AalwKobllZEBEjygEWIOh4576FdIFPYBak0jyXbn25OnvUKdvfYT8J5ctIbIMXoenL2hSbpkG%2Blh0Y6VWntP1bNS3t1mpLfVmnYc9t3AEVyVZznvxsVwWBPlAyJDq%2BpiAamMrTY10QGRDmnOgL0FiHEQFnvzWZOwafXaGQGGWTvaZ0iHgs5VrfvS2uiqjW%2FEaRgcQBp8F6TA8VJB9qP0ggyXXdPDTVyZzQEV4X23Y0I56nllAtUwW4VRYOdobrRM5784KHZje0JBmskxZ2cfeC0F6OliGeppNtUm1cj1E6ucFIfYT6pUnD0ymEuy5tH37w7t1aZp3ugY7yiFeF3wmyWJsEm7AOqoJT6hkQf4v5sUCj6ZlUWRyZM%2B2gahd5CvG%2FxcDO5EEK3JAabwC8aWzK%2FAWXZAyubcU6NFOILKtc3IUmi%2BsygHx776FnUYY7%2B483n8SnhLV%2BOGfKBCLupmnXYopMPKOvYdsHhdsczo70Ei%2FAfsgsOnWAAoLt8ragORrYNOWviMujY0DQUNGF%2BlZ1foR8FZeNp%2Bea5LEuapuReK0qbm1mhlQZrvRGTbM0m0hjMp%2BXrosLq06Y%2FNR6ZkGVKhzS84WRRcFqnthvZ1Hzrl60HFb0JPvn96KYJFRsH2bJeh3U%3D&s2s=1
Title: Here Are 23 of the Coolest Gifts for This 2021Trendige Geschenke

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=lgy%2FlaGrWYnfqEzKEC%2FEt7CaRDPjNGH%2FGWoJR3X6hvQCHdlVzp4h%2FRQCqaYK4YNRcoZ6c6KbNF0GWJfaocxC%2FVTqV2LlWSzi%2B%2B17H114g5jGG7VKUTkWw1dfF8H7REdKNhXmUJOeZM6SwKRgnxeawEA%2BFDIYSm5HwF%2Fkg7gZ4axiJCYo24IUM1ief0fD%2F8JrBav%2FC4Pm58PN6j2w%2BeUO8RBG41CV2t5O%2FiYphVFrd1MRUMntzpRyHmS%2Fh2HTG2Kj1%2BFL%2BZB0mC6uH51d1dl8RFWLF1BAsLk9kDS3I%2FokxIkWQSDrzM7nLHiqzujeXcFnWu5DwW%2FR%2FZ67joMqG8lBrMP%2FBDnfPc%2FwOYSrUWS6QKTr%2BJ32IXz%2BiUn%2Bn6xsKke0gu7qzH1kgDLc9LHwUtSo6VKL41ckZy8qF2KTDTzQQd1iYiQz5do0dcU0pLwGkAPgujWezEs%2BI4w8UEiPD%2BA8IdAe6nJci5JUdyeCUlAN55Js6NS3KSfYClyZc6GqMF0WEDUp8faA6KGBeTSOqG%2FBS7p%2BtAlnzUxlbgx38hZz%2B88s%2F0ZcWAySGGsTNf63K2LYWrUDORqihKDUktZ4kCUWsItC%2F0s%2BDp1jRbHctzFOx6U%2BH%2BKHCnIb31%2FxNIg9V8rA%2BwQtwtgjMBM7n9d2mjCe1haZdT5yz41NwrfLdTVlHoWZu91Zw3CQJW713WPluJYODGA7XiY4Uimy1yPrJm300q3zY4VHLhIDrdkHv79qjUaLwLusbYaXgfYkXZyownt31V6iqFz8hlhK3CFwMILl6tSs2ixBDW%2FcpOj1zMhJo9CGvQaV5ucMzupO4kO8HVrurfCOE3ZVBb7kzygjH1m663fdJMkwL2%2Fl4j4A2CrlJ%2FOAunvjFF9Ls6E4QYIrefJ14n6xik4cT6gNbuHcKkIJn845UOSGBSppCO8H5t%2BYCFbF4mQJjkpCrupkKCCah5iCC22VG7Bw4lXO%2Bu7ctZPJNjcOcD60V7EnUXfamL6G1dpTwkhERs6gI6%2BXfv0yFCqwktbhYKZnymiJUqQmxfAHU7%2FLx%2FAkqcO1UO6%2BTP%2B2c3wo2ROW3S%2BzIiAdkPZYwxx5pWxHpo9uLzBFO7bEDpGmjtmrFfrhpMp8ZumBdeCsXDWm1vShjOdgyEffllRn6%2FDZwodV%2FkgwCBwpEa%2Bgs9f9xaE9sKCveZNRKRmBXfILq87TsmN0yLJuhWpKPqkMmKjqqc%2BXnWboibYeknndkBC8Rwl2dysqPVgdhoY7SsleEGjUIYIbw3pBdyTLtonpK4WU5PpJ89jRdRHOK79NxnoRUJvjxT34%2F8nAiIrFw4bTjFnGpQV8f0yt1k5BC6eVQLuOBQ1xY32nweOmoOVuclcaWoSwKDZoZrP0yEYSVzQ422jthlBC0VJNjhGqme5fm65T32MZ%2BFsQZc8y%2BgrQ7x5mC%2BgPHfNG6YSOgtfYrFFy2qLeGnNOUpqU5nfY%2B%2BYM8WZN1jAtRcd9do7rIlluN799lNSF%2FhZ0iwhhPJtqZnZn0mD4lW1w%2F0x37WBnaZu0mZJuWh3s0ngfPXUBe7IpXwpahO5GvrNkMFGJqsufjbe6bvteezfV6mho2JAdQpQoClKfN%2FiBi5yMCFostcTnTQO6pQ%3D%3D&s2s=1
Title: Remember Her? Try Not to Gasp when You See Her Nowpopcornews

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=sX3plkadjcmsljqlQGZ1B68QEOYA9Yq7aFtQ%2FaQf8xCsNl29XsdYS7kHljqD0O1xXQRryPhEe7IibxCq%2BoDIzv5fycVve23AiwsBuZ7uJCLiEuJa75gzt4q0fkC%2FqvszGi6b9aZTBAzqUejUic5RQ6O%2FYqpMZxOG0Hp6wuN5KIxaZTT04mi4oyXAJk4QMjWHOQgBaZQjz9BpceXQ2s9UKciVrERPoFsgBDn3VgYRao5ZtgA8%2FCaJHo4O4zVXhh4h6P4YtmebQ2rmbWEeG%2BvAJxWG%2Fp7484apzrk9ocnFusGrbLFESZ%2Ftu%2Bw5gcNbNaHWhJVOEtFUt54LIzyZO7pv0QSII7amNfspRFEC4ZCRqQTei26hf7lnqsYrk8PKAM94gXazoPPyGuDmxEkn68SurITPrD0ilfF44iJLKeNF9XTwL8%2FYJoRaIcwVTvJVrkxwdboEAYXbAG0GMAcdoP79t9Q7s2Pdny1V9dHNmF3VDZoHz0HlDzLcwXpX4Q33JMfa7SxNbLOa8KvNe0ZCX5%2BR%2BgKnar7Uppu8qCm8b4xvySDKn4NahJ77%2FUXRnsuj5A1OXssobvnDZdOTzM1683wRTcFmVtcDIj%2BRTdlDnmojEkvsM6TTtD%2BPnJdg4ph7lS2aiy4LEcsB0HueCORvWyySfD1oZ3hP7uWwNmjzYY7dHsa6ocI7%2BvVBWqFSsG0w3yARJFThHEuDYXrv7AweN6Bzd71gXLamaoEWD7Qw%2FdvHr%2BkH0NqQ%2FjizF54V1A4xvD%2B%2BjaREN5j08gdvWOMP1VJ14ICajh8PQ9MMLPm5P4HOzM50IRu3GhqEa9CDwFCiintn1QM1wbKI9%2FrihQuGfS528wfuvEwoE93jVeJfOYwTW0CW5QdzPoeRd8jQWtypD4fh%2Bun5dgAKizqGKkq0Jzt8kmv6rPy%2FzIK2vIVWb4EkrZ2wV1REJvwqCOPVPrJBO6LvkpoB%2FdidM%2F0D6YHnZqY1hUUIMNrRFqIZecE%2BNjDmn9XMAaHwj1QHiyj51i0TSXZYKgJZugBMoBASuIIzTyHjS1M7gMMuMndwOtNg3X8HV3B2hDV4s5NpL2ju9oC94%2Bx%2Bt1PLXKocasQaFAfEM2aGqKhdJ5S8yh83XRKyJOh91XUm7Qi%2F8d3ahBCoKMKz%2F5yFBZIzQyKZmmpdinjQwFe8aEDA5Mt3baTmxnS83TXO1BYCCTLkbaaHgovtIjZEURiqZ7a4vRmIhoaQdBjCJJcRMKj8SknoOc46oY12p%2Fe8At%2Fq1Gi62BLBBDLGOM7suXmH9mu8gHaW9oAlwh33iYsfTEzyQrbdWiSPwcTOwrygalNxqK8O46KKl2lXb8U6ePkgwgwdhRYOOnlMh6NllOK2yNtCl9ep5roeYFEF5pcVgKI%3D&s2s=1
Title: Anyone with Diabetes Should Watch This (Big Pharma Companies Hate This!)Fitness New Times

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=0Y%2Fucory5r2cEJMlnVvCcLYTO%2BmTmVGMNcNuvGcK90k2bqYUFddLxl%2B9rB2UCHaYeco0X6lSW1kpENQqP4x021fr8Krw954JAzCumWQcPgHlDU%2FqTtwNnsU4%2BDK1hdb6FKMUGEX6G7QZcRqPQ%2BhbfZ21tbkhomc6LM4p5gr9Q0%2FRZoBFZU%2Bn8FA8bsH8jEJtQiCzuotXS98rPIHlQa%2BRJ7TEhK1YMGTrczYzxL0OV5BKtSdkJhItG75O6kambCN7m7Eyq6qeSuDZtSCFBX2F7uAWZi9LjY77XHer5lS1xz3HB5HDRFw0DFzQI5Ti%2BOdeZUQNGAus%2Fz0xqsX1UgA7Y%2BC6gRTSfVTIK%2Bpo2V75cuVUcX8wAWCV7u9fkjbUpQGvUZIinng%2BVCwGI%2BDwvjudHOZ%2F6FqBdKa5cY9s73CY%2BKcWbeWer%2BRwJe97pRc2iOHhbwC4MONsEhZUATqGjwl8AGa7xNtql%2BBGuXbCizsehhglka6pYVk0iK0Mw0lVCqaG8s9so1rUoStabbUTuDqHM75k4Fotoew1d50TX%2F%2Bp1NK9LLYrlsspoPHRRFdtLREto7%2FuiPwSNho6MKRHcf9nU3gaq9Td2LF3SsSyDP49%2FWQLW9O9cSvx2Rrvv%2BGX7m0W%2Fy7N21Pq26AUxjWnQU6QPSjndY1vbviP1tp8AqAnyzZTANbJbVlsrm4ZiunenQWUXSO%2BJpv07x9fsQahMZpNfzpQThz9EM95uGjzXHFHhHZLU6vYRUHjaSdWZoU2SliZ4TDhuOMAFF6Cp3R%2Biqnn0f0jEivOtSzMsp%2BPtmrIrXfQdaOGbDmn3%2BVsTLrczw3sk8OprHG5Q4s9s8wvkXuu0z3cFUAOtOzvyOQBr4pYZKeGrRmciO0gfq9sRW9vXLuarmDxguB9ITEvS%2BSQdXHKXj34dAb%2FVnZgy0rDVzKDANryOk0UQxFg8fuhmpHR1Rz5%2BxdeFpBbPzKLAnrL%2Bt0a1exrkvJc1p8Llti%2FQLqRfw4zTFHSpuGTubk4eInxTjPGvWt1I22L92poCd79Li%2FrlXg%2FLxojSP%2FwKBfcB9jclNSviBX3Hvmk1DgaMsSk9bjrSqgNkAG2ZmpfAnPB8iHfX46NBDdw4jlupn7vXM4XUOPLRpNXttVh%2F%2BNP8wceJYKg5WVX%2B8AvkdTnj1%2F2uRxWJidZTxRjCTVhGEMh1qUxZvZ%2B8V0JqCZnAfdH1Oi7M2tdIFUDg83PLo%2BcX4CScZ50Q%2FW8Fv7nMXqJ3Cl4xfe6hZyLJ%2BAVvff%2F%2FEDc7wWS65MMKzl0w1eTYE%2BUewr6exr%2BDkwyLhTEl%2B%2BQy%2BKr4inqluNd4ENoUkt0RkY3DDVjbkh1N%2FAhDEyclwhi9x7EdwoTkjOl0zQM63K%2BWccq3xXnlY6zNh%2BtlALhrfgyrSlflIYwdCOM9BTndrn4AxKOnY5ZVvrWcx0P2qK3fXGdEqSdDz8%3D&s2s=1
Title: At 56, Laura Ingraham is Still Single and Now We Know Whypopcornews

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=n7szUbYeBepCNNewcnv%2FHmud3hXsEaogqIdDXArT6cf3otQ7qcb4d3xgVTLvIge35JAKA0XyJRvQvuP3l32rnnw9AeFpGZ2azn5uHQ5ci4PVB2liFo9aViIGIH0oXvCMZV%2BJODopLp6x2o6hlSfJPzBN8HCBRhNOFYGtVbrW%2BSpDVns%2FVtlKIFmgI0KqxhlZJgDxCy2bNSZR2smY%2FzP7fbSrrAYcxirk6yyFsVfF1Ym5wQpBWmQezqzFCmz%2F2EFU4pw9PRqRexBTL0yqJFc%2BZ112e8ChxgtF0c9ssf4apvZT4c6CV5C84dg0lIWlTBkAv73SM9QwHOKU02P%2F3PsznUm9L1r8Ibn2wLjb2u4i5jq03D3sAtTSS2JZrcqMSBVhzIDuFx0jl2cN%2FoFzscWOdiB8Thh2ssONo5XbV3otS%2BS822Dg%2FTwcadzlvbOkCVMEcqYayaDFnllctSIzybTa8t6tFIhOdrHoYVzRL3RT%2FjLtZxX3vvi%2BdX45JM7rgGn7e6ms6Alq%2BydztX6PLqRUAxZN7vK1t16rV65rupdXrh4rtIrYS%2F%2FLaaJo7O%2Br45NGCt4cCqOBqzTLePUSkikGcoDl65DfJyTtfil19zM2qh5k0RQsNzuCgQTSVvxiigBRLv26RKIXufKjZyrod%2BmTZOVy0h0bVIc8RSXC9ZUr5upVPuCexlNPIv8AYLTB0cOrtG8yA8NsSOUoB2%2BNRNA9DTTw5b%2FUv5X%2ByIXQ0tSGkqmKzHLEEjDCmqV3RaCaHfCB5bZAJLp4yaK0a6LKfHJyzIv6IxcQfHlovQGvMfHurbIn3FNiYInjogKl04OxSqst5QSqEA3sxstxXf%2FlnNly45jwpI3pMCPIIgbN7dWtv1Tsaud%2FOCtPWgOsU%2Bbm1fXMJrogZLCr9LJxZlhNFJaHT1fKBenQuh1BANCTQWB%2FsuBqDSWW%2FCfXaRLpdizA1ipfcJK75k0KvgyzPYTdgRKOdeE79GDkTy%2F0yW6tLDNLFslr1PjKpgp%2FuckZwCCwVugk7zuI%2FVhVa55iQX62c%2BlDDhrbhTwXt8Nhm%2FtsgFtovJ%2FYLEcZLpvEWPi47SOVkILf%2FU8L%2BgE3T3rUK7yVqQZIQuMHOe7XWkZIAeZqNxkmmHGtij5sDP6O0sIqh2OLkPH5nc4vJ4sFaTRTtjQ3EppniE6ygDf1SLIysIfl%2Fpr6%2BRDj8mvhoEQNjEfDgO6QyrlruSFI56ZecV%2FkBoygEcNzt32z3HD35eqGpN2p1JrIsGr3hNIavtgAfcN3hg3NWXdyFdeVw2ItwbrZKQobFosYiN96CmFIcQ2oEsVnBmNoebB9k1JwO%2F5Eq6KzJhAe69p8aYVKb8jgL2s7HdK4AZQMZJ57Y3R7p4xn3gvGYWpGE9ssW1c28UhdBvJBjoHpyx0OOUmCyhqGI2Idc7xLgHjgrn%2FaitPiZ8nqhWKcMzIfwSP0fuNcKFprQ5xEzcS5e5PzyBoeaOHoAPbWk36VL%2B7lwA%3D%3D&s2s=1
Title: Try Not to Gasp at David Schwimmer's New Plastic Surgery Picspopcornews.com

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=GSS_GSS_latest
Title: Today's ePaper

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=MID_MID_latest
Title: Contingency Edition

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=SCOM_EUR_latest
Title: Weekly Comics

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Stripes-Europe_latest1
Title: Stripes Europe

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Best-of-Pacific_latest1
Title: Best of the Pacific

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1
Title: Welcome to the Pacific

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Best-of-Germany_latest1
Title: Best of Germany

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Transition-Guide_latest1
Title: Transition Guide

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1
Title: What's Up

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/about-us#about/
Title: Our Mission

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/about-us#history/
Title: Our History

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/member-services
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/directory
Title: Staff Directory

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/archives
Title: Archive Services

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/reprint-permissions
Title: Reprint Permissions

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/web-notice
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/stripeslite
Title: Stripes Lite

Search URL Search Domain Scan URL

URL: https://dodcio.defense.gov/DoDSection508/Std_Stmt.aspx
Title: Accessibility ⁄ Section 508

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstwQ3yhOdAGOg1lEYf5gWtGcRFqDV7UiaB60kesbR8J5ePmdl_FvkHj8Dwb4hLBBs_Onrus1YF2DK8EjczRl2x8rYzUZ0Ua9r4-z2kii5YEEh0hHH6fdkWvKxHVMmq-rs7PM_8Ho81nNMD8Tp36wuVEpgyr_CdiNErZNxWeg9_v6QlFZNKJc8zt9GJes6qkXGG6-ssX6Z0puD-vIqJPSinjMqC9za4zSKkD3sU6OklIg_PNYR5PMCOGIMwSJvoJp7qEwBFMe-jzfz_NkiK1qdXu8hxfBkfu5sSXg-BDwfSVd3oJ49h3oGI0BcU&sig=Cg0ArKJSzHfF4Nr7F8plEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://commissaries.com/come-home-to-holiday-savings

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/141495/connatix.player.dc.js

Request Chain 31

https://epub.stripes.com/?issue=Stripes-Europe_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg

Request Chain 32

https://epub.stripes.com/?issue=Best-of-Pacific_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg

Request Chain 33

https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg

Request Chain 34

https://epub.stripes.com/?issue=Best-of-Germany_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg

Request Chain 35

https://epub.stripes.com/?issue=Transition-Guide_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg

Request Chain 36

https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg

Request Chain 37

https://epub.stripes.com/?issue=GSS_GSS_latest&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=GSS_GSS_071221&page=small.jpg

Request Chain 153

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=YUZRwnxwdjlaTU9jZUJrTWQwZWxQaGkrVlM1eXpzZWRrRkgxT0duMVpvaDE5Nkc2blFNakRNSHRqNFFUVjlLVW91SWpFWEtjRHpRT01uWk5qMHdWTDUzcm1vR2JRUEsyVFBHRmFPTjNXSjMra1lGQ2srREpXK05SeFF5alNYZ0dtdWp6MmNDTUVlNDB1d3YwZTEzQStsenhnV2ZqSGZKSGUwK2JVOTZHd01RL0w4YndpWStWM2FISlViM044TFB6YjU2NEpheWhEMEV3TTF6aG5pT01VS1Z3QU5Yb1JqTkNXc0ltb1VHZHlnQ0VsQS9nPXw&cppv=2

Request Chain 338

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638880186076-952371687883-005920-000-002504%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1638880186076-952371687883-005920-000-002504%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1638880186076-952371687883-005920-000-002504&biddername=55&key=4335068151476890128

388 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request report-russian-hackers-spying-efforts-3877293.html Show response
www.stripes.com/theaters/europe/2021-12-06/ 86 KB
87 KB 970ms
668ms Document
text/html 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 75ca6e4df5f950548999b639ae01f27ba0b74bd5648a67c08ab92f801edcfa7a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Dec 2021 12:29:42 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.1
x-request-id: a8349597-382b-4bca-a81c-e430c61cd508
last-modified: Mon, 06 Dec 2021 21:44:06 GMT
etag: W/"cfa2a0dd1497b1c0184bdfd5dc0c616c:25"
x-cache-backend: web1
x-varnish: 33003571
age: 0
via: 1.1 varnish (Varnish/5.2)
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1
x-cache: MISS
accept-ranges: bytes

GET
H2 200 ad.js Show response
www.stripes.com/theme/js/ 3 KB
3 KB 190ms
189ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/ad.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: ae5f478837031e705c3b4542b833f76979fcd122da5be00bc8e483e65ffb774c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:42 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 12 Aug 2021 13:32:36 GMT
server: nginx/1.20.1
age: 284
etag: "611522f4-b00"
x-cache: HIT #73/284s
x-varnish: 33003573 35460820
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 2816
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.0/ 91 KB
33 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 16:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33140
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Dec 2022 16:21:50 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 56ms
8ms Script
application/x-javascript 2600:9000:2057:ce00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ce00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:24:51 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:17:06 GMT
server: nginx
age: 292
etag: W/"6179ec02-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GbLDFAGZmVuJPTybtTVmHCrl37PNUrQH-pTfcaPdwJAuPEC6EggLIw==
expires: Tue, 07 Dec 2021 14:24:51 GMT

GET
H2 200 ltm0ibz.css
use.typekit.net/ 7 KB
1 KB 46ms
7ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ltm0ibz.css

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

06d35a9ff5c57d6b6a4175f5c8cd4fe62db29f6217f8aa695ee6a19d404a3bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 07 Dec 2021 12:29:42 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 954

GET
H2 200 layout.css
www.stripes.com/theme/css/ 173 KB
174 KB 100ms
99ms Stylesheet
text/css 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/css/layout.css
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 3e52eb23477a407a5206fe459e5bac03ac80ba94bf7505f50cc6db89bef5fece

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:42 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 02 Dec 2021 14:56:49 GMT
server: nginx/1.20.1
age: 143
etag: "61a8deb1-2b559"
x-cache: HIT #37/143s
x-varnish: 32251134 34641027
x-cache-backend: web1
accept-ranges: bytes
content-type: text/css
content-length: 177497
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 font-awesome-all.min.css
www.stripes.com/theme/css/ 58 KB
58 KB 190ms
189ms Stylesheet
text/css 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/css/font-awesome-all.min.css
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:42 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 21 Oct 2021 14:19:41 GMT
server: nginx/1.20.1
age: 176
etag: "617176fd-e7d0"
x-cache: HIT #41/176s
x-varnish: 19528055 23958883
x-cache-backend: web1
accept-ranges: bytes
content-type: text/css
content-length: 59344
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 stripes-logo-black.svg
www.stripes.com/theme/images/ 19 KB
19 KB 113ms
103ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/images/stripes-logo-black.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 786608e1d8ab9470008057634c4724717661f6f23c71299952812c80a0d195b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 01 Jul 2021 16:50:58 GMT
server: nginx/1.20.1
age: 92
etag: "60ddf272-4a32"
x-cache: HIT #25/92s
x-varnish: 33822532 31729973
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 18994
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_twitter.svg
www.stripes.com/theme/icons/ 517 B
805 B 112ms
102ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_twitter.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 0adba3a8e675d262942cd7c59f61fa77dac5f4208ec40f4ea8c371fe23de681a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 222
etag: "60a5e7ec-205"
x-cache: HIT #46/222s
x-varnish: 32251136 34114012
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 517
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_facebook.svg
www.stripes.com/theme/icons/ 391 B
680 B 113ms
103ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_facebook.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: ed838fb7bff02044f6fac6255ee96e585e9262f980074d4c5124e037c7560461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 109
etag: "60a5e7ec-187"
x-cache: HIT #24/109s
x-varnish: 35488354 23274765
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 391
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 12-6-21%20russia%20hackers%20ap.jpg
www.stripes.com/incoming/h4zbnk-12-6-21-russia-hackers-ap.jpg/alternates/LANDSCAPE_910/ 69 KB
69 KB 124ms
114ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/h4zbnk-12-6-21-russia-hackers-ap.jpg/alternates/LANDSCAPE_910/12-6-21%20russia%20hackers%20ap.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 46f975127b0271949b852ac0000962cad7abd905b7c3823fb9e95fd705db3ea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Mon, 06 Dec 2021 15:37:34 GMT
server: nginx/1.20.1
age: 0
etag: "1638805419.576381-70567-3224967988"
x-cache: MISS
content-type: image/jpeg
x-cache-backend: web1
cache-control: public, max-age=43200
x-varnish: 30577007
accept-ranges: bytes
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1
x-request-id: 38dced95-5bd7-4f41-a60a-385349ed261d
expires: Tue, 07 Dec 2021 18:29:34 GMT

GET
H2 200 icon_email.svg
www.stripes.com/theme/icons/ 587 B
874 B 115ms
105ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_email.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d22b82ea285890ccc7f07c9d088ee0b8dfce954a7ba6edee0aa172ebb008aba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 71
etag: "60a5e7ec-24b"
x-cache: HIT #12/71s
x-varnish: 19528058 28518404
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 587
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_copy-link.svg
www.stripes.com/theme/icons/ 699 B
986 B 114ms
104ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_copy-link.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: c6e73dfccc73993c0049628cde8275d770a65a7db1e91cb51e22e19471163e4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 42
etag: "60a5e7ec-2bb"
x-cache: HIT #9/42s
x-varnish: 32251137 17058476
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 699
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_print.svg
www.stripes.com/theme/icons/ 591 B
881 B 116ms
107ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_print.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a995e987ced454f9eef260cc88c42417619a2d043edceec971eeb8c7a0760c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 196
etag: "60a5e7ec-24f"
x-cache: HIT #36/196s
x-varnish: 34644494 34772443
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 591
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_add-this.svg
www.stripes.com/theme/icons/ 509 B
795 B 114ms
104ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_add-this.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 7b8100025a6d492ac82579830ad0951e275ab2963c29327f70704611c3f31376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 1
etag: "60a5e7ec-1fd"
x-cache: HIT #2/1s
x-varnish: 23682550 24550364
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 509
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 150ms
52ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCJSRBS

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

870aef6972b6a4b2380708f4278b7b29cc6738fc5a35e546ff502dcb32ca6d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29658
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 12:29:43 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/141495/ Frame AF39
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/141495/connatix.player.dc.js

1 MB
232 KB

29ms
7ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/141495/connatix.player.dc.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e60582034f65d16de4f819915890368c95457aaa31fcc4359db38ca0463890ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 09:27:41 GMT
age: 10884
etag: "9e5437bb03a17e394d9d2738938ade90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 237330

Redirect headers

location: https://cds.connatix.com/p/141495/connatix.player.dc.js
date: Tue, 07 Dec 2021 12:29:43 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 6947738.jpg
www.stripes.com/incoming/j5bmtu-6947738.jpg/alternates/LANDSCAPE_290/ 11 KB
12 KB 116ms
107ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/j5bmtu-6947738.jpg/alternates/LANDSCAPE_290/6947738.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6f2dd9d0ab5064cfba034ce6b9c29ad004ce7848a2b98a23e74599bd47756617

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
age: 6590
x-cache: HIT #772/6590s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2
x-cache-backend: web2
content-length: 11586
x-request-id: 39835238-f261-4d6b-888a-92803af5a61a
last-modified: Mon, 06 Dec 2021 22:06:58 GMT
server: nginx/1.20.1
etag: "1638830237.9944081-11586-498537641"
x-varnish: 31496138 25041867
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 22:37:26 GMT

GET
H2 200 081221HAWAII-WATERphoto01.jpg
www.stripes.com/incoming/q04gxz-081221HAWAII-WATERphoto01.jpg/alternates/LANDSCAPE_290/ 12 KB
12 KB 114ms
105ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/q04gxz-081221HAWAII-WATERphoto01.jpg/alternates/LANDSCAPE_290/081221HAWAII-WATERphoto01.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a9ea961f8e82970a5b4424be715ff788e75a0178f5dd9112dc33ee60a6393fdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
age: 24669
x-cache: HIT #2188/24669s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2
x-cache-backend: web2
content-length: 11922
x-request-id: a7ea609c-4078-40bf-ad8a-9de4e48a35a0
last-modified: Tue, 07 Dec 2021 05:08:32 GMT
server: nginx/1.20.1
etag: "1638855454.3721447-11922-3448969868"
x-varnish: 36869848 31334103
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 17:37:34 GMT

GET
H2 200 071221LOMBRUMphoto01.jpg
www.stripes.com/incoming/ja1459-071221LOMBRUMphoto01.jpg/alternates/LANDSCAPE_290/ 14 KB
14 KB 117ms
108ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/ja1459-071221LOMBRUMphoto01.jpg/alternates/LANDSCAPE_290/071221LOMBRUMphoto01.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 780cf1454a40a7e90e55b3ad79e266a6278acbeebc5320f8014d268256243e53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
age: 4213
x-cache: HIT #519/4213s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2
x-cache-backend: web2
content-length: 14071
x-request-id: c84719cf-5958-4c75-8534-612278371253
server: nginx/1.20.1
etag: W/"0e21d80b90ef0534475bcc4aca0b1b95:25"
warning: 299 - "Cached although the response headers indicate not to do it!" "Tue, 07 Dec 2021 11:19:29 +0000"
x-varnish: 12210384 31593812
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 22:37:07 GMT

GET
H2 200 12-5-21%20leo%20and%20rudolph%20blitz
www.stripes.com/incoming/m434e6-12-5-21-leo-and-rudolph-blitz/alternates/SQUARE_100/ 2 KB
3 KB 115ms
106ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/m434e6-12-5-21-leo-and-rudolph-blitz/alternates/SQUARE_100/12-5-21%20leo%20and%20rudolph%20blitz
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 26a3448b13492179a8982952c2efcda0e7df69fc7eb55a36867f506941b88c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
age: 7957
x-cache: HIT #984/7957s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2
x-cache-backend: web2
content-length: 2497
x-request-id: ab22279b-c6d6-42a5-aac2-07097ea54152
last-modified: Tue, 07 Dec 2021 10:09:29 GMT
server: nginx/1.20.1
etag: "1638872225.2547336-2497-3092128229"
x-varnish: 36641891 33173988
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 22:17:05 GMT

GET
H2 200 6927339.jpg
www.stripes.com/incoming/xjyvug-6927339.jpg/alternates/SQUARE_100/ 3 KB
4 KB 118ms
109ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/xjyvug-6927339.jpg/alternates/SQUARE_100/6927339.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 259850f83e3a24cba1fea6a790b7658c126095659447a8d01f30dba16b7bb727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
age: 13747
x-cache: HIT #1392/13747s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2
x-cache-backend: web2
content-length: 3272
x-request-id: e518423a-0da7-4ddd-b2ef-3fe3c871cc34
last-modified: Fri, 03 Dec 2021 21:29:08 GMT
server: nginx/1.20.1
etag: "1638866416.1418316-3272-747574528"
x-varnish: 34114320 32997847
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 20:40:16 GMT

GET
H2 200 061221OKI-BELLphoto01.jpg
www.stripes.com/incoming/3a41m7-061221OKI-BELLphoto01.jpg/alternates/SQUARE_100/ 4 KB
4 KB 115ms
106ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/3a41m7-061221OKI-BELLphoto01.jpg/alternates/SQUARE_100/061221OKI-BELLphoto01.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6933126c960f29b96062ee13ff114dc584eb622a9e8ecb3502443d03eb87c810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
age: 14291
x-cache: HIT #1415/14291s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1
x-cache-backend: web1
content-length: 3834
x-request-id: 5867e89d-fca8-41ad-836b-7fdad1247055
last-modified: Fri, 03 Dec 2021 03:32:26 GMT
server: nginx/1.20.1
etag: "1638865891.9055135-3834-1351424186"
x-varnish: 33177583 33172175
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 20:31:31 GMT

GET
H2 200 icon_twitter-blue.svg
www.stripes.com/theme/icons/ 512 B
799 B 189ms
181ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_twitter-blue.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 21eb6119029f2c6a6bada03dc288b036f90a33d21d54484c9f3b1934e695e07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 53
etag: "60a5e7ec-200"
x-cache: HIT #7/53s
x-varnish: 12210385 26263118
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 512
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_facebook-blue.svg
www.stripes.com/theme/icons/ 463 B
751 B 187ms
179ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_facebook-blue.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 594c78bda3126ce363abbe3cea4ade221a042406e6961f7cc6e57d82ae5e15bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 126
etag: "60a5e7ec-1cf"
x-cache: HIT #18/126s
x-varnish: 30577009 23682282
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 463
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_coronavirus.svg
www.stripes.com/theme/icons/ 1008 B
1 KB 189ms
181ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_coronavirus.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: f1e25a67c85672b425315d6418b881db426ea8fe7b103f0f32dfa7bde1953472

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 126
etag: "60b93fc0-3f0"
x-cache: HIT #20/126s
x-varnish: 31496139 16987482
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 1008
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_camera.svg
www.stripes.com/theme/icons/ 462 B
751 B 187ms
180ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_camera.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 00694c22b65462919f7067f79231cc2d916f31c0276c2cf521ed5d9fca9392df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 126
etag: "60b93fc0-1ce"
x-cache: HIT #19/126s
x-varnish: 36641892 23682284
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 462
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_typhoon.svg
www.stripes.com/theme/icons/ 990 B
1 KB 195ms
188ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_typhoon.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 4f009bb37f58e77fd17b19201645f0d9b4a3bda5f5cd02ce426b1824eada501a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 126
etag: "60a5e7ec-3de"
x-cache: HIT #22/126s
x-varnish: 19528059 16987484
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 990
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_speech-bubble.svg
www.stripes.com/theme/icons/ 248 B
536 B 187ms
180ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_speech-bubble.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 545e6c6766ef438509eac05b9ee5165b7be7ad145178ccce6517c3a31d171c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 71
etag: "60a5e7ec-f8"
x-cache: HIT #7/71s
x-varnish: 33177584 34573895
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 248
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_newspaper.svg
www.stripes.com/theme/icons/ 442 B
730 B 195ms
189ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_newspaper.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 9ce64f411c03d71f1998fc920980b74b51ab42670d1aac8c0b6017cf041e5c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 64
etag: "60a5e7ec-1ba"
x-cache: HIT #6/64s
x-varnish: 35488355 16987580
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 442
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_comics.svg
www.stripes.com/theme/icons/ 574 B
862 B 187ms
180ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_comics.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 129f1bdf202d3fe70065aa13e821201cd22e8d4088d4dee3d13ad71b5f903b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 71
etag: "60a5e7ec-23e"
x-cache: HIT #10/71s
x-varnish: 36869849 34573897
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 574
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_report.svg
www.stripes.com/theme/icons/ 415 B
703 B 196ms
189ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_report.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 28a60f54b774bf33169679db4aa42ac5715a9e3e703a47420a1c9afcc7781f75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 92
etag: "60b93fc0-19f"
x-cache: HIT #16/92s
x-varnish: 33822533 32940766
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 415
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Stripes-Europe_latest1&page=small.jpg
https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg

22 KB
22 KB

273ms
269ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 7df648eb8dcd2ab8a07798dfae0448842682b16253a4d348be5fa47a956da8c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 21949

Redirect headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Stripes-Europe_170921&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Best-of-Pacific_latest1&page=small.jpg
https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg

34 KB
34 KB

277ms
274ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: e9953887eb310250b15b622eb85aa87fe1868db9cd86bcd09f4c9b71c345fdc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Best-of-Pacific_160721&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1&page=small.jpg
https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg

30 KB
31 KB

268ms
268ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: efd6f7d3912d8e7201c7df80b3d632ae03a1944cc1b3a47e7d9aea57eda3c461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 31140

Redirect headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Welcome-to-Pacific-JO_140521&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Best-of-Germany_latest1&page=small.jpg
https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg

32 KB
32 KB

263ms
263ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: c658ff53576fc6aaddd37277f911c657dea0ea05d273c7c5656031faa04a31dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 32142

Redirect headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Best-of-Germany_190221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Transition-Guide_latest1&page=small.jpg
https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg

33 KB
33 KB

260ms
259ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 59ba60596a51fcd5f9dfed3a4cf796227c8b0e416e6ddabc96e37cfb0c7df49e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Transition-Guide_111121&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1&page=small.jpg
https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg

23 KB
23 KB

262ms
261ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 432fe9d967d439d9f3fb4a499593238d4039491c1509a2d40fa182b3e19d98be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 23298

Redirect headers

Date: Tue, 07 Dec 2021 12:29:19 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Whats-Up-RHMN_011221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=GSS_GSS_latest&page=small.jpg
https://epub.stripes.com/?issue=GSS_GSS_071221&page=small.jpg

31 KB
32 KB

251ms
249ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=GSS_GSS_071221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: add8ad5f27d28f9ff3cb71641a6890b5431da4deca36a28e633ad1dbbaa0aff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:20 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 32022

Redirect headers

Date: Tue, 07 Dec 2021 12:29:20 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=GSS_GSS_071221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/ 60 KB
19 KB 39ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment.min.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2782366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18876
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-ef85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=El%2FB1E4AS%2BW481vYng0%2FbFn1n4IVVnYgMMNuJdCRXNYbSEyhWOd0Ohav73MlwvT6E2hyN9uE%2ByYcykkv7QgW6LhsaFMHrNfrybEcINNSaIkBD8dSXNzHkVqtqAsiGqB%2BcDkz5WZKLE%2F4KYiweJ0YQrri"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9dc2d8c8aa5b80-FRA
expires: Sun, 27 Nov 2022 12:29:43 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 32ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (frb/6752)
Age: 1323
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 192 KB
62 KB 82ms
18ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:44 GMT
server: AmazonS3
x-amz-request-id: AET1B99Y1JSJ8XHB
etag: "1b7539202658ec387521e3f67c07c9e2"
x-hw: 1638880183.cds149.am5.hn,1638880183.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63414
x-amz-id-2: JJpXZu9UCKE57slnnyrQkBqoIAiYy6hIDuMgTDtAI68cFCvZJWWxIsWqjTXqN9RcT6gy8bP1PCk=

GET
H2 200 sss.min.js Show response
www.stripes.com/theme/js/ 991 B
1 KB 100ms
95ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/sss.min.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d25cf1328a0760adaf95e35a9278df7a085c9c0a821faa05a75d7a3e482f7ed3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 53
etag: "60a5e7ee-3df"
x-cache: HIT #20/53s
x-varnish: 30577004 34114157
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 991
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 jquery.oembed.js Show response
www.stripes.com/theme/js/ 66 KB
67 KB 104ms
95ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/jquery.oembed.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 4f5210b63799c504ea7499a6d11733c9848fcc115a661c784059611d07d5de08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 123
etag: "60a5e7ee-10943"
x-cache: HIT #40/123s
x-varnish: 19528056 31595625
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 67907
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 main.js Show response
www.stripes.com/theme/js/ 4 KB
4 KB 112ms
101ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/main.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: da756438a59e52da1ab54dd8d5d602e8770c4f7e021df212c2d89ba563199719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 09 Sep 2021 13:36:54 GMT
server: nginx/1.20.1
age: 196
etag: "613a0df6-f7b"
x-cache: HIT #58/196s
x-varnish: 30577005 34640947
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 3963
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 embed-card.js Show response
www.stripes.com/theme/js/ 358 B
653 B 112ms
102ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/embed-card.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 2956f7b2aef18a4a79ac487f3a1d70cebc1a8a4352f7460b1048ec66e5028ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 173
etag: "60a5e7ec-166"
x-cache: HIT #51/173s
x-varnish: 19528057 32349163
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 358
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 poll.js Show response
www.stripes.com/theme/js/ 2 KB
3 KB 112ms
101ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/poll.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: b66de84a754ca07ce6dc6936fc3ee8c8a8c8046a3258d46bf83876eb286634e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 132
etag: "60a5e7ee-912"
x-cache: HIT #36/132s
x-varnish: 32251135 23585315
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 2322
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900001605/ 5 KB
3 KB 431ms
124ms Script
application/javascript 54.161.145.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900001605/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.161.145.16 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-145-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: dc3f80451d0f7ea4a7b07f0213894199596150d6a66f210e0d62dec1ccf15257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 2091

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 386 KB
113 KB 105ms
35ms Script
application/x-javascript 104.102.29.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.148 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-148.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0bec30fdc58f653275abe6e090a89e9ba89c52e8d20a66da1d4a14bb33a1b19c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:43 GMT
Content-Encoding: gzip
x-amz-request-id: SDS9ZRRXYGX89Y85
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: LKhlPCRcn5uXYuGwVOEZn154mY2TpSGj+ZNDHKWx8Alw2O6tJ7NECGRt9+Lyzy0mWANVhJm3wJo=
Last-Modified: Mon, 06 Dec 2021 15:30:59 GMT
Server: AmazonS3
ETag: "0d413afd66cdb5bb87f9538e1d9436b7"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 755212c0-9d5c-0138-7835-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 0
789 B 67ms
18ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/755212c0-9d5c-0138-7835-06b4c2516bae

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 07 Dec 2021 12:29:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: Fr541_iWeCyUj_BcqAQj
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 31 KB
11 KB 71ms
10ms Script
application/javascript 2600:9000:224a:f600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 81027
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
date: Mon, 06 Dec 2021 13:59:17 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: r3D5--LXy0h8gFLhlpGVdjoJYDQcZzTkd0K1wVh6ZAjS2SSjFfh-vw==

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 265 KB
67 KB 66ms
9ms Script
text/javascript 2600:9000:211e:6600:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6600:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f1819026c806a90d255de37b5dcbaa697ebe215f13dfbe3c11466846de16c60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:47:18 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:13:20 GMT
server: AmazonS3
age: 24146
etag: "06d52f4a258d8948be6b5af90ded068a"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 68278
x-amz-cf-id: csNo0D6Q4t_cTNB29uvL15SMq1pS9oYnhjeZP-HXgOB-lX-bzrs6Bw==

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 128 KB
46 KB 54ms
12ms Script
application/javascript 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Nov 2021 15:14:40 GMT
Server: AmazonS3
Age: 49
ETag: W/"7ab9fd3318ef228deb0ec630a29c7cbe"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6ee47dd27ca379a812104b559e9a5a23.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: f8hnpFwvDLwAp_yD4XrO2t2fcBdCtC4T7KCeo84tP7iKZJKUMq9E3Q==

GET
H2 200 newsletter-popup.js Show response
www.stripes.com/theme/js/ 369 B
664 B 113ms
102ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/newsletter-popup.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 7f347580a7b031cfa6fc35eb046691b615875a9a791e75be3e39b821949ea600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 22 Jul 2021 13:36:32 GMT
server: nginx/1.20.1
age: 138
etag: "60f97460-171"
x-cache: HIT #39/138s
x-varnish: 33003574 35297796
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 369
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 57ms
20ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Tue, 07 Dec 2021 12:29:43 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 esi-parser.js Show response
www.stripes.com/theme/js/ 5 KB
6 KB 112ms
101ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/esi-parser.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a7b96aae8e27bf932c36b6d28d81ff38091c23b43165c59da9272dc3d0eda219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 16
etag: "60a5e7ec-151e"
x-cache: HIT #7/16s
x-varnish: 30577006 36215422
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 5406
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
36 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b43bd7d3b3069d34e7ea9b5a17a757a67f365f0fab7f02856d21325f4af4f3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37117
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:29:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3BD5CQRB6

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f88d1df8255b0159cd8f7bff021d48ed5883478ded353d44a5c9c488ff3248d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61883
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:29:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theme/js/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 867 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27030
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 12:29:43 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 10ms
10ms Script
application/x-javascript 2600:9000:2057:ce00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ce00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:52:13 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 5850
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Ypj74_8dEpf7Q9_XEjT-84P_ozFxbAsIAN44vIaLoNQMMUgADckkVg==
expires: Tue, 07 Dec 2021 12:52:13 GMT

GET
H2 200 v2zjsA7dXRGaOflwAf-P7adywfX-wHbRgVK7j9pAo5dE7A23d3SaObk4__kJ66vgn Show response
unwieldyhealth.com/ 103 KB
30 KB 156ms
26ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2zjsA7dXRGaOflwAf-P7adywfX-wHbRgVK7j9pAo5dE7A23d3SaObk4__kJ66vgn

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

498ee13b360cbcc0dd94cdc550886419b846cf51bb617a879d759f4952d4b20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "0bcd02cf05f69f3f45655a94400ef1cdaff291ffdc805dec132bb67f2d6f714f"
vary: Accept-Encoding, Accept-Language
x-hostname: 26187baf
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 07 Dec 2021 12:29:43 GMT
timing-allow-origin: *

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 57ms
17ms Stylesheet
text/css 2a02:26f0:fb:5ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ltm0ibz&ht=tk&f=4750.5022.5035.5178.5310.5416.13728.13732.13741&a=23587097&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
last-modified: Thu, 17 Jun 2021 12:46:06 GMT
server: nginx
etag: "60cb440e-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/a1f0a7/00000000000000007735ab08/30/ 15 KB
15 KB 44ms
10ms Font
application/font-woff2 2a02:26f0:ef::5c7b:c209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a1f0a7/00000000000000007735ab08/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a269fb78e485537faa03fc97623ac40f73045e9bb3bbdffe99f791e2c42388c7

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
server: nginx
etag: "b572f0bd95b8852b4b5cc172a1eca0f4af231e96"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15516

GET
H2 200 l
use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/ 24 KB
24 KB 43ms
11ms Font
application/font-woff2 2a02:26f0:ef::5c7b:c209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c28538ecd935a02cfe6a710b9d5222934f7d089617d6946da5ac2d28eecf4403

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
server: nginx
etag: "627a859e573624681b7c0bd15fd678fc8c9b8590"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24212

GET
H2 200 l
use.typekit.net/af/eae76c/00000000000000007735ab13/30/ 15 KB
15 KB 44ms
13ms Font
application/font-woff2 2a02:26f0:ef::5c7b:c209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eae76c/00000000000000007735ab13/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5f671f08f9fb9359472f84a258dfbf3b6345842b2a694e9f76ea8f728db788c8

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
server: nginx
etag: "e3f91c477dd19e9a0fedbace5e88820ce219a983"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15088

GET
H2 200 l
use.typekit.net/af/cfd773/00000000000000007735ab07/30/ 15 KB
15 KB 49ms
18ms Font
application/font-woff2 2a02:26f0:ef::5c7b:c209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfd773/00000000000000007735ab07/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8eba40f39772c493ecc0fd53cdd43d1f5dffc562d3436c55763d70bc82280a58

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
server: nginx
etag: "4c9391c3cb3a51e8c1761375e24a182226b1d64d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15372

GET
H2 200 l
use.typekit.net/af/3058a4/0000000000000000773599a9/30/ 22 KB
23 KB 46ms
15ms Font
application/font-woff2 2a02:26f0:ef::5c7b:c209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3058a4/0000000000000000773599a9/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
server: nginx
etag: "59a89fb61f21a3edac30327928f715dcac504cdb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23004

GET
H2 200 fa-solid-900.woff2
www.stripes.com/theme/webfonts/ 78 KB
79 KB 104ms
104ms Font
font/woff2 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/webfonts/fa-solid-900.woff2
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theme/css/font-awesome-all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer: https://www.stripes.com/theme/css/font-awesome-all.min.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 94
etag: "60a5e7ee-1397c"
x-cache: HIT #11/94s
x-varnish: 32251138 31561883
x-cache-backend: web2
accept-ranges: bytes
content-type: font/woff2
content-length: 80252
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H/1.1 200
OK si
capi.connatix.com/tr/ 0
188 B 2072ms
1752ms Image
application/json 3.13.244.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=22487b42-1752-47d3-8988-89edc0ddfb08
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.244.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-244-143.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
access-control-allow-credentials: true
server: Kestrel
Connection: keep-alive
Content-Length: 0
content-type: application/json

GET
H2 200 player.css
cds.connatix.com/p/141495/ 53 KB
8 KB 12ms
11ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/141495/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7f7a2dc8aba3c3e447f512c5db932f05241c1441b2188d87abf759b1a85295c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 09:27:41 GMT
age: 10885
etag: "eb561df918de3fc2dbd966c4d0470447"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8321

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 233 B
531 B 58ms
7ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=stripes.com&domain=stripes.com&path=%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6f084fa4ecbadf7b5887620d8b44f6149f59af100727265daa8d15894e90a44b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
x-cache-hits: 1
age: 2714
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 178
x-served-by: cache-hhn4037-HHN
access-control-allow-origin: *
x-timer: S1638880183.330826,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 05 Dec 2021 11:44:29 GMT

GET
H2 200 / Show response
trinitymedia.ai/player/pulse/2900005504/ Frame 6508 6 KB
4 KB 282ms
113ms Document
text/html 54.161.145.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.161.145.16 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-145-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6147eea13d4f14607c06b5aba754c8d079dd2431dd6a663d175fed882a6658a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-type: text/html;charset=UTF-8
content-length: 3074
server: Apache
cache-control: no-store
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 newslettersignup-bg.jpg
www.stripes.com/theme/images/ 33 KB
33 KB 101ms
101ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/images/newslettersignup-bg.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theme/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 0641c5c4150eec9082db44493a7168d300718a478e28b628c37f766b2bf83aa4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theme/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 0
etag: "60a5e7ec-8242"
x-cache: MISS
content-type: image/jpeg
x-cache-backend: web1
x-varnish: 33822534
accept-ranges: bytes
content-length: 33346
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 l
use.typekit.net/af/c00e0b/0000000000000000773599ad/30/ 22 KB
22 KB 11ms
10ms Font
application/font-woff2 2a02:26f0:ef::5c7b:c209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c00e0b/0000000000000000773599ad/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3d396c4d9cb7175c15080c9f60c5af11eace9815f2a39cabdc3b2679df39b2d8

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
server: nginx
etag: "e1769aec92cb7819665871889d342767f1277ab4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22640

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame AF39 6 KB
4 KB 464ms
125ms XHR
application/x-protobuf 3.13.244.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.244.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-244-143.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: b170075bd0509f3f50ca61b605af20662a72452b972eb4a2fa0792700482fac8

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 3730

GET
H2 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
117 KB 131ms
47ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 12:29:43 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
716 B 135ms
50ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.stripes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00479816b3ec247bebe149cc083fb40db68e7c3bae96998c67d0dd666d509c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:29:43 GMT

GET
H2 200 app.js Show response
vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/ Frame 6508 854 KB
230 KB 89ms
19ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: fcfae5623bd5f8b47ad998684ef0c9230258a6415a9fe3699dfb44601a6b557c

Request headers

Referer: https://trinitymedia.ai/
Origin: https://trinitymedia.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 10:13:17 GMT
server: AmazonS3
x-amz-request-id: WDGT4PXTXZ836HFX
etag: "582bed967074c94d3313cda93307ecbb"
x-hw: 1638880183.dop237.am5.t,1638880183.cds290.am5.hn,1638880183.cds114.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 234938
x-amz-id-2: uDO2hgZ3Wy/RU2Ko9LDyXFqNK4WEC3WXvkZ21f+nsufPVLQFiySulQOSs2ijWM1K4b09uvOHd8w=

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/ 319 KB
49 KB 130ms
62ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001605/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: f10c2ef28bc741f9ffd0a2eb720cc51407d45e6c6b4c5897cbc742ff9a8d590a

Request headers

Referer: https://www.stripes.com/
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 10:13:15 GMT
server: AmazonS3
x-amz-request-id: EHN47TXEEDNEP6Z6
etag: "e87850ff89db5081afccae0397ae4582"
x-hw: 1638880183.dop237.am5.t,1638880183.cds290.am5.hn,1638880183.cds122.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49629
x-amz-id-2: PmFXz9kdNmYexxvtqSnrZdLmHvNQyfOXq0b9lmA19+3saQMyeQ8BwKB7ncaUn86TpPojHKmJq6Q=

GET
H/1.1 200
OK format.js Show response
cdn.teads.tv/media/ 107 KB
36 KB 167ms
14ms Script
text/javascript 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.teads.tv/media/format.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7537c0d704d7f0d6b79f06f3335e189f39168ef66c0aafe0f4b4643b6143c924

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 14:15:11 GMT
Server: AmazonS3
x-amz-request-id: CV6ME66X65ABRJGQ
ETag: "4a63743cc5bc95870e096fabaaf59f91"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: max-age=96
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 36760
x-amz-id-2: /j6Z6zTKxi7p2Fq0tZmM8HY5WaVn4wdoiWEvPgegQ0fZcnB3xs3Dcg0sqxS9S/on9eByyfQnUHA=

GET
H2 200 form-settings Show response
mc.us2.list-manage.com/subscribe/ 2 KB
2 KB 293ms
173ms Script
application/json 104.89.22.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us2.list-manage.com/subscribe/form-settings?u=f141047f5265cca1bca1a0c28&id=0ab8697a7f&u=f141047f5265cca1bca1a0c28&id=0ab8697a7f&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.89.22.184 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-22-184.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 2f4629aee73fb98ef3be17dc61010858661ca7a569706ae546916ddbb29163a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
referrer-policy: same-origin
server: openresty
vary: Accept-Encoding
content-type: application/json; charset=utf-8
expires: Tue, 07 Dec 2021 12:34:44 GMT
cache-control: max-age=300
content-length: 929
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 3 KB
1 KB 163ms
75ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-europe&sz=6x1&c=5085581298&m=text/javascript

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

39982a8e0e9585a43a57d738eeb5fc33fdbb5b02d140e7321a9671f522836c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 751
x-xss-protection: 0
google-lineitem-id: 5828607266
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373224122
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 169ms
93ms Script
text/javascript 46.137.184.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.184.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-184-71.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 0a7cd306c50dcbb5dc160c0b4b6d16432a71d229efa0806553c0fa9402e71066

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 890
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 23 KB
6 KB 63ms
9ms XHR
text/plain 2600:9000:2156:6800:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0aec59c0803f49421ffcc6011dc42f89fc1b8f08d525116f1a348b25f362c942

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 10:55:30 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 10:54:20 GMT
server: AmazonS3
age: 5654
etag: W/"ae71ccb26170052ef12b62d80459df1f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: d8ou01vwBviRF0WLC67d8U0IVNK86vg8794jIuY5d3gwMRb-9KBPEw==
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 188ms
146ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:43 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 145ms
145ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.stripes.com/
Bugsnag-Sent-At: 2021-12-07T12:29:43.662Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: 6a718baeb7a9a3b44b6047423cea023a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:43 GMT
via: 1.1 google
bugsnag-session-uuid: c4a66bd5-326a-4dd2-95da-c1d5807ce4f8
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 3A7C 42 KB
15 KB 41ms
10ms Document
text/html 2600:9000:224a:f600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62e9a0d0147f7293806755528e5777e0a138386a9020049c039cb2735b80d613

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

content-type: text/html
date: Tue, 07 Dec 2021 05:05:43 GMT
last-modified: Sun, 21 Nov 2021 12:17:53 GMT
etag: W/"a602e0797ed12b929b825522f0044c3a"
x-amz-version-id: 4rqYHrMhihq8E.nYI35gRFVBXpN.exIW
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Ij3DHdN5pxcPnA9YfyBs3uVt4x-NeidXo3E5XMuyaIgWUqzSQPsIUQ==
age: 26640

POST
H2 200 collect
depart.trinitymedia.ai/api/ 0
0 116ms
8ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame AF39 0
316 B 107ms
107ms XHR
application/x-protobuf 3.13.244.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.244.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-244-143.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
26 KB 97ms
49ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 799 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27030
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 12:29:43 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ Frame AF39 852 B
689 B 43ms
7ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b7e48c138e4a89704f115dce26161a11723921358d5021fd40095c1463f62d25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:43:28 GMT
age: 1516201
etag: "22e82baa3451d58ece0cc49e9ffdd561"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 598

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AF39 374 KB
124 KB 905ms
904ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:29:44 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/ Frame AF39 649 B
571 B 25ms
7ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 436a16ee0cec77e60f40d2183ffe0a550a673f36ed9cd338183d2ec512c7113a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 10:04:47 GMT
age: 556656
etag: "ee6acc73696bdb482a28cbd30672b035"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 480

GET
H2 200 3_media.bin Show response
vid.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/ Frame AF39 774 B
790 B 24ms
6ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a3047b6acf0c2384e67db5839544faaf6f593ff62ced8d38d418d63650cf767a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:57:14 GMT
age: 1686203
etag: "e5c30d159939f2a879ae80ea05ccea69"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 553

GET
H2 200 2_media.bin Show response
vid.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/ Frame AF39 639 B
535 B 25ms
8ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: beb708126effaa6d24be5caa1736fe0caad6775e8ae88630af8a489d9effff4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:31:55 GMT
age: 1246910
etag: "b563b46c5f47c9d47cff3e2dd828623c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 443

GET
H2 200 2_media.bin Show response
vid.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/ Frame AF39 697 B
595 B 25ms
7ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 22f285b13c847acfae37b653367aec4453e570bd7d61158422db8cb1c792b3de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:28:21 GMT
age: 2291577
etag: "3a8707752cfffc75b70b5341333df4c6"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 503

GET
H2 200 2_media.bin Show response
vid.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/ Frame AF39 581 B
660 B 27ms
10ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b5a6c2327ddb59d4323e1159dca0f60b36fd0d53a37311361d562cdfefde34e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:23:05 GMT
age: 1689978
etag: "a1d399ed504b799427c2cc0fc871292a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 429

GET
H2 200 2_media.bin Show response
vid.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/ Frame AF39 854 B
654 B 25ms
8ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1de247a80c68ee0c81d7dc38982eca90e34e4dd39d9a1ce6a83a5ca5241fb336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:28:53 GMT
age: 1689978
etag: "033ed44cabc23d7efee8014ab2ad3d51"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 569

GET
H2 200 3_media.bin Show response
vid.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/ Frame AF39 326 B
385 B 24ms
7ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c263104b538a4ee08d885431b5f576e8ff68e9ce2d57df821c8e6bb917bfc159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 07:50:51 GMT
age: 1689978
etag: "35c7e9de562330852a3eac3e15ca7eaa"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 293

GET
H2 200 2_media.bin Show response
vid.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/ Frame AF39 374 B
409 B 26ms
10ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c638ddbf6cd3019073fd3a9bb98bcc425e085c7e100ab65d11a6b12030f7e43d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 23:06:44 GMT
age: 1157949
etag: "d5281272e3aaba9909a1c47493594190"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 318

GET
H2 200 2_media.bin Show response
vid.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/ Frame AF39 429 B
451 B 24ms
8ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4903dd620e413c6ea166611db7586c9cb2e7d1a557c98053e8c99537a5f18fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 10:04:35 GMT
age: 33064
etag: "a82d6722dcc7f8107b56e192dc305a09"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 361

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 3 KB
2 KB 105ms
30ms XHR
application/json 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=905&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe31c3672f7d2135a661367f3114cc9e37a60eb368f0f1032c8f8f4cf80efcc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 94
content-type: application/json
content-length: 1267
x-ua-compatible: IE=edge
last-modified: Tue, 07 Dec 2021 12:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
cache-control: max-age=0, public, s-maxage=60, max-age=0
accept-ranges: bytes
cf-ray: 6b9dc2ddaf9442fd-FRA

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 6508 0
0 10ms
10ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 rss Show response
delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/ Frame 6508 33 KB
8 KB 93ms
22ms Fetch
application/xml 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: f4d533afe3ad0c3274417d810b8766fd3e2350a7cfcdcb119c3bbc810d4f0e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
x-hw: 1638880183.dop156.am5.t,1638880183.cds259.am5.hn,1638880183.cds112.am5.c
content-type: application/xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=167
accept-ranges: bytes
content-length: 7981

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 6508 0
0 11ms
11ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 15117444711140237065
tpc.googlesyndication.com/simgad/ 80 KB
81 KB 131ms
40ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15117444711140237065?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6903418cd2cda134ffc4048149352b8d5cb27928117a0d204ea27e73e448f48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:57:06 GMT
x-content-type-options: nosniff
age: 419558
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82320
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:54:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 15:57:06 GMT

GET
H2 200 5632065328601309286
tpc.googlesyndication.com/simgad/ 19 KB
19 KB 165ms
97ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5632065328601309286?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f6d6747a20379285899eb273e878ce5e180fc9e8aa5463c5b00989f23a1beb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:57:06 GMT
x-content-type-options: nosniff
age: 419558
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19660
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:54:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 15:57:06 GMT

GET
H2 200 13711484568623043557
tpc.googlesyndication.com/simgad/ 89 KB
89 KB 167ms
167ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13711484568623043557?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b110085568edfe15a234de5f8bda3a838be46dfeaea429c9be7abb483c2a08b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 588918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91336
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 17033718985352900333
tpc.googlesyndication.com/simgad/ 22 KB
22 KB 144ms
143ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17033718985352900333?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3cd4238bdd3dcd7e0710d584323a16a922ca222a7f6c632a3b4c45aaac3aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 588918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22656
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 17163776189481263682
tpc.googlesyndication.com/simgad/ 31 KB
31 KB 159ms
158ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17163776189481263682?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a5bd42df0226330e4a8f965446c7d5536a11c166ac0472f47ce9948379b1470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 588918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32056
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 9150966138789081389
tpc.googlesyndication.com/simgad/ 44 KB
44 KB 187ms
187ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9150966138789081389?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a090ab7df6161fa67c307f4aa50667bf976b80226dada40fdfaedbcb007922ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 588918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45056
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 23ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51378
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 47ms
7ms Image
image/gif 2600:9000:236e:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299b.cloudfront.net (CloudFront)
age: 10613710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: eS-GP7VzbNyx8zg15hiAL1bYKrWAMUoo1ALxrljT4RTW5MgbTi7opw==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 165 KB
53 KB 33ms
9ms Script
text/javascript 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:19:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1416-29219-5c85dc6abdd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=158076
accept-ranges: bytes
content-type: text/javascript
content-length: 54050
expires: Thu, 09 Dec 2021 08:24:20 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 3B96 319 KB
103 KB 10ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 58361
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Dec 2021 12:29:43 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 css2
fonts.googleapis.com/ Frame 1718 2 KB
967 B 134ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-injector-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 11:26:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 12:29:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 12:29:44 GMT

GET
H2 200 trinity-player.php Show response
trinitymedia.ai/player/ Frame 9BAA 8 KB
5 KB 126ms
126ms Document
text/html 54.161.145.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=7fe08c7b-d555-4a65-9bd5-8d47b96fa8ec&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-injector-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.161.145.16 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-145-16.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b090602c7c93babde789fd109cd241a6ebab0294cf90d2b447390dc8e5355d80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-type: text/html; charset=UTF-8
content-length: 4384
server: Apache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/stripes/ 7 KB
2 KB 207ms
205ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/stripes/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abdf35269b8e8f726d2a7f79d31a8323212d7b48f10bacc3632ae5334531922e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
etag: -623866452--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=56, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1457

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 166ms
166ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61af53b7f91b043b&bkl=0&bl=1&pdt=1067&sid=61af53b7f91b043b&pub=stripes&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.stripes.com&fp=theaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=report%2Crussian%2Chackers%2Cspying%2Cefforts&colc=1638880184047&jsl=139281&uvs=61af53b792f22446000&skipb=1&callback=addthis.cbs.jsonp__41695396604264380
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5fd90a2ed6baa6ccaebe709784ccb23c9b8a2091df8bf5067fb77982e5d8ec73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame E920 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame F3A2 71 KB
26 KB 11ms
11ms Document
text/html 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 07 Dec 2021 12:29:44 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 142ms
36ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5317
date: Tue, 07 Dec 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 13:01:07 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S3BD5CQRB6&gtm=2oec10&_p=1593430977&sr=1600x1200&ul=en-us&cid=939030640.1638880184&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&dt=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&sid=1638880184&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3BD5CQRB6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TCBWEF5WWR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

272fb57309f383ef7395d61d54dccd2acea256451a4f0082792a8eb3dc412b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61860
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:29:44 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 323ms
100ms Image
image/gif 3.213.192.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=stripes.com&p=%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&u=B-_VRjCGPRpwgw7gx&d=stripes.com&g=66270&g0=Europe&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6221&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2162&t=BsO7CxwtWR9CHO8dcBvexGLBCJjHE&V=129&i=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&tz=0&sn=1&sv=BXMaz9CklNh6D-RsveD16ns9CjuKQr&sd=1&im=06530c4f&_
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.192.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-192-247.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 602 KB
132 KB 126ms
10ms Script
text/javascript 2a02:26f0:fb:1b2::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js?202112712
Requested by: Host: cdn.teads.tv
URL: https://cdn.teads.tv/media/format.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:1b2::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: 8ZZDJW72R072WZPJ
content-length: 134154
x-amz-id-2: thqpYhzihpY5Gp49Icg4OHWlEZtw6roj6/FX85qZDljH8qObzpgksMSQiIM1pVo2RN9fZdKyOws=
last-modified: Wed, 01 Dec 2021 14:15:44 GMT
etag: "0f5a10a3dedcbbaf710854a2c3f5c144"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 3
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 07 Dec 2021 12:59:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 153ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.stripes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.stripes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 213 KB
32 KB 131ms
130ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4306913567837946&correlator=4405564024335861&output=ldjh&impl=fifs&eid=31063902%2C31063740&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=267968996%2CStripes_BigBoard1%2CStripes_BigBoard2%2CStripes_BigBoard3%2CStripes_BigBoard4%2CStripes_Leaderboard1%2CStripes_Leaderboard2%2CStripes_Article1%2CStripes_Mobileleaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C950x153%2C728x90%7C950x153%2C300x250%2C320x50&prev_scp=sitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe&cookie_enabled=1&bc=31&abxe=1&lmt=1638827046&dt=1638880184173&dlt=1638880182928&idt=1216&frm=20&biw=1600&bih=1200&oid=2&adxs=1145%2C-9%2C1145%2C1145%2C436%2C-9%2C460%2C-9&adys=551%2C-9%2C1676%2C1738%2C0%2C-9%2C2792%2C-9&adks=375948347%2C776567965%2C91974798%2C2250346662%2C1986035644%2C3310605779%2C2234984028%2C3821501628&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0%7C0x-1%7C300x0%7C300x0%7C1600x90%7C0x-1%7C909x0%7C0x-1&msz=300x0%7C0x-1%7C300x0%7C300x0%7C728x90%7C0x-1%7C300x0%7C0x-1&ga_vid=939030640.1638880184&ga_sid=1638880184&ga_hid=1593430977&ga_fc=true&fws=4%2C2%2C4%2C4%2C4%2C2%2C4%2C2&ohw=1600%2C0%2C1600%2C1600%2C1600%2C0%2C950%2C0&btvi=0%7C-1%7C1%7C2%7C0%7C-1%7C3%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f800ef1f45b5f2af69164599ed59bd68c3a5d913a9a0bb388fa5aeda32272fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33044
x-xss-protection: 0
google-lineitem-id: 5807947855,5835259361,5796972437,5796972437,5806742154,4373423010,5848058581,5437597430
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369114861,138371269602,138364920380,138364920377,138369075731,138224497700,138373969390,138318881194
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC37 6 KB
4 KB 228ms
46ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:29:44 GMT
expires: Wed, 07 Dec 2022 12:29:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 3A7C 117 B
872 B 153ms
152ms XHR
application/json 2600:9000:223e:e200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:e200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

67f3773a574b4b49fffb39c0f4096a275f6a5ac9db224ee2c6f38a0b1d420505

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 117
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Tue, 07 Dec 2021 12:29:44 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: xTLJOgVrU1Vbl7ASxGyJDbiIQSScv9LNHERkeDobO56fwAZK3Ruf0Q==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 227ms
152ms Preflight 2600:9000:223e:e200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:e200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: sz4uARIPg8Z3QuadwglF-px6eD-Rq8vcc1YqqF43i9TmpL_G533glA==

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame AF39 0
316 B 110ms
110ms XHR
application/x-protobuf 3.13.244.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.244.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-244-143.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame AF39 0
316 B 216ms
108ms XHR
application/x-protobuf 3.13.244.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.244.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-244-143.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 33 KB
33 KB 28ms
9ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=774:435,smart&width=774&height=435&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3d644c93265abc15185cf5accc1ce3a9f111642674bee3eef1fed1374ea3b127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 1666942
etag: "7V0hB8fmaHKF2+v21vNKG6QPJBPFRgxSYXIIbaK+jeA"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=34063 odim=720x405 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 33628

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 29 KB
29 KB 9ms
9ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=950:435,smart&width=950&height=435&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 84643b7ec7363a7ac96daf9ae8a186ef3051abdcd320c79d07e5741115a0138c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 1666943
etag: "K1l6YyAiMwWAAH4nYudGQ7pek84iEmPDkkmjileCeL4"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=29478 odim=720x330 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29050

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 4 KB
3 KB 8ms
7ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3d78ae222f2cdf9c08f1ee05ebca73903c7bf21cb21e45a76dbfc9ce830474a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 1666942
etag: "B/WegXjEdqWIQo2IdAnSNjI+erwOE7TpxCs/Cx6Mqmw"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=3835 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3401

GET
H2 200 1_th.jpg
img.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/ 4 KB
3 KB 8ms
8ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 555818d8877676d953f04b982d8d9394c886b824332642a15473480f3baf5a8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 2339005
etag: "WPUP4EGguU9ULPU+jncZ/NhYATIGQD9bfJyklI2QdWU"
access-control-max-age: 86400
fastly-io-info: ifsz=69377 idim=720x406 ifmt=jpeg ofsz=3597 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3189

GET
H2 200 1_th.jpg
img.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/ 2 KB
2 KB 10ms
9ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8eae99f8d3991899f01edc638dee12b8d9d2c8e9865bdb0c87b7562af18d071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 2342287
etag: "T/U5qZCTPAmLGnzHRQjxq0S6krQMXt7gl2uA+6MmqYU"
access-control-max-age: 86400
fastly-io-info: ifsz=42851 idim=720x406 ifmt=jpeg ofsz=2355 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1897

GET
H2 200 1_th.jpg
img.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/ 3 KB
3 KB 10ms
10ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34dc1dfc7400857ee8bb0abb46d0662735c6c4b26b91b88d076e7537e22504cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 2866570
etag: "U8zM2ju17E/3BYi81usYO8WinqaoOyR0w9MMeKTtOww"
access-control-max-age: 86400
fastly-io-info: ifsz=69533 idim=720x406 ifmt=jpeg ofsz=3078 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2636

GET
H2 200 1_th.jpg
img.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/ 3 KB
2 KB 10ms
7ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af43ea4c564c18bf2c64d2c4aa030a083c82a68ad9a07ba5b3d9f74edd2262c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 2866556
etag: "iWuDKDST3Ti8E/S1W2HETgnIDGmVcj5bM3ZudiZSoMU"
access-control-max-age: 86400
fastly-io-info: ifsz=77519 idim=720x406 ifmt=jpeg ofsz=2759 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2323

GET
H2 200 1_th.jpg
img.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/ 3 KB
3 KB 8ms
8ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b581d1bdfa05cb424c99f7d8c429c40c1260969e39fde3b222d449b8eef5ce2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 1663668
etag: "ZeFSGsQlxTwoz0qBo8hiuzfTmloxdBwXG9aotIrjmZk"
access-control-max-age: 86400
fastly-io-info: ifsz=123615 idim=720x406 ifmt=jpeg ofsz=3248 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2821

GET
H2 200 1_th.jpg
img.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/ 2 KB
2 KB 9ms
9ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0cea5263a3b6819b999123c15a2416b808c1c34d24435cb19c7fba696cf4a3c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 1232258
etag: "5EqEXwsEqxZbPq01WeQqLKu/GVS553lI+wLABKy/8Lc"
access-control-max-age: 86400
fastly-io-info: ifsz=32943 idim=720x406 ifmt=jpeg ofsz=2334 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1884

GET
H2 200 1_th.jpg
img.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/ 3 KB
3 KB 9ms
8ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c65b00e5d831ccbe1bf42e38e82c3b193a35cdfab03f6471c1e8e68cd12a3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 2271264
etag: "cUAI6dPxSuFlj/a1TDRioxjRmcA2gr4gcD6MzGfaGAk"
access-control-max-age: 86400
fastly-io-info: ifsz=46591 idim=720x406 ifmt=jpeg ofsz=2973 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2504

GET
H2 200 1_th.jpg
img.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/ 4 KB
4 KB 8ms
7ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45b60c9ae048b78a11d296a37e770b2748a26c5c00e0cea78607964758f50fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 3473231
etag: "uZ5oa44givO2FgmyLNehnG8ULjRsgh8MnkA+1C5XAkE"
access-control-max-age: 86400
fastly-io-info: ifsz=140594 idim=720x406 ifmt=jpeg ofsz=4159 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3724

GET
H2 200 1_th.jpg
img.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/ 4 KB
4 KB 12ms
10ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b214dd816be55213fb9ebacc212f8850dfb4c5515bba44aaec5823e58a68f2d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: br
age: 1147538
etag: "JPOcaNbaTb0PgX2DmWgZSp5pbbFFBq4ospLM2EZx8KE"
access-control-max-age: 86400
fastly-io-info: ifsz=93995 idim=720x406 ifmt=jpeg ofsz=4277 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3874

GET
H2 200 / Show response
api-location-prd.pelcro.com/ 350 B
754 B 293ms
290ms XHR
application/json 13.32.22.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-38.fra56.r.cloudfront.net
Software: /
Resource Hash: c956a6cb3d3c97a2f34cce17e3e4e39a86cef78c189aa8d6a75782e66bcb4323

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.stripes.com/
X-Pelcro-Sdk-Version: 2.5.6
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
via: 1.1 cbe141923b7469a299306144733821c3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amzn-requestid: 632ba8b3-e03e-4d08-bb7f-c6663d4b1dce
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61af53b8-147642cb685045e811f2abd2;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: J-oE6GRhoAMFhBQ=
content-length: 350
x-amz-cf-id: xxxvplfCPndi8UzR5sSlghtXQ-tAeeahkP-ywMCQR4ejE4bnecxNwQ==

OPTIONS
H2 200 /
api-location-prd.pelcro.com/ Frame 0
0 362ms
284ms Preflight
application/json 13.32.22.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-38.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Tue, 07 Dec 2021 12:29:44 GMT
x-amzn-requestid: 0c0a347f-268b-4303-ada6-5c30a6848d3d
access-control-allow-origin: *
allow: GET
access-control-allow-headers: Authorization, Cache-Control, X-Pelcro-Sdk-Version
x-amz-apigw-id: J-oE3F9koAMFYWw=
access-control-allow-methods: GET
x-cache: Miss from cloudfront
via: 1.1 cbe141923b7469a299306144733821c3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: PkBybdryrkvsUAG2uLJWuvO8kQbi054CHAy1Ne6F51_XJymwPOYJKA==

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 36ms
35ms Image
image/gif 46.137.184.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3161725&ntv_pl=839427
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.184.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-184-71.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 36ms
36ms Image
image/gif 46.137.184.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=b0c8a3a2-90bb-42e4-a326-c39a6e86c48d&ntv_fl=CF4se3gYGjAPzQcMJoAeWdJoB6c_a_3asVk8NKJcWF2OIuZPG4Nz6V2epAaF8TVt_tfVhVnhjzfurUEgUpx12SNX3kFlv8yCit_VzwKUuIkmCLTLpwJ-QoiKSHFF72TuKYWiJuSx2s5jJiAdJ8eYQAXFbyfEJX5ctSypx4cb0rQFigdy1JsO9yj8RVHKzw3b7D9y0kYd2ZRtCnemnDhVdovYhbp0cZCw6xFI3njcU-Vk0yQp4WI3UfjKXD0Q7n6CPRCqDH3IQVCH3oiYah8KhjK3SuhkYZcl5tzieM0hmhSWWgRVcco9BWVaLzd2e9H-&ntv_ht=t1OvYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAA88MA&ord=1638880184266&ntv_dpl=1011,1028,1050,1003,1007&ntv_it
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.184.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-184-71.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 37ms
36ms Image
image/gif 46.137.184.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=839427&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.184.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-184-71.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 101 KB
31 KB 11ms
9ms Script
application/javascript 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 52
ETag: W/"459011526cbe745c65ba1b165285fbe9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6ee47dd27ca379a812104b559e9a5a23.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: QCQCS6IeDH6zQk6AZa84Onk2YVovDhgQmEffnZKzVCYhyfJvUq5THA==

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 1718 47 KB
48 KB 134ms
44ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 342211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:26:13 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 52ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.stripes.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1439
date: Tue, 07 Dec 2021 12:29:43 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=YUZRwnxwdjlaTU9jZUJrTWQwZWxQaGkrVlM1eXpzZWRrRkgxT0duMVpvaDE5Nkc2blFNakRNSHRqNFFUVjlLVW91SWpFWEtjRHpRT01uWk5qMHdWTDUzcm1vR2JRUEsyVFBHRmFPTjNXSjMra1lGQ2srREpXK05SeFF5al...

358 B
606 B

53ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YUZRwnxwdjlaTU9jZUJrTWQwZWxQaGkrVlM1eXpzZWRrRkgxT0duMVpvaDE5Nkc2blFNakRNSHRqNFFUVjlLVW91SWpFWEtjRHpRT01uWk5qMHdWTDUzcm1vR2JRUEsyVFBHRmFPTjNXSjMra1lGQ2srREpXK05SeFF5alNYZ0dtdWp6MmNDTUVlNDB1d3YwZTEzQStsenhnV2ZqSGZKSGUwK2JVOTZHd01RL0w4YndpWStWM2FISlViM044TFB6YjU2NEpheWhEMEV3TTF6aG5pT01VS1Z3QU5Yb1JqTkNXc0ltb1VHZHlnQ0VsQS9nPXw&cppv=2

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

63a261afe94f65da7f671b80b941111d3801d9ddd0222939602084e9a94c5fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 07 Dec 2021 12:29:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2625
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 07 Dec 2021 12:29:43 GMT
location: https://mug.criteo.com/sid?cpp=YUZRwnxwdjlaTU9jZUJrTWQwZWxQaGkrVlM1eXpzZWRrRkgxT0duMVpvaDE5Nkc2blFNakRNSHRqNFFUVjlLVW91SWpFWEtjRHpRT01uWk5qMHdWTDUzcm1vR2JRUEsyVFBHRmFPTjNXSjMra1lGQ2srREpXK05SeFF5alNYZ0dtdWp6MmNDTUVlNDB1d3YwZTEzQStsenhnV2ZqSGZKSGUwK2JVOTZHd01RL0w4YndpWStWM2FISlViM044TFB6YjU2NEpheWhEMEV3TTF6aG5pT01VS1Z3QU5Yb1JqTkNXc0ltb1VHZHlnQ0VsQS9nPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2074
content-length: 482
expires: 0

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
266 B 110ms
37ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=166574

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 12:29:44 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 104ms
31ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 12:29:44 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 forbes-484fef5e39bd1f12260ad07d5cc3499d.js Show response
vd.trinitymedia.ai/trinity-player/buttons/ Frame 9BAA 3 KB
1 KB 16ms
16ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/buttons/forbes-484fef5e39bd1f12260ad07d5cc3499d.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=7fe08c7b-d555-4a65-9bd5-8d47b96fa8ec&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: f8e49947d3547dba3e5bf18c2cefcc2dda7ff5f714e52f398b97d84887d1c586

Request headers

Referer: https://trinitymedia.ai/
Origin: https://trinitymedia.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 16:20:22 GMT
server: AmazonS3
x-amz-request-id: SKX3R89F3J2AJQV0
etag: "36fd63d78ee11a3ae1d71d8cacae4b0a"
x-hw: 1638880184.dop237.am5.t,1638880184.cds290.am5.hn,1638880184.cds291.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43417
accept-ranges: bytes
content-length: 840
x-amz-id-2: 4PYljMhbBel2K4ifm8rgz7jpsLAUm5DxK+y0rkuf4y6rNcxNrPoPiz8gaMD62Du2T5h/jFGku0c=

GET
H2 200 trinity-player.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/ Frame 9BAA 1 MB
180 KB 51ms
19ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=7fe08c7b-d555-4a65-9bd5-8d47b96fa8ec&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: eb542e09f2d9f06b3dd88bc530c3178861172de5a32b8163e325dcfbfe8cb38a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 10:13:15 GMT
server: AmazonS3
x-amz-request-id: Q60KTDQ60FTYG52S
etag: "76fd92e38b97b648b3a92c6b7465877c"
x-hw: 1638880184.dop029.am5.t,1638880184.cds300.am5.hn,1638880184.cds304.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 184356
x-amz-id-2: f5WerKYWitGa7Fz9K5How9/T9R/HE2lHF9dsvrYAQ5egKZGdPb/pH+rJPUvE7zVL/03w0hbqbFw=

GET
H2 200 rss_banner.jpg
vd.trinitymedia.ai/cms/1202/image/audio/c5a582e8f66e3b04559f8767fe1ffeceb2a54656b06172e71f80e9855ee58e54/ Frame 6508 101 KB
101 KB 72ms
61ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vd.trinitymedia.ai/cms/1202/image/audio/c5a582e8f66e3b04559f8767fe1ffeceb2a54656b06172e71f80e9855ee58e54/rss_banner.jpg?ts=1638790086000
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: a00389c7a6b84dfdd76dace7ad7de6af4e57fc3dcb7a3a9ae49ebcab27486c6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
last-modified: Mon, 06 Dec 2021 11:28:05 GMT
server: AmazonS3
x-amz-request-id: 0ZY8A6SBMQWSREZ0
etag: "f4528201030bd731fcd43f154774c896"
x-hw: 1638880184.dop029.am5.t,1638880184.cds300.am5.hn,1638880184.cds117.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=79411
accept-ranges: bytes
content-length: 103499
x-amz-id-2: BMhu2Ht3Azo4C6di9j02/slmMWo/6rqaozCtJNRkvnd1gDKLA/LkqqUmV5zwgizTxq4WyHvwVxo=

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 99ms
48ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TCBWEF5WWR&gtm=2oec10&_p=1593430977&sr=1600x1200&ul=en-us&cid=939030640.1638880184&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&dt=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&sid=1638880184&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCBWEF5WWR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6217 6 KB
3 KB 93ms
43ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:29:44 GMT
expires: Wed, 07 Dec 2022 12:29:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 606ms
19ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 974
date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 container.html Show response
93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 359A 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:29:44 GMT
expires: Wed, 07 Dec 2022 12:29:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1BB6 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:29:44 GMT
expires: Wed, 07 Dec 2022 12:29:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F708 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:29:44 GMT
expires: Wed, 07 Dec 2022 12:29:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF77 0
0 77ms
76ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurD5r20k_J3h80T5c_EWOhFvOuCheq2XxrrJ22bMmEGZykaIIave_30ll0rBjTRFSAi0S4pbMSOyB5PBWrhkkKeXz-hEe0ZiJ5kGCwpMBA9o66ek1Nw5bfk-lXwljAUZkGN4UlkVEC3-V_T5CPIjcQgLPazMChSr2oJYxNC4ixnAeOmePvn9c3kR7yCcaFtYZsgv2EXOSYgaiIcWXHVh1ys23akEGWZY6yvGEfRL5S5o8quscbpnDHrRcJfeFxq-gu3eR-Rvi8Ff_j5scF2R1akzlCnPMGScwe2s59oSt-Y369X1Ky0-v8lASaDXJzBZ7_&sig=Cg0ArKJSzGh3YjDnuZl1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame AF77 19 KB
8 KB 83ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:00:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame AF77 2 KB
1 KB 123ms
76ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:04:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF77 119 KB
36 KB 106ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:29:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AF77 0
0 241ms
45ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyoKNrq8I6DSKUUq31f6ZdQAsLe40NZaYsA65mrMi0udQlh9x6nP0jv82ZJZj9w8N2gk2gS-HlU7vq4VuyynLKxRlmkA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 3252782455802347065
tpc.googlesyndication.com/simgad/ Frame AF77 34 KB
34 KB 90ms
44ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3252782455802347065

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7b8fbc5b7e9cb9df31ae2c006e5db524ea0d37e04d824d83dc1bb9b8b44755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:26:54 GMT
x-content-type-options: nosniff
age: 543770
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34645
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 03:48:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 05:26:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1593430977&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&ul=en-us&de=UTF-8&dt=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1226409160&gjid=1179706733&cid=939030640.1638880184&tid=UA-714126-1&_gid=1030356429.1638880185&_r=1&gtm=2ouc10&z=429713326

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 13ms
13ms Script
application/javascript 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 07 Dec 2021 12:29:44 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3B96 232 B
448 B 258ms
118ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=acc8a479b3999ebfab7d676b340443efd42c883b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 111
date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 12:29:44 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 4a72271b77c1747476b4077bd067922f1f7850e17dff20cea965d78c8413bacd
content-length: 166

GET
H2 200 track
t.teads.tv/ 23 B
113 B 176ms
62ms Image
image/gif 2.22.33.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=9a44d42c-689f-4e4b-94e7-a3c2076e6f1b&pageId=0&pid=48484&debug_metadata=U9pSyb9eHF&fv=923&ts=1638880184692&f=1&referer=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.33.114 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 177ms
63ms Image
image/gif 2.22.33.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=9a44d42c-689f-4e4b-94e7-a3c2076e6f1b&pageId=0&pid=48484&slot=native&fv=923&ts=1638880184699&f=1&referer=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.33.114 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/0/ 533 B
566 B 182ms
117ms XHR
application/json 2.21.142.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/0/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&page=%7B%22id%22%3A0%2C%22placements%22%3A%5B%7B%22id%22%3A48484%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A950%2C%22height%22%3A534%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=9a44d42c-689f-4e4b-94e7-a3c2076e6f1b&formatVersion=923&env=js-web&netBw=9.9&ttfb=668
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js?202112712
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.142.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6f9c7c921b01b423e0a5ae17b10c71137c1875b08535acb62d55370bce2c9551

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 359
expires: Tue, 07 Dec 2021 12:29:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-714126-1&cid=939030640.1638880184&jid=1226409160&gjid=1179706733&_gid=1030356429.1638880185&_u=YADAAUAAAAAAAC~&z=274813246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 12:29:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 29 KB
12 KB 94ms
94ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=166574&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&icr_url=&va=0&time=1638880184736&up=pc&bn=chrome&bv=96&widget_width=950&style_id=0&idhub[pubcid]=cdd6a439-2a2f-496a-a46f-208b9dcd5e6b

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

ef9fea57506e43c8b8189fedf82505c353ec9105a95fa9fd16d663aa3a3e5fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 12070

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 07F7 9 KB
3 KB 10ms
10ms Stylesheet
text/css 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:28:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 52
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 6ee47dd27ca379a812104b559e9a5a23.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: 5ZvjiztLGOGIIgewmhaP6qR3EooChDcBSZps2MergTuxb0fBIyOEOQ==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 07F7 1005 B
938 B 20ms
9ms Stylesheet
text/css 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 55
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 6ee47dd27ca379a812104b559e9a5a23.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: T9kNd_T0zgP_vaA5AQrCghEM2sJJlJsJIBQfNmNYVsOEHxVDkpiKdg==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame E82F 9 KB
3 KB 24ms
11ms Stylesheet
text/css 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 22
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 c31ad517510d586c0f2aa3c5dbc40b07.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: gnkpa8kV6aGgc7-tLCQBAtY-GzGBZkbX7v9lesptbPvwxzFtX3AaMQ==

GET
H/1.1 200
OK layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame E82F 1 KB
964 B 27ms
12ms Stylesheet
text/css 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/layout-2.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 41
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 6ee47dd27ca379a812104b559e9a5a23.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: Wnspmk76LwMEnoFpDrewM50Xys1qwhvq36znY8eWQ59xHYsONc6BNg==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 3 KB
1 KB 27ms
10ms Stylesheet
text/css 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/modal.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 11
ETag: W/"4cb20646e6160144096c6e61f322a18b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 1f16598f51b4c33e5f56e49ea72a6155.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: WWA2n_w2D6_lA7bv4QMhi5nMhkxz5tf_b5jLWPIsUyftcVeQHx8Qgg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF77 0
0 126ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX4vS9HO0Nkz3kM-kJdKryrv-MmbR6wFLvGmbL4x5ZZPv2ZP3K5XIYOf8cn6ouM53Er7X75olfKcBaay8zloZMlzwnuJKs5enNgRCoZLw9agruG40E5e4V6JJrwl9gA8Tg_s3Ph8-kq8rDuVexUeEJ0tdRIe0zfNaR1-OF1zjfWqVkqeqpAWfSldP3mIJ8MHEcraxY1fp6jK-oLGewh4hL8lyQ1IVahW3guw-BYBHV8IfG0l7QoXdeoZSmjk4VYwj5k181SqW3VRmsw9A_9qSXrMLpvZTZ4e43nFWEoGcabipPUZCBtN-ouGQKDfDI89xbSxo&sig=Cg0ArKJSzE9ULvzxzFWbEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 12:29:44 GMT

GET
DATA 200
OK truncated
/ Frame AF77 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0558829269b394389d5ea50e298cc17d80babb299856d659a5a3b35f87071aa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6217 22 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6217 9 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6217 119 KB
36 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:29:44 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 9BAA 2 KB
465 B 96ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 12:02:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 12:29:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 12:29:44 GMT

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 9BAA 0
0 8ms
8ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 9BAA 0
0 8ms
7ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 359A 22 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 359A 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 359A 119 KB
36 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:29:44 GMT

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 105 KB
33 KB 11ms
10ms Script
application/javascript 2600:9000:224a:f600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: GT7I8D0R3oQufoOiLgwsbuUzlEWb3JHV
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:49 GMT
server: AmazonS3
age: 59016
etag: W/"2f50e5f43fca3ba6efc6a53a514d50c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
date: Mon, 06 Dec 2021 23:59:00 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: -NDPUXyzY4nPh35R-1lI5PXfzyEgl_Gw1XJ0bGDbcGQeBYE5_dkmAQ==

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/membership/v1/ 627 KB
132 KB 13ms
13ms Script
text/javascript 2600:9000:211e:6600:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/membership/v1/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6600:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bba83db30e7719c593bb4546227f24de4a2532f42e90be0b7a8175987e4c92b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:29:01 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:35:41 GMT
server: AmazonS3
age: 21644
etag: "d62f0d2ae878bebdf3811f4b656f6426"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 134472
x-amz-cf-id: 6mQx8-ahUeSCmOXabd9rlfJRvl0cGB-vEdPHEm0lHcxSgu5QzDmyOQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 117ms
67ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-714126-1&cid=939030640.1638880184&jid=1226409160&_u=YADAAUAAAAAAAC~&z=1477976860

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 152ms
64ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-714126-1&cid=939030640.1638880184&jid=1226409160&_u=YADAAUAAAAAAAC~&z=1477976860

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1BB6 22 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 1BB6 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BB6 119 KB
36 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:29:45 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F708 22 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F708 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F708 119 KB
36 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:29:45 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A287 595 KB
193 KB 97ms
43ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 333832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AF39 44 KB
17 KB 154ms
52ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 12:29:45 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FCEC 595 KB
193 KB 85ms
58ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 333832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F07E 595 KB
193 KB 45ms
43ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 333832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 info.json Show response
www.reddit.com/api/ 144 B
262 B 183ms
122ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&jsonp=_ate.cbs.rcb_gsie0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

ce77f287b904f1d1990a9468fef01edc8aa2ad684dd7c2ecc97b4f37416a3534

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ratelimit-used: 5
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 144
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
x-clacks-overhead: GNU Terry Pratchett
server: snooserv
x-frame-options: SAMEORIGIN
date: Tue, 07 Dec 2021 12:29:45 GMT
x-ratelimit-remaining: 295
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 15
accept-ranges: bytes
expires: -1

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
310 B 212ms
209ms XHR
application/json 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html#
last-modified: Tue, 07 Dec 2021 12:00:00 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 12:29:45 GMT
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 149 B
357 B 127ms
102ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&callback=window._ate.cbs.rcb_8n8q0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

09a589b9be56d57ddcf96823e15e13f752028c1a258c16a5cf5d9fd1d227dc08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 1267380016969422
expires: Tue, 07 Dec 2021 12:44:45 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
337 B 227ms
226ms Script
application/json 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&callback=_ate.cbs.rcb_g9ba0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

fca9540341b0d7ebbb2487ec48440cb077db616fa4145028595aa304fbb42929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html#
last-modified: Tue, 07 Dec 2021 12:29:45 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 12:29:45 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 info.json Show response
www.reddit.com/api/ 144 B
692 B 174ms
116ms Script
application/javascript 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&jsonp=_ate.cbs.rcb_14l00

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

3f124f52a9216d107a165ab713f1a620b4a26cc1e7ce344ca0a966d8a9d82f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ratelimit-used: 4
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 144
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
x-clacks-overhead: GNU Terry Pratchett
server: snooserv
x-frame-options: SAMEORIGIN
date: Tue, 07 Dec 2021 12:29:45 GMT
x-ratelimit-remaining: 296
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 15
accept-ranges: bytes
expires: -1

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 148 B
211 B 128ms
104ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&callback=window._ate.cbs.rcb_2fpb0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a68a45898073f506fb725063bee2c0c26d00bb3037ae2353d4df3ba020ee5aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1280616581135698
expires: Tue, 07 Dec 2021 12:44:45 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
337 B 1070ms
1069ms Script
application/json 2.21.140.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&callback=_ate.cbs.rcb_ckmg0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.140.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-111.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

28a2e65bfa75a23d06df3f17d9721ec8e0518a4e5661e7a13cb43060ac96fd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html#
last-modified: Tue, 07 Dec 2021 12:29:45 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 12:29:46 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 105ms
42ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 12:29:45 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 42 KB
12 KB 22ms
21ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AET1GR7CFA3VER8N
etag: "c752e29512ede679e40d7b08481f87f5"
x-hw: 1638880185.cds149.am5.hn,1638880185.cds153.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 11866
x-amz-id-2: P2E0umwgYOjVwEELeYxkzkSaFOm5r9tg/+okxJ0NvJnUIHEEXrwmU153QIjp3ULw/GwTc0HMFns=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 16 KB
6 KB 22ms
22ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e5d4a249423ce6b1d1f789ebf8c5f52ae355415bdea128b80ed0d000b472c1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:45 GMT
server: AmazonS3
x-amz-request-id: AET488KTJ67PY46V
etag: "b1e06faa922f856668877f1429abca7a"
x-hw: 1638880185.cds149.am5.hn,1638880185.cds002.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6205
x-amz-id-2: oF6cpaEBXKeF2R/v4obhmA/r9fpbYWAY4VvQxyI5IT9UiT6cTiI8AWfkbMkrfffWtXfjQAKDDOE=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 22ms
22ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AET1F8Q9RDR0XT4M
etag: "77359485ce587b0f07cbe070fcc63578"
x-hw: 1638880185.cds149.am5.hn,1638880185.cds276.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1641
x-amz-id-2: rMDPz+1A2UWMCh1dwmAS6xniy8ZvSiV3ohXPuxR4uxpngL+g1l2Y0YzeI3sVkE3gakkYKg8nH1M=

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4D72 37 KB
13 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:45:53 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B2E7 37 KB
13 KB 112ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:45:53 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5130 37 KB
13 KB 144ms
81ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:45:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6217 0
0 82ms
81ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1EuzQXBtMiOojbUABO8BsCW7Au8YYYTFrm49QLrTIWbJqyhsXtPxW-Ucu15tx47KKhk5A3Fk0ev4mvvrN1kZnkj8ScwWV3YczE95JN38F__ECY6MGNnM0yFqtYeDrUY7Qfvy3i8vdRIfMwcR4ftx7VmvopOMtrsZ3x7AnfLeZ-v1Ng7Wui5ACrQLYaQFB8Tyw13XGTr7YWJIkMXlqLMyNOhzMzUGimTQHGbxh8sjbzWeaCkla-3O0KdFOnkhIRUegQZm8JMavJgQH4QTGAf0o6gjwfuhmHNPmasgt6kSFyKzzZej9a2OI3fHfqMKD-Gbl&sig=Cg0ArKJSzKsPSexgZN0gEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 6217 41 KB
17 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:06:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 359A 0
0 78ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMnf9VMCKz0dJKE7e_LmlQGoeNdbwfvE-5P-xwGGD9SbHlJqGCXAl9Mhch2Qd5WoZq6rqwqA19HCbX0Xe_w3I0IQPHKaJ72KtaxlfcTZ-nnEmAcXkMFEVGwcMnznfeApgQeBhv_LFAaTi83GHFyE5ndGWXgNCsai7xvijWhnp5DkuuWZn8wyrR1jN9kcbXsS3XkNNCFSfSCkXrKiLjQWRZiC44yDOCMlG_HaUvZ2liH0qI0_QdDIqWs8fbHMEU89olQlJSOG2SS2ndsTCmHM580_YV1q-sJjO0bJAvJerUV3Aag3Txy1feQp-BlHdPN-mF&sig=Cg0ArKJSzAYmSXDbB-YUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 359A 41 KB
17 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:06:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1BB6 0
0 77ms
76ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWpZOhlEFIayD3CeNLtRRLZRfgy5Fx5PLv9x-MVj3bSH-zK5gneSZAvbYzB3Nr0wLUyT0-bzZsWGwj9nbESuH2zX6o2q1GZxD-u8ksg5k7Mk3RHIVRUIXBkmXU-CNDWiK090nDjbDcWVdh_84cXBP9bo7foNK-YhcX7tHzKu3XGq3K0lG0eysi73CKjojmY755AXeib2F8BamubXSoPNMGXYahZ6_nMANnBogpQ2l7mNj4uXFQzCAQARdPzQGMVUVGmrgAF1pW5h02n44IynkG_bRIrhJcWFD6TwdMhEqZWnHIFDhEUJLgLAsXSY2igcuT&sig=Cg0ArKJSzOUzgr7FHm_BEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 1BB6 41 KB
17 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:06:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F708 0
0 74ms
74ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwm-UKIJsZO7DxGbOI-b7TTtatz1zzGw5BUXs1ndws4V-gmDd5y0tSdVWmWUJvnsUns0kzpAxafQbW7KG6AmM3IXcyp8vW5Y7cKFSd8NPVdkSnwMV2nGfQe5vG_wFF0dLb_HinVTf2WkQ3dTX6jNX3ZZpoN32wmntkQv0Itxs4tHOhkxXDRLBs5KP3dzozsJpOJUNBt-_VExeLgtJXVajgAJyEmQONL75LRX4RSdBuSrlevMYy0v1N1dn0iNObOzZRXmhGygwS1ge4or3mdvoc_L8SvsdgCvtJd4N472Kxw7ao0p9fjGY-lN37m2ixcEpeckxv&sig=Cg0ArKJSzHTJo2_xZXkiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame F708 41 KB
17 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 09:06:19 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 268 KB
71 KB 89ms
12ms Script
application/javascript 18.66.248.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-53.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

219d55b0a442e35619d798a9cb86c13c8d266a52b7d57da0454b9fcaff4ba0a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 21:25:34 GMT
server: Cloudfront
etag: W/"90914ce6d55cc2e7701a38757435fe8c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
x-amz-cf-id: gaV5gR2lgWrsRDhsYilq5zqVax9VsUNOKv6UtEwprvqz4ybmy5qChg==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/ui/plugin/membership/v1/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5318
date: Tue, 07 Dec 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 13:01:07 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 40ms
39ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Dec 2021 12:48:28 GMT

GET
H2 200 B26699562.318027000;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=2584423925;ord=nuey8j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvnU5xJMbQHL-ZdP7-FG8ulfV6ZP7yp7p-wTC9lqcfS... Show response
ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/ Frame 6217 57 KB
23 KB 233ms
140ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318027000;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=2584423925;ord=nuey8j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvnU5xJMbQHL-ZdP7-FG8ulfV6ZP7yp7p-wTC9lqcfSGWmtq1BnWRqSW7L1nFocjeGgvX2lixb241Dem_NBdQYs9X6MzyvvUoIlasIekfbYjgVo5f7ThP8CG-bC7bIBlaQ8LX4QLEhoCDyvolTrahKps8pGZuCIQObB3f_b2UySspn-rxuH-IdJe0UyJJnmw-dadtbGSi9gUeEyFC1T3jnS9rW86v7UoPDibOT1S6DfDqbNjW_wd0Ze7P_E7qweuyCrRDYPoqx3aJC2ks2u6kabQDpjZCxwvX8KzUGV65sOm_JgUR9wYRimR60_lR67%26sig%3DCg0ArKJSzBC0Q_oz6DiJEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=169;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

b9bfae51d65ede58ed78e3ab6c630f091675c15e52a92c5adc4b730d6aa7d4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23845
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B10124636.264546103;dc_ver=81.236;sz=300x600;u_sd=1;dc_adk=3183306559;ord=se9cex;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvFVdi2Izl28fOVCa64-Pi_NFVNeyJvkhFVCpOswJUS... Show response
ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/ Frame 359A 41 KB
21 KB 145ms
66ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264546103;dc_ver=81.236;sz=300x600;u_sd=1;dc_adk=3183306559;ord=se9cex;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvFVdi2Izl28fOVCa64-Pi_NFVNeyJvkhFVCpOswJUSOmYag6_QMK__zJNtL_j-FJDjExOaaSfly_dZN6YIrCe-nDKBzn2_9OzRaaGcydAt0Ao6dSUGWZLpEYM280n6fqTokm6xAHUuJyubaB2NlG6mx8WDAArXcxhkOkbqRIo5iMxEqUvU8nrX2gJPnJQD1HwDmtxQzfWKwAx0uGLmPHhbqOQreEZ6bCecuVd2-ld3wLhT9892m6yrQCVS1VlNfPmuxIj0q_bzxmipf0chq5j5JGnW2lPPKtGViwtMF3eR1lRfdCoiqDmFZj-7DvPk%26sig%3DCg0ArKJSzI_XI8LTTyLqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=154;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

b09eb5aace471fc7711deb05db90f7922a965d1cf57f051e6440033c3d3a2321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20604
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 93ms
32ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
last-modified: Mon, 06 Dec 2021 15:29:40 GMT
etag: "1638804580"
x-hw: 1638880185.cds073.am5.hn,1638880185.cds221.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=40315
accept-ranges: bytes
content-length: 4298

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/ 1 KB
2 KB 151ms
151ms XHR
text/plain 2600:9000:223e:e200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&eu=true&country=DE&hour=12&amp=false

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:e200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e03d8a32efb91836728a13084ae4ee78473f966d254bcf5d21a9dbd58aa54f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.stripes.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: xvp6hoYarSEWTHTE0G-Sq6g7tKwBzu5G9FyNmq9rqbY4Jmc_AM3tVg==

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/ Frame 0
0 156ms
156ms Preflight 2600:9000:223e:e200:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:e200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: AlW1HBjt8jyY4o8cIVBzV97JtAbnS6PhRAhIFW_iKYioXR8hEE597Q==

GET
H2 200 B10124636.264578310;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=1224470513;ord=y8q631;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-ePQF73IYqEKZUJyIydGHi5Q8fJoitRZ5OS2feqZD... Show response
ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/ Frame 1BB6 41 KB
20 KB 139ms
102ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264578310;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=1224470513;ord=y8q631;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-ePQF73IYqEKZUJyIydGHi5Q8fJoitRZ5OS2feqZDBp5TQvTofz406RPV-CSrCTbn_HS1-vkmr-1hkwVGzmJR1AnjLbVc5kOSlNBesGTFXXzChzsxuvuWYnWEfBCwlHtB65iCdK24PE3QSM-j8DlVsj2eL5HqoCF1jWIOuYDFDUB8dfvIKZOMjrJKFxXqqtZ3TpM57q5QvFdXsljyXvqE3YB9uz6g9vXV4Njlq8HhR1UVXsYA9RbEolZLUc5CIrhLi0RxJnozxcIQ-HHNcF3TOVW7Qih5YUNfxBx3nMuKhwOhHT4MZ1T8swFxwNeg%26sig%3DCg0ArKJSzBsNYyxkyrCgEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=153;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

2e0feaf24cab24dd5e8f73df93db8acbc10c86e86bc279f27d014f27eb1fcf8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20666
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B26699562.318037607;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=1262329215;ord=ckzczh;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsszha-f7MlFk_O9JQYu3Xh54ymmP-kazTWWYuNNvQzcK... Show response
ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/ Frame F708 57 KB
24 KB 156ms
122ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318037607;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=1262329215;ord=ckzczh;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsszha-f7MlFk_O9JQYu3Xh54ymmP-kazTWWYuNNvQzcKAMO84vBGxkMVJsmlzanC9OruAKXhBEOUACLjWTnAeDug5k_aegpbLqZNo6XfK2B3QTbiMYUfvtSrgJ2OgCPGD3p5WmZJAEtD0A6TdKyVXJCa0sDYzKZZEyC1de1Da8AxLfN8dxmSnRhyegJ5dFNpv-0jo7y1JF4gcU5AWlofiadzbyYuqs7weDHJmU_o5CrNBnHnKzVp7Crxw-2z5QDHPSw3NMAk1HYzCCxt5-PsPMkcJd_eOqtePA-MyW8A_JPybjgHaYFPDhqqwWcge5_RpwL%26sig%3DCg0ArKJSzMYWYy1C8wZgEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=153;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

8adad61025afc455abd290ab8cde119814fdf3f6dd7b07e093c086d712121fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24002
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 562ms
169ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT

GET
H2 200 2feaf37ae2ea09a7a5c60f907ec6e76e.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 75ms
28ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/2feaf37ae2ea09a7a5c60f907ec6e76e.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c0346b42f60e2810e08ab51f2d507c4a1e5347a756c1bcf0c7432524bfd0d829

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:14 GMT
server: Cloudinary
etag: "0ba418b5af2da1fb2fdd6c74581fc59d"
strict-transport-security: max-age=604800
x-hw: 1638880185.cds118.am5.hn,1638880185.cds130.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-11-11T17:40:08.302Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 10822

GET
H2 200 3a6922e4df019f6fc1fac8efbfe60f34.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 73ms
29ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/3a6922e4df019f6fc1fac8efbfe60f34.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

13fe1f6b84ca309a854ef287a4954807afad92d40af592c40eea81501ee54a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:40:02 GMT
server: Cloudinary
etag: "12c7e1576d7825c4c375d4086e9c0d53"
strict-transport-security: max-age=604800
x-hw: 1638880185.cds118.am5.hn,1638880185.cds222.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-11-11T19:32:32.674Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 8177

GET
H2 200 ff27af5a5930935680a4c10289ad39e5.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 81ms
38ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ff27af5a5930935680a4c10289ad39e5.jpeg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

640cfa03a0edf6a9ccc1794366dc2a16dcdb308bd4b2dcbb60ff5e60e795d7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:08 GMT
server: Cloudinary
etag: "313c72d28a2cf468da14109e09e946f1"
strict-transport-security: max-age=604800
x-hw: 1638880185.cds118.am5.hn,1638880185.cds117.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=111;cpu=0;start=2021-11-11T17:43:12.933Z;desc=miss,rtt;dur=0,cloudinary;dur=22;start=2021-11-11T17:43:12.972Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 12067

GET
H2 200 61ab85f1edffa3-87867379.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 81ms
39ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61ab85f1edffa3-87867379.png

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

82efcbedf38ab3e14509e9fd78267e876d4b9b0c3bc355e5f2ec7676cd570738

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
cache-tag: 492511502234514150398750044346674752745,208465888222277207238788418211507912633,578c3b63e33b327d463a78e9f3c3e28a
server-timing: fastly;dur=107;cpu=0;start=2021-12-07T01:11:36.487Z;desc=miss,rtt;dur=0,cloudinary;dur=16;start=2021-12-07T01:11:36.532Z
content-length: 9213
last-modified: Tue, 07 Dec 2021 01:03:46 GMT
server: Cloudinary
etag: "fd9cba5ed4ac27a0b57ac593e4ec75fd"
strict-transport-security: max-age=604800
x-hw: 1638880185.cds118.am5.hn,1638880185.cds261.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 68e4db568296e2149cd9335740792bc9.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 89ms
48ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/68e4db568296e2149cd9335740792bc9.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

788aadc7cd7dcb8015b608986e7855f5f5b3251b108ed9f9eba5ff41eb6ca767

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:32 GMT
server: Cloudinary
etag: "f79107192e236b97f60c0b7b5e297d79"
strict-transport-security: max-age=604800
x-hw: 1638880185.cds118.am5.hn,1638880185.cds254.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=108;cpu=0;start=2021-11-11T17:49:01.432Z;desc=miss,rtt;dur=0,cloudinary;dur=18;start=2021-11-11T17:49:01.475Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 12323

GET
H2 200 https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/ 10 KB
10 KB 92ms
52ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8c8baffcbc46c84d4e2207819e099ee5883706283f9c3f64cc5302929d77bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 08:29:21 GMT
server: Cloudinary
etag: "e8f0421a490582a00d4f9e4ddc5cd3c9"
strict-transport-security: max-age=604800
x-hw: 1638880185.cds118.am5.hn,1638880185.cds304.am5.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-12-03T08:42:13.154Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 9850

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 359A 8 KB
3 KB 86ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264546103;dc_ver=81.236;sz=300x600;u_sd=1;dc_adk=3183306559;ord=se9cex;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvFVdi2Izl28fOVCa64-Pi_NFVNeyJvkhFVCpOswJUSOmYag6_QMK__zJNtL_j-FJDjExOaaSfly_dZN6YIrCe-nDKBzn2_9OzRaaGcydAt0Ao6dSUGWZLpEYM280n6fqTokm6xAHUuJyubaB2NlG6mx8WDAArXcxhkOkbqRIo5iMxEqUvU8nrX2gJPnJQD1HwDmtxQzfWKwAx0uGLmPHhbqOQreEZ6bCecuVd2-ld3wLhT9892m6yrQCVS1VlNfPmuxIj0q_bzxmipf0chq5j5JGnW2lPPKtGViwtMF3eR1lRfdCoiqDmFZj-7DvPk%26sig%3DCg0ArKJSzI_XI8LTTyLqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=154;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:28:58 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 359A 0
524 B 171ms
75ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbKdcTQCJdDH-aVK3mrf4nw4Pxf9cNB8iKJu2uxohQUqyFe-TXi8ghmCzBLdYr8D01YOucwto5I762uoWbjlmouCskyTif6Y2zRj9kuAFpmzi9DRrFy_sMi8tvDkFP9zl5oGmh4lBM8tlCeUS66C8T&sig=Cg0ArKJSzH9Y7UimqXk1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20211201.90735&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 359A 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
H3 200 TTR_Dopest_B-300x600.jpg
s0.2mdn.net/3967255/ Frame 359A 51 KB
51 KB 88ms
40ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3967255/TTR_Dopest_B-300x600.jpg

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5816ee0e07d0d352dc1ea9d6a0acce26f5342d9367671ca3e51ab49222a74a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:13:29 GMT
x-content-type-options: nosniff
age: 4576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52330
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 17:25:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 11:13:29 GMT

GET
DATA 200
OK truncated
/ Frame 359A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 658efb434f496cac631864c73ee229f2df488989bac7240c9f366be5ebe0fcea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame F708 106 KB
37 KB 92ms
44ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Origin: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:59:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame F708 8 KB
3 KB 59ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318037607;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=1262329215;ord=ckzczh;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsszha-f7MlFk_O9JQYu3Xh54ymmP-kazTWWYuNNvQzcKAMO84vBGxkMVJsmlzanC9OruAKXhBEOUACLjWTnAeDug5k_aegpbLqZNo6XfK2B3QTbiMYUfvtSrgJ2OgCPGD3p5WmZJAEtD0A6TdKyVXJCa0sDYzKZZEyC1de1Da8AxLfN8dxmSnRhyegJ5dFNpv-0jo7y1JF4gcU5AWlofiadzbyYuqs7weDHJmU_o5CrNBnHnKzVp7Crxw-2z5QDHPSw3NMAk1HYzCCxt5-PsPMkcJd_eOqtePA-MyW8A_JPybjgHaYFPDhqqwWcge5_RpwL%26sig%3DCg0ArKJSzMYWYy1C8wZgEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=153;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:28:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F708 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
DATA 200
OK truncated
/ Frame F708 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a27edf9f1974ebaccdf8237e3101744614b137308a74f1645ad77a22aa51d487

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 1BB6 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264578310;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=1224470513;ord=y8q631;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv-ePQF73IYqEKZUJyIydGHi5Q8fJoitRZ5OS2feqZDBp5TQvTofz406RPV-CSrCTbn_HS1-vkmr-1hkwVGzmJR1AnjLbVc5kOSlNBesGTFXXzChzsxuvuWYnWEfBCwlHtB65iCdK24PE3QSM-j8DlVsj2eL5HqoCF1jWIOuYDFDUB8dfvIKZOMjrJKFxXqqtZ3TpM57q5QvFdXsljyXvqE3YB9uz6g9vXV4Njlq8HhR1UVXsYA9RbEolZLUc5CIrhLi0RxJnozxcIQ-HHNcF3TOVW7Qih5YUNfxBx3nMuKhwOhHT4MZ1T8swFxwNeg%26sig%3DCg0ArKJSzBsNYyxkyrCgEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=153;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:28:58 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1BB6 0
60 B 128ms
76ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstRDHskbhwKaL86AY8lLkrPkZx63UrflBGaBbZWBcLR8shdXGP60uhO4V0zOINF1KfXOFxzEY5C7dO-e-7BndDLu7Q4-6VQdfpTFtmwdM6x4qhlimz7_zRC2z8Z61RJMFmJfPZrWLJkAgzu3MQ2wLGP&sig=Cg0ArKJSzOe72vyUHRBgEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211201.03325&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1BB6 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
H3 200 TTR_Veterans_A-300x250.jpg
s0.2mdn.net/3967255/ Frame 1BB6 29 KB
29 KB 62ms
59ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3967255/TTR_Veterans_A-300x250.jpg

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

103a8848edf389902464b4995b6866378014c0cf4116a1247a0cb1586ecedef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 07:54:04 GMT
x-content-type-options: nosniff
age: 16541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29477
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 17:26:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 07:54:04 GMT

GET
DATA 200
OK truncated
/ Frame 1BB6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 008b7e5aeded03bd0e384a5c71d08d4e643b69f47e87f537b67c4b689ed179d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 6217 106 KB
37 KB 47ms
40ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Origin: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:59:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 6217 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318027000;dc_ver=81.236;sz=300x250;u_sd=1;dc_adk=2584423925;ord=nuey8j;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvnU5xJMbQHL-ZdP7-FG8ulfV6ZP7yp7p-wTC9lqcfSGWmtq1BnWRqSW7L1nFocjeGgvX2lixb241Dem_NBdQYs9X6MzyvvUoIlasIekfbYjgVo5f7ThP8CG-bC7bIBlaQ8LX4QLEhoCDyvolTrahKps8pGZuCIQObB3f_b2UySspn-rxuH-IdJe0UyJJnmw-dadtbGSi9gUeEyFC1T3jnS9rW86v7UoPDibOT1S6DfDqbNjW_wd0Ze7P_E7qweuyCrRDYPoqx3aJC2ks2u6kabQDpjZCxwvX8KzUGV65sOm_JgUR9wYRimR60_lR67%26sig%3DCg0ArKJSzBC0Q_oz6DiJEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=Y56-UB'K4*;sttr=169;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:28:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6217 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
DATA 200
OK truncated
/ Frame 6217 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f607ab4b425a6249a377e8b20a690cc2c2fc8f6c97cd0b511c8914b9fecd4ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2.video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 28 KB
9 KB 10ms
10ms Script
application/javascript 2600:9000:224a:f600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/2.video-loader2.1-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1482386e18d9fcf975374afc941b1474ce955d3c54c37e97a9c01d284b68ec9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: C8e.94spR.LU5zvFu.810RzSIRIDBnlc
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:48 GMT
server: AmazonS3
age: 52030
etag: W/"4337db5cb8f33c4840726c6a7829656a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
date: Mon, 06 Dec 2021 22:02:38 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: o647zrSPTZ_FkhlgmI9EKbGJkbDmCfDV53Qd3xSC2m7g1eTEmMVchQ==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A07F 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 33ms
32ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 12:29:45 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 32ms
32ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 12:29:45 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4E1E 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A98 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9319 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 72870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
827 B 296ms
23ms Script
text/javascript 2a02:26f0:b600:188::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/2.video-loader2.1-cr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:b600:188::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:46 GMT
X-GUploader-UploadID: ADPycdsVhuZmK171iHKh5fYNQGEvkUnMwJGDz0eYl7VH40Wgd_7Dcq9WmIwaV0U-Hx2iHzciW9XyscxktAMxtvvJ7pq-_QW8RA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==, md5=VveFJB0O2f5RqBcLndUCcg==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, range
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Tue, 07 Dec 2021 12:59:46 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 359A 0
23 B 125ms
77ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 359A 0
0 75ms
74ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE7C9-ibfk2O3n5sPBEghUhJ1C12gqJkXcncCC33OkR16v35WK-AvL-CdhMkqCXCn0b0Wd7BWXnKZd3kPiqhlcfTvILFR7RW6REKgLSU5xK5EkwnIZaHkvOawwqn7qbmUwkGvduJ9nDExLFd6i-V4CQHQgkAP2N829s7lsNTeQbd-b0J9Da8CEIKF9_VRZxK8pVo9ur6kjXhiA60Q_cKl7fdTHuDyfDXpXbrc659KMQyZEM4JEeI0_TD49BsuJduKHaHWsF54kLCxwRjp2w7027UrXyiGTS2qwDOgR1pMOBipIvggSdyJnmXyXSwlL7pie8RI&sig=Cg0ArKJSzMrgJyG6Iit9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 12:29:45 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1BB6 0
23 B 123ms
78ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1BB6 0
0 119ms
118ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7aNz8b6fw7LC_snor5k65Wsw3HhMfwUJakC9DasTWoJFI1sxD9dWAmHkEzMpfdpX3gTB0ZxX9oNjw6GbqqdFKYkDDPIkMcRc1DIJpW-NSDkev6FIjwpSCmHcuOd4E3jp2xpgj9FTWgEuivGfaZpFO9RC71X_m3_WqIaVGcyz4Jz8aqe5cmWgI-37izYsO9juevZ4vgIK6TLdR0d0kp4BChAwjKze_-kG5ITMhIYULZwXEhRgxfsPRkvlr2jgbGHGrRRKZsgvGF9jB6eVqa40OtRhX6MMppiKRsB1JfrGRoy7q5LsJxJWUeOXIXkdE0Z8XdQc&sig=Cg0ArKJSzAvBoj5sAPpOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 12:29:45 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6217 8 KB
4 KB 137ms
18ms Script
application/javascript 2a02:26f0:b600:182::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=2837563&cmp=26699562&sid=2293535&plc=318027000&num=&adid=&advid=8508620&adsrv=1&region=30&btreg=510557195&btadsrv=doubleclick&crt=161655668&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:182::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 12:39:48 GMT
Server: Microsoft-IIS/10.0
ETag: "9b35af88f9e1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3906

GET
H3 200 index.html Show response
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 8 KB
2 KB 82ms
82ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d95a84f7330ced9452b5bda7f2fadeb8f6ee505f6334972ef0812b484c6653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2378
date: Tue, 07 Dec 2021 05:14:46 GMT
expires: Wed, 08 Dec 2021 05:14:46 GMT
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 26099
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6217 0
23 B 86ms
80ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQ4pY4F2D_79zFn5ndGPyM8XYqhCZKSetLm2JwlVI30XnmmhoAlVGeDuA4JLLVS152XfGA_b5rwoI1cssT-vNPRkmcez5CNk3Y1x-wnaFZmPMZn5mJOsStQFqKp3pcapRpBLHy7R7_Nyg_JckueLve&sig=Cg0ArKJSzEprsXKWajDkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&cbvp=1&cstd=149&cisv=r20211201.05413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame F708 8 KB
4 KB 130ms
18ms Script
application/javascript 2a02:26f0:b600:182::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=2837563&cmp=26699562&sid=2293535&plc=318037607&num=&adid=&advid=8508620&adsrv=1&region=30&btreg=510834316&btadsrv=doubleclick&crt=162004170&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:182::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 12:39:48 GMT
Server: Microsoft-IIS/10.0
ETag: "9b35af88f9e1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3906

GET
H3 200 index.html Show response
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 8 KB
2 KB 76ms
76ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8549852311d390cbf213b130cb089dad61ad89698a25295f888fcfecb4d1ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2353
date: Tue, 07 Dec 2021 06:57:51 GMT
expires: Wed, 08 Dec 2021 06:57:51 GMT
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 19914
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F708 0
23 B 77ms
77ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBMMmpdNSFCZ5Dwn8GTwlCL529apkLJg4dTf4b_v2klJorkLQE7WJHyx3IZZsUj6fUOvGYah9HnDg5KymFpGeNa_yHpNE0GhTNd0P525FtbW7LqV_d8boGkgNPmxez10J5FsXn2paqxoRAsBmwFJTr&sig=Cg0ArKJSzJCY5Etqo_ZeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=199&cisv=r20211201.63005&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 avcplayer_2_73.js Show response
cdn.avantisvideo.com/js/ 266 KB
267 KB 30ms
30ms Script
application/javascript 2600:9000:224a:f600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:f600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b4455f80bbefc4ce584b3f9866d5510cc64f918c075d963320b84a99040235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: NuN.9nNuZfe8Z1lvjcJbDZ_PaEYTyneN
via: 1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 16:57:43 GMT
server: AmazonS3
age: 77946
etag: "df7a5e9e0c91119cb99942809c8453af"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 06 Dec 2021 14:50:52 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 272476
x-amz-cf-id: pXetmWHOgWaJ2IxQ8Bs-xzK3ECHvOUXnP-eGbBI2wL_7GNZ_UGGxtg==

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame A07F 35 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 10:33:30 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E1E 35 KB
13 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 10:33:30 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A98 35 KB
13 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 10:33:30 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 9319 35 KB
13 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 10:33:30 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 14 KB
14 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba28e784afbb6f3a0c6a7154de0a12c268dd2c58949beea2bee3312763763aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
x-content-type-options: nosniff
age: 26100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14356
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t1.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 9 KB
3 KB 60ms
60ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2764e65feb56d8e9f9051368a0e0ee9daf5263f1786adb335834fbd83889c22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3329
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t2.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 5 KB
2 KB 59ms
57ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1427a6a628bcd74ac46fef27108bc9d36b79f338e7d005c48e4e96b3a6b34b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2095
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t3.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 39 KB
9 KB 69ms
68ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df177f09bbe0f57f3bd1a71b5036d102a11024a94aa97de623feb116515e493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9041
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t4.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 14 KB
5 KB 69ms
67ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dcf07542306051cfa16bd73fcddc2dc4ee540b58964ba08b9e62065f34214e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4715
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 logo.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 24 KB
9 KB 59ms
58ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0367166c171106ad6e8850d5499f3d5eeca25ad692c97a111045c07dddefa25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8921
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 cta.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 08CE 2 KB
1 KB 69ms
67ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc48fa75e215803fc749570d1080a8d0b1f0f42549720b1953f096ef342873ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/ Frame 08CE 112 KB
33 KB 47ms
32ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1276112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33291
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1be2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSHhMNwt3S0IH2GygX%2Bcz3T8U9H31eRUxOwTbgm6scgvd3px1vR6yl3Y1yq33wZ5OEwm2JD4Qtj68feI2EXBiK%2F3PvrjxzK8FuZySo6aLk7uh8xDFNXoJwGSHAvpZ5vTFOlxP%2Bl0TNNMbiX8h%2BgCAz5F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9dc2eac8215be1-FRA
expires: Sun, 27 Nov 2022 12:29:46 GMT

GET
H3 200 t1.svg
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 12 KB
4 KB 61ms
60ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/t1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c72e7c3091cfc5c0d12189dba2c41ae4eb2759e34d3e22a1a13e8980438a5bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3737
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 06:57:51 GMT

GET
H3 200 t2.svg
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 9 KB
3 KB 59ms
59ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/t2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae81bd5a19e50b7b31bc326c1036e54e45e2da5e511d2f98b5b3976a2890f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2917
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 06:57:51 GMT

GET
H3 200 t3.svg
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 40 KB
10 KB 68ms
67ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/t3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

409cb2c8093c4efaf8a254155aea1aa45c7948fb45e74c52e5f633ba15692927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9710
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 06:57:51 GMT

GET
H3 200 t4.svg
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 14 KB
4 KB 60ms
59ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/t4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52eb21a7e4d89723323c12600b97756f4eb4943742d8930022d758817af4d1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4339
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 06:57:51 GMT

GET
H3 200 logo.svg
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 24 KB
9 KB 67ms
66ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0367166c171106ad6e8850d5499f3d5eeca25ad692c97a111045c07dddefa25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8921
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 06:57:51 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 3 KB
1 KB 67ms
66ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58884f4de44eecfb744b0c3d93148144d42dede1fe77f5dcb6e4ba5a70354a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1352
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 06:57:51 GMT

GET
H3 200 cta.svg
s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/ Frame 10B5 2 KB
1 KB 59ms
58ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc48fa75e215803fc749570d1080a8d0b1f0f42549720b1953f096ef342873ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:59:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 06:57:51 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/ Frame 10B5 112 KB
33 KB 71ms
56ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637182748443/FEP2121522_PreOS_Medical_SOBO3_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1276112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33291
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1be2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwovFgXOMXg5Toa1Kk0VFCysmt%2FKo81T8Ejm8jiwcJDhNefDMh9epZ89XkhWOSLiWIursvPVAZJ4oY06EnWxfkVDlAChpf7mt9iHKj9gSIJv0TTaIxFmRtMzFUlflrEK4ABtkzUsx6OGNepktM710AXb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9dc2eac81c5be1-FRA
expires: Sun, 27 Nov 2022 12:29:46 GMT

GET
H2 200 ins.txt Show response
static.avantisvideo.com/data/ 5 KB
1 KB 21ms
21ms XHR
text/plain 2600:9000:2156:6800:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/ins.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c5c079e730facbcbb0e099dae321c6dcaaa1076f51afa9899d7a745c13a0c8

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 07:14:06 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 08:57:16 GMT
server: AmazonS3
age: 21130
etag: W/"261a10093ee55fb7fde7cd260d7d9fcc"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MVzk7OF61ETI6Uol6cjm8Se2MYvjGOb9C9px7suRKsN6iEmgtVac-Q==
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)

GET
H/1.1 200
OK dv-measurements1874.js Show response
cdn.doubleverify.com/ Frame 5C50 490 KB
89 KB 20ms
20ms Script
application/javascript 2a02:26f0:b600:182::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1874.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:182::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 11:10:53 GMT
Server: Microsoft-IIS/10.0
ETag: "801ca49edadad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91038

GET
H/1.1 200
OK dv-measurements1874.js Show response
cdn.doubleverify.com/ Frame 112F 490 KB
89 KB 18ms
18ms Script
application/javascript 2a02:26f0:b600:182::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1874.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:182::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:29:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 11:10:53 GMT
Server: Microsoft-IIS/10.0
ETag: "801ca49edadad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91038

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 251ms
7ms Script
application/javascript 2a02:26f0:ef::5f65:4d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5f65:4d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UxUS33fHL218Vnzc13h98diQ7RaRtNei5LPRd93R_Q8daD7wcflOWodcSM-pqel6mrDcKP6ejWKBuPn9C_HdDY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 12:34:46 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 3366 364 KB
103 KB 82ms
16ms Script
application/javascript 2a02:26f0:b600:19b::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:b600:19b::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduKa_qQqw61VFjLLBKEn_1RKXxuBku1ic38_K2uc9101ecWS7LWaNu2YsIrg0IILFfB-XGLJF3MUGeMAFpYiBU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 104652
last-modified: Wed, 01 Dec 2021 06:59:43 GMT
server: UploadServer
etag: "c090f073758d1a9717d1a9aa2c037cb5"
vary: Accept-Encoding
x-goog-hash: crc32c=bxmpzg==, md5=wJDwc3WNGpcX0amqLAN8tQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1638341983568684
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 104652
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 12:34:46 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6217 0
23 B 80ms
79ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQ4pY4F2D_79zFn5ndGPyM8XYqhCZKSetLm2JwlVI30XnmmhoAlVGeDuA4JLLVS152XfGA_b5rwoI1cssT-vNPRkmcez5CNk3Y1x-wnaFZmPMZn5mJOsStQFqKp3pcapRpBLHy7R7_Nyg_JckueLve&sig=Cg0ArKJSzEprsXKWajDkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=510&vt=11&dtpt=358&dett=3&cstd=149&cisv=r20211201.05413&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F708 0
23 B 78ms
78ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBMMmpdNSFCZ5Dwn8GTwlCL529apkLJg4dTf4b_v2klJorkLQE7WJHyx3IZZsUj6fUOvGYah9HnDg5KymFpGeNa_yHpNE0GhTNd0P525FtbW7LqV_d8boGkgNPmxez10J5FsXn2paqxoRAsBmwFJTr&sig=Cg0ArKJSzJCY5Etqo_ZeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=558&vt=11&dtpt=358&dett=3&cstd=199&cisv=r20211201.63005&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 5C50 1 KB
1 KB 372ms
11ms Script
text/javascript 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=226&ttfrms=24&brid=3&brver=96.0.4664.45&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETar9EEADTbpTauTauhb52ebggah_cee4ebbdhd47%60hcc%602d_g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1467&ddur=139&uid=1638880186345314&jsCallback=dvCallback_1638880186345943&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1874&tgjsver=1874&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F93da6388290466c633595cf19441a508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=22&brh=2&sdf=2&dvp_epl=219&noc=4&ctx=2837563&cmp=26699562&sid=2293535&plc=318027000&crt=161655668&btreg=510557195&btadsrv=doubleclick&adsrv=1&advid=8508620&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=213089682622.61737&dvp_tukv=88714219145.4174&dvp_uuid=292219195104.71497&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=656104497917
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 34fde0c756223e68ab3a0de97baf658593b2f9c77367c2c7926aba0cbdda0d95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 12/6/2021 12:29:46 PM

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 112F 1 KB
1 KB 353ms
11ms Script
text/javascript 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=247&ttfrms=7&brid=3&brver=96.0.4664.45&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETar9EEADTbpTauTauhb52ebggah_cee4ebbdhd47%60hcc%602d_g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1378&ddur=131&uid=1638880186367323&jsCallback=dvCallback_1638880186367632&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1874&tgjsver=1874&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F93da6388290466c633595cf19441a508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=22&brh=2&sdf=2&dvp_epl=219&noc=4&ctx=2837563&cmp=26699562&sid=2293535&plc=318037607&crt=162004170&btreg=510834316&btadsrv=doubleclick&adsrv=1&advid=8508620&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=9001286.50729652&dvp_tukv=42849857746.75409&dvp_uuid=4867328083.919685&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=1594109068471
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 3a84a0787e2b0e8c5d612e6f58561b9720526b488b5117138037c4778dd6e55e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 12/6/2021 12:29:46 PM

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
328 B 61ms
20ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
337 B 108ms
40ms XHR
application/json 34.249.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f5fa0dd1c4bc993566a9610fef316e9a9d42b757f9d0e7c49c1f189fcca75f9a

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache
x-server: 10.45.6.80
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 113ms
39ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: a622826000e4738be5c448e59400ede9e4e0568e699ea27eddf8923f53900ff9

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 06 Jan 2022 12:29:46 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 372ms
97ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.stripes.com&sn=&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.1.2.90&apppkg=&fv=1&proto=https&pid=5ebd1adfeb6db67e1d52ebba&cid=5ebd1d747d7c78697e0af0a8&stagid=&stplid=&e=inventory&vi=100&cb=1638880186432
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 3 KB
2 KB 358ms
128ms XHR
application/json 35.172.120.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html%23&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fhls%2Fentertainment_01.m3u8%3Fid&tid=1&d=desktop&i=0&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&AV_CHANNELID=5ebd1d747d7c78697e0af0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.stripes.com&AV_DADPOS=1&d36=6.1.2.90&sver=1&avtoken=186431&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1638880186481
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.120.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-120-178.compute-1.amazonaws.com
Software: /
Resource Hash: 9162635e3d5891c5448e69937fb2226ef5efb17833ea411f22d2cc0c28166c57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 25 Nov 2021 22:43:06 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 169ms
169ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT

GET
H2 200 entertainment_01.m3u8 Show response
content1.avantisvideo.com/hls/ 18 KB
3 KB 101ms
11ms XHR
application/x-mpegurl 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.m3u8?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 980485cc01b6346151dad5b784abe4801073817a25a380950521372f29372172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: RKQPsU7saOO_wLj1XRBl6HPQptJrF2Is
content-encoding: gzip
etag: W/"97ef8f2b4b9507ac29f3b4ef8c671ef3"
age: 74054
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.stripes.com
last-modified: Mon, 30 Aug 2021 07:19:34 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 15:55:33 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/x-mpegURL
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: H4-tPpOAW9d2AkKuOxtgu4svD5bsVWBOv_FFLYQRPDFbu_Muu8bWyA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E1E 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJUD2uVOvYf--IImA7_UP0saRkAwAAAAAOAHgBAI&bg=!vb6lvvrNAAaQHwIOkB87ACkAdvg8WkAqRv3fnKRClFwlc5TtVHd10bs-3PFfAIBBXigq788K2Mk13wIAAAH_UgAAAC5oAQeZAwqMmGaBNARBJXxjnpgzdJPgBymQi0KhHb2BZauxPNp3siXW6zfXpNRTH4DOJ6-6qxEhJgRBlQWocHe-bHzsyTbtetikabH3nsbKCkcZxaPYnNZQrCKc874jnFdmCRT1uoSFBTiqsz1FKbhMX6AVxQK7zaCoiQRo7dAfVyvk8rUoJmlTxLIVrBoGvwJGhrqdmpOVZYbWMY-szS_RPhq-3iX8s46m06F0geEZ1lA8f0nOWppTxTroR_rO-9FeUcIFvnHegwrtIn6eIh2BUq6JT0jBCWXimB4CmtyFnCIXRxFe-aAUntoC6u5ZcTRh50MRBX0j_0qDxYDDp99AnFZJSuY0fEaTzjX3x0OKKsjCegJhu9icJbXW8S-AVUbwV_zjqkiFGwV2I1imnSs5t5fcvoys-Teu5BkWdn8bVNwQ3rf1I4VbYDiwLj9649H5v5SY8PbjI1qALYJ7lH1dSzQJ6Yi6YPzWQEclQLh1GWa3mrZfr3hiCEJG5YMUPVQ24ccOYPUgiBP7_R3vrT-0POgUd8CWALJfRCIt4RWWj-iJLGbQWWQxvLavj1mekDMaeu9xPjmLP9lv5GM2HGoZIbSv-kVz-s44vw_Z6xroDsTqqju4yXD1G6Hjbpb_1W4T48KC_YshBIGTX4a1Dnq-rrZsCt42cKz4iQZDEM8ZOeaHbkN0vlYU6PXA1mGPdyKUe0RDfCyjV763KCqzMnpfJcz8WV9LRsBmLC_6LRtDiqfEqxgPUkBpPoJYqhgMyLR4nKcq4q94xn16MdeJva89ZdQNQGhj5BnhIO4edgDkD10DhMy3EwzBSgKhW8P2VfptEzlbPg7Ni5ey4jTCEXWG1zSAHNth7uuy0Or3ZFGj6dIM8edUs3_NQdDUWwcQIAAG4p6mAc6Mrl65qqshOdvymHUS1Rpj0HGFSPfTO11hlUz0QrEKGyJ5vo0VG2nlveZsaISw6S3l892oHjy18VufqQ94gPBJWBWUvBi2teq0O1JG7M6VKnP4n554woBbhXurURWqCzLECupwNTduDpwf

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A07F 0
20 B 77ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BD31iuVOvYea4IN-a9u8P49OV8AwAAAAAOAHgBAI&bg=!cHOlczfNAAaQHwIOkB87ACkAdvg8WpTfrOLbNblBOpQ-0yjjt8R6y-0yGFUQfF920kDcHt1ELTKAHQIAAAJIUgAAAA1oAQeZAxRLIMeomE44xy6LJ4nHV-lh_WAYsuokDV9TiXwrvaM8cy1wyacV4fhyCRC6G2aTjT-Z56AYUSenKwl4zIR03V7kz88nWnPGsDjuatWrKJfC36saqte84cFqblGHx_JEbuPEs8E8mcCEHBKGJ9cjiZUzEfI0yu82qZhAJvO66Uqa-eLAi7aEKo2RYXP5o8cbaqCroL2UQfMuAI3q67ePqjza0CQgBKeUQ5SqEEtllrzoGVQ1vA4Tx_T5JduYKqv2uPuu_XsHLe20tz1bNzUGU7T--BIgRPvbw31uNdbSLYNi44j9luvsB4EZOF49XZzzcn00xUxwG36SebWZ1IXGrYGAwap82J2EL55Dss_yGQ5T15MN0mPtZTFb9nmHLj1ehH-_C0YtLwPDPeZMDXMDtH1r-PeIYKDeRmOqVuF1s7HYWM1eZmvRmKU4p_WUShC5gSezzp_LxkdH3ChxB-ZcFj5StaxHDwTUJlHdM2OaqJN-EkgeRMMQY3yvD2I8-QCrW9hmhu7HNSgehFESCyngq1cjFQ4nV5j158jJFOfxCYBK9hL2kSPo9sPYSmLUE_03eHyesy_rpEPbwo6LPOCvvggdFFqwNLBsbK_lKFcu7jSnbk_95VQDy_JlTF6o5NzEByKYAkip4OlRr7Y0vJaFi9K63uy6Jk2CuVnErIU3pZ4vYkHH1qvZ2RyG8OwwGlgE0xKC7mYUSWrga-n4xZSRUFK7WHi75WjXGsyedvXF7t1Ya0IUk7SuzD5ck_lfj7FQiFS6__QLO1vxZindKTMEYKpz2voC-Q3FwrhKHE_uxZRFHQKv9JIrMaXvqkPx9TClsnnBoFw3UMLQW2-PtaYARMZzACId-gsif2FNVn8t-Ydx1RhMrPj4zgN5QZADP9eX2sZMPOGh3U9hne7gRzWjdeGixXMl1k7Q_BuU7vy_TLtgH6SZYN4tfzxNPayU8oCLBh-f4efon-h2tHiAS4getE_y3TTuyxdH_1se_aF-1sa8skFotGCsHwX5dJGjBGQzNxwlI0pZ1J33LMVmTUmK1WIiC1DyRg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A98 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlGCquVOvYYrGILCR7_UPn9et6AEAAAAAOAHgBAI&bg=!PzylPHjNAAaQHwIOkB87ACkAdvg8Wi102b9X25MjJCA2rlxI6Ox-DGCGl0RhjdVDS-64wL2drRzrHwIAAAHTUgAAAAxoAQeZAy6YfLdRMTbJoOKOcG9dsz7olLntwLw15_WSc2VwddsZQVUsje9OjOlOIFIWDifuX0FLBXc-_sRikICDHoiUH_XlfXilt1vmI9dX-E4UIrZUFKKY9R7bNQ-_qbsoFzHXuuzpW0-3gJ4kHQZiscLrkupfFq5k5B-iCPRVWbMjNum5KKyj5z_b05aNg3VICojAjXUepMI7mS-KWq4rK-1b9NfKx6R6YzQN43BPFDsi6i6l2FjBoIuMEtkFyC_o9yQ8bBgxtn7TAQWX-bUpG-RSMZkmTtNzOBDI6ePqWFhqkBuGXL4fkQjJ1Ah0dveR-9nf7kkLqeeTTyv_5FwY-blcliH5i1DLCk0w5GJ8J4v8qremKAwH68DpncxGMjj8Ssw8eoRrYcgH1es43adEkwJ6C5Ntn_mAyWO3GvR3sQlRMgkJzMQwkP9BoNlFr8mtSOsYn3xRoPjJODhYsQm94-SXOilLlPGSPLBg1zYZ3FFKGZbW9hqav52CYUmpa4fU2iHIy4fyW7B37sV76gBW4U74N-xUX7lWJWMGOZ852lLvzKLMrYvga87ZaSViQ-KTKctCEjP7dahOleTDqaKeqxI8OA9K0M9m6BPqWtyLwZoLCfLOxkJJSGVi7W957vkYm0uIucJFxCMtLADGrK-8L3xLtThZcgj_UdvIoh6IGIursYFZ1u77m7mZMa1iNh61IAKPGL6iu-IU9P4mJF9fZ6Etc0aArryRRVI6BDph7gKuE7xcO4OnAMgIHL0EtpoqNCWgo-nzP2DSBQMrH1oatDHmM2c9ScmfQaePLzzNTd2F4jxsYmmqdXAkbXvAsTvZOkaw0ghmWzBq2A3Yi-BzcGteaVhY6WoI-BF_229PQVInaQEoLWO6kjAeV1ZkSSvIgyilPKnm6eVZ4jG6Hin6wSX6jtVUGet0HDMKJjjvc1tbwtVTBfpteKL9tOAyf5kXI4TgLqAqVqNkbXIcmMeOOTSvrXeH775PbWQCB4DszIPG6GZCo0JCem3BYNHp8SyKv1NWCWhYpNsAE75XneyuUHhq3rUBXhC2XqPXH0bJ7et3A-pEHlnV306LBQ7l60zDB14Y

Requested by

Host: 93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
URL: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9319 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrrRCuVOvYbitIPGf9u8PhYukgAcAAAAAOAHgBAI&bg=!jY6ljsrNAAaQHwIOkB87ACkAdvg8WsHYGM0WtNW3xfRg6WcS2MyZ7rXX2x_OtoZxUGwNWE79sdzBNwIAAAGdUgAAAAxoAQeZAxV9yIr6Zn0MRVgGK_sKUBsSRH-Z22uT5MhIXaS-8UMrqRM8MoujyvlVm57E1NNipmoEai5xMWU4mNUd8OdJ5r3xUf-PQbzOO8M96CQdJaESJijTVfEVjxhu-3VFwdDP5bpWDqtOExWSTKNqx9LWT5liDuoeYN4Fn1cMY_CakhJbZKRaN2JPmzgLUvXCteJLQuUTJya5uk5t0J9nSQP9j-1ol4xp6kqBAOHt7JuZSsQ481m3o3JIMkGOhpQocLoV-5axin4v1WuER_jg58VgWs3zr4SAd-J65Ur_9ete8Yhz3pAgfhhgUAnyAvzG5L9ACbENPwfhCrkERfqlOuGKmsi-d_f-xZrUrymFZc5vwTj2JTDImgvqMBdvUCmRDwqOlpyV1kJOMQVBAhgm2pYTScKFlnKwSfw9WyEPmsh0vC3sQ1s2NK0BM7pDxzwNVp7-zp2R7cINojSj2bKfvlC04yCOCv-K4FmtjcWM42bVHmYCu4Bz-flTLvCgjZvfP8Ba4GZnzgAcSY5Q4lJpL-xDIq2DWkpurcxmO_qMt1xNlevHt8Ef_yoz3ZQOORVXw9F-7ly_dENQGL4duFqXRJZ7UoNwphE_Wu1yooBirOvWt1gKucFPd13WborIzBrIoCWcWvsL24oRmYiSWf8MmfZuXqRYHROoGdO6Bwxi4Y5th2YOoXKZa4UZU8oeHcbqBIRofc0PpVWzvguA52ZVG-ha4Vfn5DB7KlSppw9CKetSkLgyXcFZVCjqugqiC414Nz1mTRHFV8Zlg8r1IYI2u2Q3TdeBwPz3EuK3YieGS0LB9sW9C6iwH6Nsj41ETY3Oq9jijxRyLS9-9ena7kZrRXntnSikeMrzKL2kxA9ziAQ8Ilu7WTZ86X8fNFNWPraQqUNzTJ27HsO9PI8BbatFlwlwyTQdaif_koubfTjAbV9zXnyosqdI1idZ41CpTINdlAhVrGyobYuhW1BH0fsCts_AKawfuBuUtKLNQURFY4DbFQpDZ4Zw-gKWRwGTzLqynPnSttlFGxR6aRvNRG9QFFF1NL1O6qoTLzI

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
10ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: mkwrBS1KI7aIpePXW_DGkv4QUMs0Nfp2x1ylz0i5TXwR0LqqzGrLww==
age: 76027

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 138 KB
139 KB 12ms
11ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17e075e835869e09d407540929c5619ff56d3ac5e396cf1666e65d03b578bdd9

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-141563

Response headers

x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
etag: "06e56850bf5e13e2a50111093f99f835-3"
age: 77447
x-cache: Hit from cloudfront
Content-Range: bytes 0-141563/36404884
Content-Length: 141564
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 14:59:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: hsTR6ZilDUav8K29jgbNdwndQlcFQoN7DpJ54dfu1KkVYH7G6cRB8Q==

GET
BLOB 200
OK 39a5f7f3-6635-4ea5-b958-acca88a7982b
https://www.stripes.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.stripes.com/39a5f7f3-6635-4ea5-b958-acca88a7982b
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F708 0
0 77ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt6kaeuaVIwYCemYLzhyJgTvUu9J6aFLMXU9o_td9e9igBNa0NpJl0VxBVorBRPnHsdK6GAd9jXDvZkdFyIqOSEytgrfU-JknC4zolm7DTZaGXNW5Hzah1v1a9xo3FSE8NXqkLOUXW4OQIgWptDW6_ckTdYoqApkoAShUq2OKY5iQHg6Ig-WdHOys1KPdXSPufqkmQduUQdRE4NBKa_05smvJYgcMxaFghHyoIZIiJij_DP0Wvjdu9P8yzk8Gkm9Jel_SOBu1NrBACxZyEakxpKgToUjDyfaRFZiK8HwB30ghwt_U_Dlm-oWwNdBZvs8-z4PBUKMI&sig=Cg0ArKJSzJOOwy4OvAChEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 12:29:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6217 0
0 77ms
76ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvoOSmhShAQIdGx9jQmiHZFBcx2lJ_BGCf71lqdVGIUp4d9w2eO4Zc48om8gW5GNraHpLYwfiU-hN8OeZoPDlmu5iIINtWHKWFImCPqzQI0KaDhvGqhplJlL558I9GvfXGz1Q7LjXV7WZ8ruRWvso3qciDO-EPmwO0OBiH7neAp8TjUu9RobfsKI7E3-QjqQrTIwap_zRSoOhoXcmL2JeiDJPJC3_c5i_xLx1x7zyesvXhtznkEJpxcMOiGa6GT_DtP5CSCitEHuJrWNRn7MlRErJgng3Yv_00FRJWbe36HDdf8ZrSBBo66238RnnqeIdu5i0&sig=Cg0ArKJSzOc4yxR_cY80EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 12:29:46 GMT

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
10ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: OMFT7KM-LnqK73AFb3JIRpdUjO3UiT-x35oFomsTDyYrHJB_zCm0aw==
age: 76027

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 149 KB
150 KB 14ms
13ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e277a4ddf16c2f1dd6db079752d72a3ca05437fe5dd8cb36f7a61dc07c9577ff

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=141564-294407

Response headers

x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
etag: "06e56850bf5e13e2a50111093f99f835-3"
age: 77447
x-cache: Hit from cloudfront
Content-Range: bytes 141564-294407/36404884
Content-Length: 152844
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 14:59:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: g0uscQQeep9nafuUWn-rhl3zCiDbvIj0zxPzvWbFWVEQTzmWJZ93-g==

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 178ms
177ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 101ms
56ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59bddb666827398826795a92afd6da527ba3a56d24c7c63ed61628155cf2167b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8591
x-xss-protection: 0

POST
H2 200 v2dyj_zZzeXcby9yn9PFgJBprPZ1dt6_tkumU3hvBePRw3XuerqhfFZ-PPohywIKpbGOwe4MLwwQDaKpwKg Show response
unwieldyhealth.com/ 216 B
613 B 62ms
24ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2dyj_zZzeXcby9yn9PFgJBprPZ1dt6_tkumU3hvBePRw3XuerqhfFZ-PPohywIKpbGOwe4MLwwQDaKpwKg

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

df6ece9f7f201a2d4cd491175f028fc8f2c54ac439845b1a37d5cf03d3e3f785

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 12:29:46 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 26187baf
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 07 Dec 2021 12:29:45 GMT

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame 6101 240 B
960 B 12ms
11ms Document
text/html 18.66.248.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-53.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 07 Dec 2021 12:29:13 GMT
cache-control: max-age=60
etag: "f7902241893e7a497417843cb15dc858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: VFUa6hy6SigZNX1r5LlliL5CtVKVXBTiKVNvY3OOZJ5stgWlilSVRA==
age: 36

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8F14
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638880186076-952371687883-005920-000-002504%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1638880186076-952371687883-005920-000-002504%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1638880186076-952371687883-005920-000-002504&biddername=55&key=4335068151476890128

0
215 B

326ms
97ms

Document
text/plain

35.172.49.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1638880186076-952371687883-005920-000-002504&biddername=55&key=4335068151476890128
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.49.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-49-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.9
Date: Tue, 07 Dec 2021 12:29:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1638880186076-952371687883-005920-000-002504&biddername=55&key=4335068151476890128
AN-X-Request-Uuid: d1b3847b-863c-4a08-b91d-25cb17fa2fec
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 3366 314 KB
98 KB 17ms
17ms Script
application/javascript 2a02:26f0:b600:19b::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:b600:19b::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 272a612f7fcefd5b1292d2b642a9a252c57ee1b6c97cdfaad321eecca2466dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsMqMBCZuv8Hb-A3Jk5_es4M7MzFuxHyX2NsiJJyQU3BbLymMZQGHeeRfbC7Hz8SSmqQjeU6GqoI1zNvK6AwZjvgm_S4w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99492
last-modified: Wed, 01 Dec 2021 06:58:16 GMT
server: UploadServer
etag: "58251031c6023dee10212742471f8135"
vary: Accept-Encoding
x-goog-hash: crc32c=V+UbGA==, md5=WCUQMcYCPe4QISdCRx+BNQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1638341896718566
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99492
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 12:34:46 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
104ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=11395&t=1638880186&cip=185.213.155.162&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=&aafaid=&proto=https&uid=1638880186076-952371687883-005920-000-002504&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.90&cb=71478528684&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&&ppid=5ebd1adfeb6db67e1d52ebba&nid=59918a0e073ef4782e4e347f&pcid=5ebd1d747d7c78697e0af0a8&ncid=5d4aab3928a06112b42d3a48&pasid=602a84ed49e41b0580387469&e=request&cb=1638880186853&asid=61ade67e4be78524bc647707&ofpr=0.42&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6101 0
346 B 542ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6101 1 KB
1 KB 11ms
7ms Script
application/javascript 18.66.248.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-53.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 58
x-cache: Hit from cloudfront
date: Tue, 07 Dec 2021 12:28:51 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Cloudfront
etag: W/"5213886b88cd72e6d0aebc89868e5d13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
x-amz-cf-id: 0U-68CC-kNlmAJOVUm0Nn-bRhPg2AMIC1CKBG0MoJfYDiO3v8xw9-A==

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 218 KB
219 KB 13ms
12ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfbe982ee294d174684531b67d33a5b4998909456a6068ab5c99084686bd5d8

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=294408-517563

Response headers

x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
etag: "06e56850bf5e13e2a50111093f99f835-3"
age: 77447
x-cache: Hit from cloudfront
Content-Range: bytes 294408-517563/36404884
Content-Length: 223156
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 14:59:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 20BNPquP33YQE7Yge6CuIsByN272i74BG7KkonbcRU_QF98bLc211g==

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 11ms
10ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: F5Lw70cYLDzm7Tt_PUtmJiIpd1-l8rPVn-XE0l-ZhIBEse_hRiyYGg==
age: 76027

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4B58 932 B
1 KB 84ms
15ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Dec 2021 12:29:46 GMT
via: 1.1 varnish
age: 99
x-request-id: ff5854ae-a50a-4ab7-ad20-8644a19ae5c6
x-served-by: cache-hhn4023-HHN
x-cache: HIT
x-cache-hits: 165
x-timer: S1638880187.964388,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
976 B 29ms
9ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5a56e466d8f759ca1e678bab22d5f781814eaaa829c5ef2da973bee3f65a0ce2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:46 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b3e61814-6a68-4105-b60a-63f2b18de040
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.stripes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:29:46 GMT

POST
H2 200 v2spvWzdPQyj8ohOro_z0qrMcmJnQgYmAafXzqJncHnFUu7r6FzAfFCp6X5Wo5tDLNO1mUpFr8y2T4FTqTg Show response
unwieldyhealth.com/ 3 B
59 B 222ms
222ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2spvWzdPQyj8ohOro_z0qrMcmJnQgYmAafXzqJncHnFUu7r6FzAfFCp6X5Wo5tDLNO1mUpFr8y2T4FTqTg

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 12:29:47 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-hostname: 26187baf
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 176ms
170ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F708 42 B
64 B 77ms
72ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAwqH7PnLm-cXpfxlD40ji0BRrWF-x2rMLVq56Q-QMU-OSe75MTwsZe3T6HikfuUsIEr4wS_jnM0GrVrpXcmbMniP2Ki2m&sig=Cg0ArKJSzOG-dYzEjdO8EAE&id=lidar2&mcvt=1011&p=0,0,90,728&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=1262329215&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638880184549&rpt=1425&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
96ms Image
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=11395&t=1638880186&cip=185.213.155.162&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=&aafaid=&proto=https&uid=1638880186076-952371687883-005920-000-002504&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.90&cb=71478528684&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&&ppid=5ebd1adfeb6db67e1d52ebba&nid=59918a0e073ef4782e4e347f&pcid=5ebd1d747d7c78697e0af0a8&ncid=5d4aab3928a06112b42d3a48&pasid=602a84ed49e41b0580387469&e=request&cb=1638880187001&asid=61ade67e4be78524bc647707&ofpr=0.42&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 183ms
182ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

56a8b195228754be7f897cec4203fc9b8aad535fc228b6b510ae46a66c08f704

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:47 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9f8254ef-f707-49f7-ae66-fba6c6f15e24
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.stripes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6217 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvo_BOQrZRrNaIX2Eb5matPg7bgwL-ibuVObWtN2UsnqHSzLLoo4jSA49gU_yb470E0kaaZ606H7CuK81R1Y0Pp1eWN44kL&sig=Cg0ArKJSzABQBs66V8-UEAE&id=lidar2&mcvt=1027&p=0,0,250,300&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=2584423925&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638880184453&rpt=1499&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4B58 0
121 B 390ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame 4B58 0
120 B 391ms
172ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT
x-envoy-upstream-service-time: 2
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 11ms
11ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: djjGQWP4Rq8styJtkz5-LWSYlIjsEezCxyt7JPxaWgSeaOUO1UHxhQ==
age: 76028

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 164 KB
164 KB 15ms
14ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fae68c6ff4b1773569c132e8e4af70fe5c8b2fdd42e8a4aa63fc94e6f0dc101

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=517564-685259

Response headers

x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
etag: "06e56850bf5e13e2a50111093f99f835-3"
age: 77448
x-cache: Hit from cloudfront
Content-Range: bytes 517564-685259/36404884
Content-Length: 167696
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 14:59:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: pS65gDHWAbURPQAnxn7GAUy2smalk93hFjKLQ56s0_w5agfUP_62cw==

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 4B58 85 KB
16 KB 8ms
8ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 79
x-cache: HIT
content-length: 15786
x-request-id: 8dc038a2-de34-4d5c-8972-de148a58d6e4
x-served-by: cache-hhn4023-HHN
server: Fastly
x-timer: S1638880187.038919,VS0,VE0
date: Tue, 07 Dec 2021 12:29:47 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 134

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 037D 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 11:06:00 GMT
expires: Wed, 07 Dec 2022 11:06:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CB9B 783 B
535 B 51ms
51ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cb69b7592bed907a92293404c853b158dec46bab8c7e723cd260eea4cea01c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9RCoTChUhpQPw33zDn8KIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 12:29:47 GMT
date: Tue, 07 Dec 2021 12:29:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9RCoTChUhpQPw33zDn8KIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 6 Show response
m.stripe.com/ Frame 4B58 156 B
523 B 539ms
173ms XHR
application/json 52.88.27.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.27.164 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-27-164.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6c815c41c145d395dbc4e821bcc867b3259b7e41449be677edf445e94837e1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 172ms
172ms Ping
text/plain 52.88.197.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.197.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-197-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 12:29:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CB9B 0
0 82ms
82ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=4306913567837946&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 167 KB
168 KB 13ms
12ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3a78402e549c2e54847c7720b4d83b34d23548bc24367adadbed0fa6e44e994

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=685260-856151

Response headers

x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
etag: "06e56850bf5e13e2a50111093f99f835-3"
age: 77448
x-cache: Hit from cloudfront
Content-Range: bytes 685260-856151/36404884
Content-Length: 170892
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 14:59:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: W-9WK_SkV2SSwaFMZ7DV7Ft0IcaxpSpUc58pvpvgOIo28cVu3uUZ6A==

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
10ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: SlyiOifIjGQSJJAjUWfb-5uvL3nr7NqETKGrJBoSrdN8xQRc8WMXKw==
age: 76028

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 037D 35 KB
13 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=4306913567837946&bg=!trWltfHNAAaQHwIOkB87ACkAdvg8Wqy9rIC2bh_HDvzBCcxpu1lVe1Z2WY8-1A3EvU1JuX6yVKyiZAIAAACUUgAAAAtoAQcKAHFbymJExuX7p9KIzhxUkKckbTwUWm1pRbztUNOC087eymoe8JBY7B8hKxORqqHsPMz1ttc9VaahmZjc4bcvxQM1zNq1_Rf1yEP0ro7GkKWYq9CCXshaR7Py53c8-lZWjX5TRBvFCvzd-gWFVUc6V8e2OZkCv8o-LNH4m7WrnFu5am75aw0n7B2nnXXZaXTHG7MPBgKMDVZ9UN9QqW_sdMBhBmvSco2JxXVkrhsi1BpYlJcGHmi-Yeq_qaVGnzvat-RhqzRCFR9P9DmAsqmL3Shs42N1EZ6AwHNybErMcD5sqv94yxhdXwOmMPsK6ZEyyFlIbhrGBtjGYuTfe5lyqGbaDw-sga6vSjEyH26gjSgq3me50Nm_5Ki5Xycv_ixAp9SNkY_JhqdTuxPrcFXsg_2mXZwqrn3mUCjFZEZ_43kqjeZa3lHx00ncglXVvzO14KaY7vv7NnTFrcnjatiquyo6gw5zBnm1xKH64I-ycZWHJcoQPmYwHMUaFe5m6g9r1U5jMo2nnLta36V-Q4srlKqlpKSf2a88C9kadYywjKrqT9rlu5P1puaPawnTTzKT2NO9GTuOvPneixOIzlX4Nj6yUZpmvXkU57J8Rd5XOMmIKTiMAPBJ2znUIURKkE_AbYrG81vUjcQxCMNJ2dQSHBnPpGn1FN5CO4_2V7PKpBjjTrkve-xNrbwRF1bjyELhAxlcfcRcXOpDU1iRJOcx7kyM4iRvaXv4YENVtXh2Kxmpdhzo9yfUXGHiqD9rKuA3ZmCg9R8NBKAqohgPgQZdf9VCGA63R0GfUIRjkNEnas1Hy7MBQk_UzKt7GIOKaeHEZpxwjQqbg0LFGToUFu8yOQ918hoM1cjdXVp-dE6CNfayTx2NbrfY9jnoOFZnROt7_HDXpxgO8bq88VhZmT7A12wEFVNPaJ2LUJdU3wJrTTvSbWeu_By9Qj8pvtfzoSn9hnUj96gQftS_u8-m-RuezBQqIZ1nb3b0W5Qhd4uU9aMXma7mbpxT6l8N8JOFJMcdbaysC3tePOvrZYBVWfsyzZ_4i-L5Noq_KLeMA4Go98SmyzHs_owDk_8e5OoIdcybITgZgpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5333 52 KB
17 KB 47ms
6ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 07 Dec 2021 12:29:47 GMT
Age: 35896
X-Served-By: cache-lga21961-LGA, cache-hhn4033-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 8, 520416
X-Timer: S1638880188.519440,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CDEB 52 KB
17 KB 47ms
8ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 07 Dec 2021 12:29:47 GMT
Age: 35896
X-Served-By: cache-lga21961-LGA, cache-hhn4052-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 8, 517674
X-Timer: S1638880188.519946,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5333 0
735 B 7ms
7ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:47 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f98bd19b-59d1-4743-a9e4-c67c063ae96d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CDEB 0
735 B 13ms
8ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:47 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ffde2664-6794-40b4-9718-9dd90ffbe00d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F708 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnTaUsDaNM4ABE0gzg2ZaMljyEjhPZMZdp8OhAMZyShD5yZxiwoJWs3aLmaWwGf-vJuF5DIZVJ6FWYbImBLCuOeQKur1QE7IoOhraleDzd_46-eQip&sig=Cg0ArKJSzMisIKZvfNezEAE&id=lidar2&mcvt=1000&p=0,436,90,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1986035644&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638880184549&rpt=2206&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6217 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAXCOK5iPb9uzsYUr63BE7IB932r815HBHRkhkDvarSXXE_ge0N2U7ZJki0TVAZH0EeIcEwU0AMyaYtGU7RxUG3R7TGm-2g29s_mzjowkulz5ygNAa&sig=Cg0ArKJSzI63mQYT6yP3EAE&id=lidar2&mcvt=1001&p=551,1145,801,1445&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=375948347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638880184453&rpt=2306&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:29:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 173 KB
174 KB 12ms
12ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 450278ef440b44ba95297e0e9f45fd70ca9203983837b00c6a0ae1296940ec09

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=856152-1033623

Response headers

x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
etag: "06e56850bf5e13e2a50111093f99f835-3"
age: 77449
x-cache: Hit from cloudfront
Content-Range: bytes 856152-1033623/36404884
Content-Length: 177472
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 14:59:00 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 1VCrmc_tp52r5RKur1O0OmR4CdRuS6aZdkkbjBhq1IsPpv2sjGX3SA==

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
9ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: MEtzppPzLs7YkebJpcU6ERs19hQ0R_FBSAWEQUDAiLC6Cuc9BFSw0A==
age: 76029

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5333 0
735 B 11ms
11ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:48 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3ad2be2e-1677-4427-a6ad-a526b7c7ef65
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CDEB 0
735 B 7ms
6ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:48 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fd4055e3-dbbd-45da-9519-6eb066052fc4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK event.png
tps20223.doubleverify.com/ Frame 112F 67 B
465 B 197ms
26ms Ping
image/png 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20223.doubleverify.com/event.png?impid=4dfa84a5b5c540febd8cb5af999627d7&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=354&eoid=8&msrjs=1874&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=131&tetms=8&msltms=47&vltms=354&sei=290&vetms=28&engms=1&engisel=1&ttfurm=2388&cbust=1638880188749439
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 12/6/2021 12:29:48 PM

POST
H/1.1 200
OK event.png
tps20246.doubleverify.com/ Frame 5C50 67 B
465 B 195ms
28ms Ping
image/png 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20246.doubleverify.com/event.png?impid=ef56b8a1beb941a8bc2f06545b4b4045&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=373&eoid=8&msrjs=1874&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=139&tetms=9&msltms=48&vltms=373&sei=290&vetms=32&engms=1&engisel=1&ttfurm=2429&cbust=1638880188752112
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 12/6/2021 12:29:48 PM

POST
H/1.1 200
OK event.png
tps20223.doubleverify.com/ Frame 112F 67 B
465 B 13ms
12ms Ping
image/png 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20223.doubleverify.com/event.png?impid=4dfa84a5b5c540febd8cb5af999627d7&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=10&ismms=10&isumms=9&isvelg=1&nvr=6&elmtp=1&isbxdms=2409&b0=100&b11=2516&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2616&sftb=2616&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=909&isuiabvms=909&ispmxpms=909&engalms=9&dvp_dpr=1&cbust=1638880189748989
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 12/6/2021 12:29:49 PM

POST
H/1.1 200
OK event.png
tps20246.doubleverify.com/ Frame 5C50 67 B
465 B 17ms
16ms Ping
image/png 213.254.244.19
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20246.doubleverify.com/event.png?impid=ef56b8a1beb941a8bc2f06545b4b4045&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=10&ismms=34&isumms=33&isvelg=1&nvr=6&elmtp=1&isbxdms=2436&b0=100&b11=2501&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2601&sftb=2601&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1047&isuiabvms=1047&ispmxpms=1047&engalms=33&engscrlms=171&dvp_pageEng=true&dvp_dpr=1&cbust=1638880189752213
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:29:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 12/6/2021 12:29:49 PM

GET
H2 200 965c136e-8950-46d8-ac5c-aaea479e4572.png
gallery.mailchimp.com/f141047f5265cca1bca1a0c28/images/ Frame E82F 1 MB
1 MB 131ms
18ms Image
image/png 34.96.122.219
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gallery.mailchimp.com/f141047f5265cca1bca1a0c28/images/965c136e-8950-46d8-ac5c-aaea479e4572.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.122.219 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 219.122.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 24ddd1e58048b259e6deeae98b02422179691006cdb65caeb236b7f4cf968278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:36:31 GMT
age: 3199
x-guploader-uploadid: ADPycdtVA-LNNtYLM1Mf-LEyP6u8J2hkePt8UqTJ8TnQJT6UEaGIBKS-b3j1b3M7tZ5bHgSCmubXs1iKwNnMpZ1w1mHuRxX5xQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053078
last-modified: Thu, 03 Oct 2019 18:29:45 GMT
server: UploadServer
etag: "b5c7e6cb1c31b46670d9cc70f4be66dc"
x-goog-hash: crc32c=607S6A==, md5=tcfmyxwxtGZw2cxw9L5m3A==
x-goog-generation: 1570127385991491
cache-control: public, max-age=3600
x-goog-stored-content-length: 1053078
accept-ranges: bytes
content-type: image/png
expires: Tue, 07 Dec 2021 12:36:31 GMT

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
10ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: fSThD5rcscxf73H8YT-GIEdM6xT9nvusgAWoqqv-YMJCou6egd9xgA==
age: 76031

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 192 KB
193 KB 44ms
43ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d55a37584d368eb4d0813578029415a243a625157550a2d4419dc0bfc019313a

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1033624-1230271

Response headers

date: Tue, 07 Dec 2021 04:59:44 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
age: 27006
x-cache: Hit from cloudfront
Content-Range: bytes 1033624-1230271/36404884
Content-Length: 196648
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
etag: "06e56850bf5e13e2a50111093f99f835-3"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: video/MP2T
x-amz-cf-id: wAN_zyhROVlmABRojVF1PiOHrX4pwhazbXMd39gR_hB2kSkdvdH6hw==

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame AF39 0
316 B 109ms
108ms XHR
application/x-protobuf 3.13.244.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.244.143 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-244-143.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 12:29:50 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 289ms
96ms XHR
text/plain 3.229.193.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=11395&t=1638880186&cip=185.213.155.162&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=&aafaid=&proto=https&uid=1638880186076-952371687883-005920-000-002504&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.90&cb=71478528684&d9=1000&AV_WIDTH=300&AV_HEIGHT=169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.193.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-193-232.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 12:29:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 209 KB
210 KB 12ms
12ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e820f26e3f69528008df4930c702b77678a6ea42a49ddf5f6a79191271a29a2b

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1230272-1444591

Response headers

date: Tue, 07 Dec 2021 04:59:44 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
age: 27008
x-cache: Hit from cloudfront
Content-Range: bytes 1230272-1444591/36404884
Content-Length: 214320
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
etag: "06e56850bf5e13e2a50111093f99f835-3"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: video/MP2T
x-amz-cf-id: E4k1dGOYK0hBTwr03n2r0aUOQAFNZlrdA5wAamdUyKPVMUbkOHOBtA==

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
10ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: GXFUYb7iDKG5AFBBivZhjAkKV2dUOr65mfaNNFJJ_YnoEKUb4bENvg==
age: 76033

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 192 KB
193 KB 12ms
11ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca9054d086deb38ea2bae375ee90db0d24d2002bc5e7cce8ba9fe0ce3f449c1a

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1444592-1641239

Response headers

date: Tue, 07 Dec 2021 04:59:44 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
age: 27010
x-cache: Hit from cloudfront
Content-Range: bytes 1444592-1641239/36404884
Content-Length: 196648
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
etag: "06e56850bf5e13e2a50111093f99f835-3"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: video/MP2T
x-amz-cf-id: e4t9LrlMp03iMyYod6OXJx0Q0IXiHL0PL7IEqZYI6lMeHpBg8JS8Ww==

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
9ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: _JTXR6DlwqXTQNBsBXpGSAahL7byTQf2cXM_1Cz-JYuAdRPFrCWa4Q==
age: 76035

GET
H2 200 rss_banner.jpg
vd.trinitymedia.ai/cms/1202/image/audio/ba245f8ca3ca9adf67be064863d2a596f0c21661c9dc6a8bcb61c26edd27b847/ Frame 6508 145 KB
146 KB 19ms
19ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vd.trinitymedia.ai/cms/1202/image/audio/ba245f8ca3ca9adf67be064863d2a596f0c21661c9dc6a8bcb61c26edd27b847/rss_banner.jpg?ts=1638799398000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 859956b49fd05ca9e088fe73e70bc263e0ea5329c2884baee595d146cf33070a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:29:54 GMT
last-modified: Mon, 06 Dec 2021 14:03:19 GMT
server: AmazonS3
x-amz-request-id: WTVJFWBE1EM25121
etag: "0b034abcf44653197866395432d88707"
x-hw: 1638880194.dop029.am5.t,1638880194.cds300.am5.hn,1638880194.cds156.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=79411
accept-ranges: bytes
content-length: 148895
x-amz-id-2: 4fveRQ3Vsfazc7iYKN7r6NqPLzw/1DeXm6qewgF9OeXyNr7prUkbFhKKhgiU4rMTqJ6gM3QZlsI=

GET
H2 206 entertainment_01.ts Show response
content1.avantisvideo.com/hls/ 160 KB
160 KB 13ms
12ms XHR
video/mp2t 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a116971cf3864f585a1b40d74eab4a669fc07712f9771ef454c7e45b27f300e

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1641240-1804799

Response headers

date: Tue, 07 Dec 2021 04:59:44 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
age: 27012
x-cache: Hit from cloudfront
Content-Range: bytes 1641240-1804799/36404884
Content-Length: 163560
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
etag: "06e56850bf5e13e2a50111093f99f835-3"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: 5PrueHREHovS.6dsS..MxoKBIdYn_7P6
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: video/MP2T
x-amz-cf-id: IX-9wTHHI02Tm_R_JGBaMvXn-UJ-1p6XUTVxcOHIsg4nyGBFp1JJHA==

OPTIONS
H2 200 entertainment_01.ts
content1.avantisvideo.com/hls/ Frame 0
0 11ms
10ms Preflight 2600:9000:224a:d000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/entertainment_01.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Mon, 06 Dec 2021 15:22:40 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd9.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 4aDp3QwlTJwJ_2Ziw_-sHr7yr4AuI6WzCOAZ8Gr3DrSUX5jTlLEsFA==
age: 76037

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.stripes.com/theaters/europe/2021-12-06	1970-01-20 00:19:28	Name: MCPopupReset Value: 1
www.stripes.com/theaters/europe/2021-12-06	1969-12-31 23:59:59	Name: ntvSession Value: {"id":3161725,"placementID":839427,"lastInteraction":1638880184265,"sessionStart":1638880184265,"sessionEndDate":1638921600000,"experiment":""}
www.stripes.com/	1970-01-20 08:43:28	Name: _cb_ls Value: 1
.simpli.fi/	1970-01-20 08:01:42	Name: suid Value: C40D93F84AD043EB8089B728FB25D0D8
.postrelease.com/	1970-01-20 08:00:16	Name: opt_out Value: 1
www.stripes.com/	1970-01-20 08:43:28	Name: _cb Value: B-_VRjCGPRpwgw7gx
www.stripes.com/	1970-01-20 08:43:28	Name: _chartbeat2 Value: .1638880183990.1638880183990.1.BXMaz9CklNh6D-RsveD16ns9CjuKQr.1
www.stripes.com/	1970-01-19 23:14:41	Name: _cb_svref Value: null
www.stripes.com/	1970-01-20 08:00:16	Name: TRINITY_USER_DATA Value: eyJ1c2VySWRUUyI6MTYzODg4MDE4Mzk5OX0=
www.stripes.com/	1970-01-20 08:00:16	Name: TRINITY_USER_ID Value: 7fe08c7b-d555-4a65-9bd5-8d47b96fa8ec
.list-manage.com/	1970-01-20 08:00:16	Name: _abck Value: B4C306FD382522353DCD18AC26CB8069~-1~YAAQ0uF7XOY3N5N9AQAA2gbflAdTYkBp+XEAn6tO3f/57vAq87Ew6+XY3LyIkcjKcBTGQjAg2JfGI5cUJOJEeBOrKtk+m06Z9ZqZLaE0K7S1QNo4RW7W1r6Pv0Ypk2Of4nDL2tevKncBKB8fwBsxFciiyceJ5NhFs/CUaqB7XlSpgBbteybxzKL4BOK899vRfb88/jA9JQ+kWcm3okBB8aGvdni+mxXTO5GlWJ9ofV3By24d/Fr4cDY54LbizYXd0FAeG1FGcVTGpeLYZJ+4i+kfVjK+dLUMuipP/Ywmdj4bTXNPxZqp7JV6PLalquhXlHDTNiQpsmXiv57eGKtk+1PyA70LdOwccGMkoHvITKdPzcwLRV7XDvWwZ2hwbSUpKg==~-1~-1~-1
.us2.list-manage.com/	1970-01-19 23:14:47	Name: ak_bmsc Value: F703B5C4C2B6CF56212AE720643A815E~000000000000000000000000000000~YAAQ0uF7XOc3N5N9AQAA2gbflA776t4+8NUMINealjtkoUREMUicKbvWdTEksKqEcdyWmfpgsBv7RIM2WES1PKzexqEPjFhbzYmn1O8Ux5eUX27gUR/BWhIrIDZYNTjjCCbZu7CESIQOSS0M7O2MSJMs4ePlglxtR4la6Xy0H+kR/gxcukMMi+EJOCtmLxjD/CeAhevnHdOoS7cutafqvroa6tr0n7Dpwbh3e0FnLrnmP6YAgbwdkGJufuspJ8COFXJ1GofzfD/H02gFo8Vmm4R09bvlNi/of8Vk8joTarvzRtTBBl307+9K+cE13azn8xdTSSBDc4lO92EfgsghIrvkPzNs6TGXIThJQWXHgibrBKWpJoqAmhlZ4fxOGLenl7zycE5z8XiWD/xTqC6UmrksgG4=
.list-manage.com/	1970-01-19 23:14:54	Name: bm_sz Value: 0EDB70FFFC822C4AEA8A16B36D6BDE74~YAAQ0uF7XOg3N5N9AQAA2gbflA68xdANVKGoxQnCg8Un9Xgxzr2zHkc2fdDP1eSPCc559EnfebaMl0k7FeYkIpZDpNmO4AxoE5JWQYI8cG1gbfO38FeYvvw8xWfwm3wxySB1MsoCwiH238rjX7UvoYexkd9NzzF8c665upMgGMk5ShRtLSCV7Z1q5EYzfQdj8x3Md8PuNaUFfBREZoSqDuhiZ/dsPqVkvYupR9nzyTKmAl8nm4eKp00eGNaW6ztl9LajTgbYxvaJLewtCjK1s7OaxcCXhDFabEoaEhoKGea7mAKSycitdw==~3617849~3753269
www.stripes.com/	1970-01-20 08:44:54	Name: __atuvc Value: 1%7C49
www.stripes.com/	1970-01-19 23:14:41	Name: __atuvs Value: 61af53b792f22446000
.stripes.com/	1970-01-20 16:45:52	Name: _ga_S3BD5CQRB6 Value: GS1.1.1638880184.1.0.1638880184.0
trinitymedia.ai/	1970-01-19 23:24:44	Name: AWSALBCORS Value: SQkHyyU03aN3mMDB6j23ZI6WIIjYwCi4XmlC5MnTmTGB5awE2iaaWV3hAKmqrfogwAPqgp7BSYWcWI/Cb9rUM/5+6yWPA50DHc7udG07qDIRc5SsGoxH9mbje0Of
.trinitymedia.ai/	1970-01-20 08:00:16	Name: AUID Value: 7fe08c7b-d555-4a65-9bd5-8d47b96fa8ec
www.stripes.com/	1970-01-19 23:15:23	Name: stripesWindowshade Value: 1
.doubleclick.net/	1970-01-20 08:36:16	Name: IDE Value: AHWqTUkZTTMi31wHVyVZd2azpTO2JOutHS5AyCyJwT_exFSX469j1HBJfaEJbaNHCnU
www.stripes.com/	1970-01-19 23:57:52	Name: _pbjs_userid_consent_data Value: 3524755945110770
.stripes.com/	1970-01-20 03:33:52	Name: _pubcid Value: cdd6a439-2a2f-496a-a46f-208b9dcd5e6b
.stripes.com/	1970-01-20 16:45:52	Name: _ga_TCBWEF5WWR Value: GS1.1.1638880184.1.0.1638880184.0
.stripes.com/	1970-01-20 08:36:16	Name: __gads Value: ID=825a0fcb36d85f64:T=1638880184:S=ALNI_MbQlABX9nac6PH7-X_hc0VUwfxlyw
.addthis.com/	1970-01-20 08:44:54	Name: uvc Value: 1%7C49
.stripes.com/	1970-01-20 16:45:52	Name: _ga Value: GA1.2.939030640.1638880184
.stripes.com/	1970-01-19 23:16:06	Name: _gid Value: GA1.2.1030356429.1638880185
.stripes.com/	1970-01-19 23:14:40	Name: _gat_gtag_UA_714126_1 Value: 1
.addthis.com/	1970-01-20 08:44:54	Name: loc Value: MDAwMDBFVURFQlkyMjkzMTkwMTAwNTAwMDBDSA==
.stripes.com/	1970-01-20 07:53:04	Name: pelcro.unique.id Value: eGRzemxtY2lycmxrd3cyeTN5MQ==
.stripes.com/	1970-01-19 23:57:52	Name: pelcro_count_of_articles_limit Value: 5
www.stripes.com/	1970-01-20 08:36:16	Name: cto_bidid Value: HvBh219lckhDMHQ0elZEYmxWWWtRak9aRFVhOWVJWVlPWU1TVkdkVEd3Y0E2aG5oYXJnQ1A0SEJ0b2k1WkllJTJGd3JzQXI5Mjc4ZnZqMUZmQjd3SGt5cGpkVVVRJTNEJTNE
www.stripes.com/	1970-01-20 08:36:16	Name: cto_bundle Value: m8PN619MOE12SW0lMkZvWVdqYmloSlFUZnk0U0U2JTJGUVNRSkw5TGElMkZqWnVpZDViWmxIJTJCJTJCWHdBR2hYakVRRm5UaURNaE9MJTJGY010JTJGJTJGaXZsa3h0JTJCdXB6OVJNeGR0Y0JuamNRSWlESkFHZGJhdHdqSFExaTRoS3BTM3lRekJaWE5JQkFEM2dScw
.reddit.com/	1970-01-20 16:45:52	Name: csv Value: 2
.stripes.com/	1970-01-19 23:57:52	Name: pelcro.pageview.frequency Value: MQ==
.stripes.com/	1970-01-19 23:57:52	Name: pelcro_count_of_articles_read Value: 1
.stripes.com/	1970-01-19 23:57:52	Name: pelcro_count_of_articles_left Value: 4
www.stripes.com/	1970-01-19 23:14:43	Name: _lr_retry_request Value: true
www.stripes.com/	1970-01-19 23:57:52	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-20 08:00:16	Name: TDID Value: 9ff1287a-e6be-4d96-aed6-d8dc75db55ea
.stripes.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638966586495
www.stripes.com/	1970-01-20 00:41:04	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%229ff1287a-e6be-4d96-aed6-d8dc75db55ea%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-12-07T12%3A29%3A46%22%7D
.aniview.com/	1970-01-19 23:29:04	Name: aniC Value: 1638880186076-952371687883-005920-000-002504
.adnxs.com/	1970-01-20 01:24:16	Name: uuid2 Value: 4335068151476890128
.stripes.com/	1970-01-21 01:31:28	Name: _awl Value: 2.1638880186.0.4-50525183-cad7ffa5d233dbf93b81b2c633233c94-6763652d6575726f70652d7765737431-61af53ba-0
.adnxs.com/	1970-01-20 01:24:16	Name: icu Value: ChgIwPVeEAoYASABKAEwu6e9jQY4AUABSAEQu6e9jQYYAA..
.aniview.com/	1970-01-19 23:16:06	Name: 2_C_55 Value: 4335068151476890128
sync.aniview.com/	1970-01-19 23:16:06	Name: 2_C_55 Value: 4335068151476890128
m.stripe.com/	1970-01-20 16:45:52	Name: m Value: 79d26092-d3e2-4d6b-914e-742c6f5370b544ecca
.www.stripes.com/	1970-01-20 08:00:16	Name: __stripe_mid Value: 3a6dab9c-40a6-4779-b485-55b56b4cbea443fef4
.www.stripes.com/	1970-01-19 23:14:41	Name: __stripe_sid Value: 9c03f80c-3b5c-4893-98cf-4d062d8a963b6bc497

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html(Line 1532) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-europe&sz=6x1&c=5085581298&m=text/javascript, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html(Line 1532) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-europe&sz=6x1&c=5085581298&m=text/javascript, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

93da6388290466c633595cf19441a508.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-location-prd.pelcro.com
api-public.addthis.com
api.rlcdn.com
assets.revcontent.com
avm.avantisvideo.com
capi.connatix.com
cd.connatix.com
cdn.avantisvideo.com
cdn.doubleverify.com
cdn.revcontent.com
cdn.teads.tv
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cds.connatix.com
content1.avantisvideo.com
delivery.trinityaudio.ai
depart.trinitymedia.ai
downloads.mailchimp.com
epub.stripes.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
gallery.mailchimp.com
go1.aniview.com
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
jadserve.postrelease.com
js.pelcro.com
js.stripe.com
m.addthis.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
match.adsrvr.org
mc.us2.list-manage.com
mug.criteo.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
platform.twitter.com
play.aniview.com
player.aniview.com
player.avplayer.com
pubads.g.doubleclick.net
q.stripe.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
s8t.teads.tv
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
static.adsafeprotected.com
static.avantisvideo.com
static.chartbeat.com
stats.g.doubleclick.net
sync.aniview.com
syndication.twitter.com
t.teads.tv
tag.simpli.fi
tpc.googlesyndication.com
tps.doubleverify.com
tps20223.doubleverify.com
tps20246.doubleverify.com
track1.aniview.com
trends.revcontent.com
trinitymedia.ai
unwieldyhealth.com
use.typekit.net
v1.addthisedge.com
vd.trinitymedia.ai
vid.connatix.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.pelcro.com
www.reddit.com
www.stripes.com
z.moatads.com
s7.addthis.com
104.102.29.148
104.244.42.72
104.89.22.184
104.89.28.165
13.32.22.38
142.250.181.226
142.250.184.198
142.250.184.226
151.101.1.108
151.101.129.140
151.101.130.137
151.101.192.176
151.101.2.137
151.101.64.84
151.139.128.11
169.50.137.176
178.250.0.157
18.66.248.53
18.66.248.94
2.18.235.40
2.21.140.111
2.21.141.175
2.21.142.98
2.22.33.114
202.212.180.67
205.185.216.42
213.254.244.19
2600:1901:0:7a0b::
2600:9000:2057:ce00:18:1fcd:34f:cdc1
2600:9000:211e:6600:c:b42a:3740:93a1
2600:9000:2156:6800:8:9ed9:9c40:93a1
2600:9000:223e:e200:3:748e:7940:93a1
2600:9000:224a:d000:1e:efeb:b400:93a1
2600:9000:224a:f600:1c:38a0:8a40:93a1
2600:9000:236e:7c00:8:48e:53c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:858
2606:4700::6810:135e
2a00:1450:4001:801::2003
2a00:1450:4001:801::2006
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2004
2a00:1450:400c:c0a::9a
2a02:2638::1c
2a02:26f0:b600:182::4469
2a02:26f0:b600:188::2c79
2a02:26f0:b600:19b::2c79
2a02:26f0:ef::5c7b:c209
2a02:26f0:ef::5f65:4d5b
2a02:26f0:fb:1b2::26e5
2a02:26f0:fb:5ae::19fd
2a04:4e42::714
3.13.244.143
3.213.192.247
3.229.193.232
3.33.168.159
34.120.133.55
34.247.9.63
34.249.68.36
34.96.122.219
35.158.176.54
35.172.120.178
35.172.49.77
35.190.64.11
37.252.172.36
37.252.172.37
46.137.184.71
52.223.40.198
52.88.197.51
52.88.27.164
54.161.145.16
54.186.23.98
00479816b3ec247bebe149cc083fb40db68e7c3bae96998c67d0dd666d509c63
00694c22b65462919f7067f79231cc2d916f31c0276c2cf521ed5d9fca9392df
008b7e5aeded03bd0e384a5c71d08d4e643b69f47e87f537b67c4b689ed179d0
0367166c171106ad6e8850d5499f3d5eeca25ad692c97a111045c07dddefa25e
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0558829269b394389d5ea50e298cc17d80babb299856d659a5a3b35f87071aa2
0641c5c4150eec9082db44493a7168d300718a478e28b628c37f766b2bf83aa4
06d35a9ff5c57d6b6a4175f5c8cd4fe62db29f6217f8aa695ee6a19d404a3bf4
09a589b9be56d57ddcf96823e15e13f752028c1a258c16a5cf5d9fd1d227dc08
0a7cd306c50dcbb5dc160c0b4b6d16432a71d229efa0806553c0fa9402e71066
0adba3a8e675d262942cd7c59f61fa77dac5f4208ec40f4ea8c371fe23de681a
0aec59c0803f49421ffcc6011dc42f89fc1b8f08d525116f1a348b25f362c942
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bec30fdc58f653275abe6e090a89e9ba89c52e8d20a66da1d4a14bb33a1b19c
0cea5263a3b6819b999123c15a2416b808c1c34d24435cb19c7fba696cf4a3c9
0dcf07542306051cfa16bd73fcddc2dc4ee540b58964ba08b9e62065f34214e0
0f1819026c806a90d255de37b5dcbaa697ebe215f13dfbe3c11466846de16c60
0f7b8fbc5b7e9cb9df31ae2c006e5db524ea0d37e04d824d83dc1bb9b8b44755
103a8848edf389902464b4995b6866378014c0cf4116a1247a0cb1586ecedef4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129f1bdf202d3fe70065aa13e821201cd22e8d4088d4dee3d13ad71b5f903b7a
13fe1f6b84ca309a854ef287a4954807afad92d40af592c40eea81501ee54a83
1427a6a628bcd74ac46fef27108bc9d36b79f338e7d005c48e4e96b3a6b34b18
1482386e18d9fcf975374afc941b1474ce955d3c54c37e97a9c01d284b68ec9d
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
17e075e835869e09d407540929c5619ff56d3ac5e396cf1666e65d03b578bdd9
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cfbe982ee294d174684531b67d33a5b4998909456a6068ab5c99084686bd5d8
1de247a80c68ee0c81d7dc38982eca90e34e4dd39d9a1ce6a83a5ca5241fb336
1f6d6747a20379285899eb273e878ce5e180fc9e8aa5463c5b00989f23a1beb4
219d55b0a442e35619d798a9cb86c13c8d266a52b7d57da0454b9fcaff4ba0a5
21eb6119029f2c6a6bada03dc288b036f90a33d21d54484c9f3b1934e695e07b
22f285b13c847acfae37b653367aec4453e570bd7d61158422db8cb1c792b3de
24ddd1e58048b259e6deeae98b02422179691006cdb65caeb236b7f4cf968278
259850f83e3a24cba1fea6a790b7658c126095659447a8d01f30dba16b7bb727
26a3448b13492179a8982952c2efcda0e7df69fc7eb55a36867f506941b88c93
272a612f7fcefd5b1292d2b642a9a252c57ee1b6c97cdfaad321eecca2466dce
272fb57309f383ef7395d61d54dccd2acea256451a4f0082792a8eb3dc412b7e
2764e65feb56d8e9f9051368a0e0ee9daf5263f1786adb335834fbd83889c22d
28a2e65bfa75a23d06df3f17d9721ec8e0518a4e5661e7a13cb43060ac96fd64
28a60f54b774bf33169679db4aa42ac5715a9e3e703a47420a1c9afcc7781f75
2956f7b2aef18a4a79ac487f3a1d70cebc1a8a4352f7460b1048ec66e5028ad3
2a5bd42df0226330e4a8f965446c7d5536a11c166ac0472f47ce9948379b1470
2e0feaf24cab24dd5e8f73df93db8acbc10c86e86bc279f27d014f27eb1fcf8c
2f4629aee73fb98ef3be17dc61010858661ca7a569706ae546916ddbb29163a2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34dc1dfc7400857ee8bb0abb46d0662735c6c4b26b91b88d076e7537e22504cb
34fde0c756223e68ab3a0de97baf658593b2f9c77367c2c7926aba0cbdda0d95
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
39982a8e0e9585a43a57d738eeb5fc33fdbb5b02d140e7321a9671f522836c89
3a116971cf3864f585a1b40d74eab4a669fc07712f9771ef454c7e45b27f300e
3a84a0787e2b0e8c5d612e6f58561b9720526b488b5117138037c4778dd6e55e
3d396c4d9cb7175c15080c9f60c5af11eace9815f2a39cabdc3b2679df39b2d8
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3d644c93265abc15185cf5accc1ce3a9f111642674bee3eef1fed1374ea3b127
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3cd4238bdd3dcd7e0710d584323a16a922ca222a7f6c632a3b4c45aaac3aca
3e52eb23477a407a5206fe459e5bac03ac80ba94bf7505f50cc6db89bef5fece
3f124f52a9216d107a165ab713f1a620b4a26cc1e7ce344ca0a966d8a9d82f10
3f607ab4b425a6249a377e8b20a690cc2c2fc8f6c97cd0b511c8914b9fecd4ad
409cb2c8093c4efaf8a254155aea1aa45c7948fb45e74c52e5f633ba15692927
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432fe9d967d439d9f3fb4a499593238d4039491c1509a2d40fa182b3e19d98be
436a16ee0cec77e60f40d2183ffe0a550a673f36ed9cd338183d2ec512c7113a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
450278ef440b44ba95297e0e9f45fd70ca9203983837b00c6a0ae1296940ec09
45b60c9ae048b78a11d296a37e770b2748a26c5c00e0cea78607964758f50fa8
46f975127b0271949b852ac0000962cad7abd905b7c3823fb9e95fd705db3ea3
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
498ee13b360cbcc0dd94cdc550886419b846cf51bb617a879d759f4952d4b20f
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4f009bb37f58e77fd17b19201645f0d9b4a3bda5f5cd02ce426b1824eada501a
4f5210b63799c504ea7499a6d11733c9848fcc115a661c784059611d07d5de08
4fae68c6ff4b1773569c132e8e4af70fe5c8b2fdd42e8a4aa63fc94e6f0dc101
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f
52eb21a7e4d89723323c12600b97756f4eb4943742d8930022d758817af4d1cd
53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b
545e6c6766ef438509eac05b9ee5165b7be7ad145178ccce6517c3a31d171c52
555818d8877676d953f04b982d8d9394c886b824332642a15473480f3baf5a8e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a8b195228754be7f897cec4203fc9b8aad535fc228b6b510ae46a66c08f704
578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18
5816ee0e07d0d352dc1ea9d6a0acce26f5342d9367671ca3e51ab49222a74a4b
58884f4de44eecfb744b0c3d93148144d42dede1fe77f5dcb6e4ba5a70354a24
594c78bda3126ce363abbe3cea4ade221a042406e6961f7cc6e57d82ae5e15bc
59ba60596a51fcd5f9dfed3a4cf796227c8b0e416e6ddabc96e37cfb0c7df49e
59bddb666827398826795a92afd6da527ba3a56d24c7c63ed61628155cf2167b
5a56e466d8f759ca1e678bab22d5f781814eaaa829c5ef2da973bee3f65a0ce2
5f671f08f9fb9359472f84a258dfbf3b6345842b2a694e9f76ea8f728db788c8
5fd90a2ed6baa6ccaebe709784ccb23c9b8a2091df8bf5067fb77982e5d8ec73
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6147eea13d4f14607c06b5aba754c8d079dd2431dd6a663d175fed882a6658a0
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e9a0d0147f7293806755528e5777e0a138386a9020049c039cb2735b80d613
63a261afe94f65da7f671b80b941111d3801d9ddd0222939602084e9a94c5fb8
640cfa03a0edf6a9ccc1794366dc2a16dcdb308bd4b2dcbb60ff5e60e795d7ac
658efb434f496cac631864c73ee229f2df488989bac7240c9f366be5ebe0fcea
6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67f3773a574b4b49fffb39c0f4096a275f6a5ac9db224ee2c6f38a0b1d420505
6903418cd2cda134ffc4048149352b8d5cb27928117a0d204ea27e73e448f48f
6933126c960f29b96062ee13ff114dc584eb622a9e8ecb3502443d03eb87c810
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6c815c41c145d395dbc4e821bcc867b3259b7e41449be677edf445e94837e1e1
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6df177f09bbe0f57f3bd1a71b5036d102a11024a94aa97de623feb116515e493
6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1
6f084fa4ecbadf7b5887620d8b44f6149f59af100727265daa8d15894e90a44b
6f2dd9d0ab5064cfba034ce6b9c29ad004ce7848a2b98a23e74599bd47756617
6f9c7c921b01b423e0a5ae17b10c71137c1875b08535acb62d55370bce2c9551
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73c5c079e730facbcbb0e099dae321c6dcaaa1076f51afa9899d7a745c13a0c8
7537c0d704d7f0d6b79f06f3335e189f39168ef66c0aafe0f4b4643b6143c924
75ca6e4df5f950548999b639ae01f27ba0b74bd5648a67c08ab92f801edcfa7a
780cf1454a40a7e90e55b3ad79e266a6278acbeebc5320f8014d268256243e53
786608e1d8ab9470008057634c4724717661f6f23c71299952812c80a0d195b9
788aadc7cd7dcb8015b608986e7855f5f5b3251b108ed9f9eba5ff41eb6ca767
7b5a6c2327ddb59d4323e1159dca0f60b36fd0d53a37311361d562cdfefde34e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b8100025a6d492ac82579830ad0951e275ab2963c29327f70704611c3f31376
7c65b00e5d831ccbe1bf42e38e82c3b193a35cdfab03f6471c1e8e68cd12a3a7
7df648eb8dcd2ab8a07798dfae0448842682b16253a4d348be5fa47a956da8c2
7f347580a7b031cfa6fc35eb046691b615875a9a791e75be3e39b821949ea600
7f7a2dc8aba3c3e447f512c5db932f05241c1441b2188d87abf759b1a85295c2
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
82efcbedf38ab3e14509e9fd78267e876d4b9b0c3bc355e5f2ec7676cd570738
84643b7ec7363a7ac96daf9ae8a186ef3051abdcd320c79d07e5741115a0138c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859956b49fd05ca9e088fe73e70bc263e0ea5329c2884baee595d146cf33070a
86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2
870aef6972b6a4b2380708f4278b7b29cc6738fc5a35e546ff502dcb32ca6d26
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8adad61025afc455abd290ab8cde119814fdf3f6dd7b07e093c086d712121fd2
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58
8c8baffcbc46c84d4e2207819e099ee5883706283f9c3f64cc5302929d77bfd1
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e5d4a249423ce6b1d1f789ebf8c5f52ae355415bdea128b80ed0d000b472c1a
8eba40f39772c493ecc0fd53cdd43d1f5dffc562d3436c55763d70bc82280a58
8f88d1df8255b0159cd8f7bff021d48ed5883478ded353d44a5c9c488ff3248d
90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb
9162635e3d5891c5448e69937fb2226ef5efb17833ea411f22d2cc0c28166c57
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
980485cc01b6346151dad5b784abe4801073817a25a380950521372f29372172
9cb69b7592bed907a92293404c853b158dec46bab8c7e723cd260eea4cea01c7
9ce64f411c03d71f1998fc920980b74b51ab42670d1aac8c0b6017cf041e5c8c
9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
a00389c7a6b84dfdd76dace7ad7de6af4e57fc3dcb7a3a9ae49ebcab27486c6d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a090ab7df6161fa67c307f4aa50667bf976b80226dada40fdfaedbcb007922ca
a0d95a84f7330ced9452b5bda7f2fadeb8f6ee505f6334972ef0812b484c6653
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a269fb78e485537faa03fc97623ac40f73045e9bb3bbdffe99f791e2c42388c7
a27edf9f1974ebaccdf8237e3101744614b137308a74f1645ad77a22aa51d487
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a3047b6acf0c2384e67db5839544faaf6f593ff62ced8d38d418d63650cf767a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a622826000e4738be5c448e59400ede9e4e0568e699ea27eddf8923f53900ff9
a68a45898073f506fb725063bee2c0c26d00bb3037ae2353d4df3ba020ee5aa4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b96aae8e27bf932c36b6d28d81ff38091c23b43165c59da9272dc3d0eda219
a995e987ced454f9eef260cc88c42417619a2d043edceec971eeb8c7a0760c94
a9ea961f8e82970a5b4424be715ff788e75a0178f5dd9112dc33ee60a6393fdd
abdf35269b8e8f726d2a7f79d31a8323212d7b48f10bacc3632ae5334531922e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
add8ad5f27d28f9ff3cb71641a6890b5431da4deca36a28e633ad1dbbaa0aff1
ae5f478837031e705c3b4542b833f76979fcd122da5be00bc8e483e65ffb774c
af43ea4c564c18bf2c64d2c4aa030a083c82a68ad9a07ba5b3d9f74edd2262c7
b090602c7c93babde789fd109cd241a6ebab0294cf90d2b447390dc8e5355d80
b09eb5aace471fc7711deb05db90f7922a965d1cf57f051e6440033c3d3a2321
b110085568edfe15a234de5f8bda3a838be46dfeaea429c9be7abb483c2a08b6
b170075bd0509f3f50ca61b605af20662a72452b972eb4a2fa0792700482fac8
b214dd816be55213fb9ebacc212f8850dfb4c5515bba44aaec5823e58a68f2d8
b43bd7d3b3069d34e7ea9b5a17a757a67f365f0fab7f02856d21325f4af4f3e4
b581d1bdfa05cb424c99f7d8c429c40c1260969e39fde3b222d449b8eef5ce2c
b66de84a754ca07ce6dc6936fc3ee8c8a8c8046a3258d46bf83876eb286634e4
b7e48c138e4a89704f115dce26161a11723921358d5021fd40095c1463f62d25
b8549852311d390cbf213b130cb089dad61ad89698a25295f888fcfecb4d1ee9
b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6
b9bfae51d65ede58ed78e3ab6c630f091675c15e52a92c5adc4b730d6aa7d4de
ba28e784afbb6f3a0c6a7154de0a12c268dd2c58949beea2bee3312763763aae
bba83db30e7719c593bb4546227f24de4a2532f42e90be0b7a8175987e4c92b3
beb708126effaa6d24be5caa1736fe0caad6775e8ae88630af8a489d9effff4e
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c0346b42f60e2810e08ab51f2d507c4a1e5347a756c1bcf0c7432524bfd0d829
c263104b538a4ee08d885431b5f576e8ff68e9ce2d57df821c8e6bb917bfc159
c28538ecd935a02cfe6a710b9d5222934f7d089617d6946da5ac2d28eecf4403
c3d78ae222f2cdf9c08f1ee05ebca73903c7bf21cb21e45a76dbfc9ce830474a
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123
c638ddbf6cd3019073fd3a9bb98bcc425e085c7e100ab65d11a6b12030f7e43d
c658ff53576fc6aaddd37277f911c657dea0ea05d273c7c5656031faa04a31dc
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6e73dfccc73993c0049628cde8275d770a65a7db1e91cb51e22e19471163e4c
c72e7c3091cfc5c0d12189dba2c41ae4eb2759e34d3e22a1a13e8980438a5bb9
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c956a6cb3d3c97a2f34cce17e3e4e39a86cef78c189aa8d6a75782e66bcb4323
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca9054d086deb38ea2bae375ee90db0d24d2002bc5e7cce8ba9fe0ce3f449c1a
ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a
ce77f287b904f1d1990a9468fef01edc8aa2ad684dd7c2ecc97b4f37416a3534
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d22b82ea285890ccc7f07c9d088ee0b8dfce954a7ba6edee0aa172ebb008aba5
d25cf1328a0760adaf95e35a9278df7a085c9c0a821faa05a75d7a3e482f7ed3
d3a78402e549c2e54847c7720b4d83b34d23548bc24367adadbed0fa6e44e994
d4903dd620e413c6ea166611db7586c9cb2e7d1a557c98053e8c99537a5f18fc
d55a37584d368eb4d0813578029415a243a625157550a2d4419dc0bfc019313a
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d8eae99f8d3991899f01edc638dee12b8d9d2c8e9865bdb0c87b7562af18d071
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da756438a59e52da1ab54dd8d5d602e8770c4f7e021df212c2d89ba563199719
dc3f80451d0f7ea4a7b07f0213894199596150d6a66f210e0d62dec1ccf15257
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6ece9f7f201a2d4cd491175f028fc8f2c54ac439845b1a37d5cf03d3e3f785
e03d8a32efb91836728a13084ae4ee78473f966d254bcf5d21a9dbd58aa54f5f
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e277a4ddf16c2f1dd6db079752d72a3ca05437fe5dd8cb36f7a61dc07c9577ff
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b4455f80bbefc4ce584b3f9866d5510cc64f918c075d963320b84a99040235
e60582034f65d16de4f819915890368c95457aaa31fcc4359db38ca0463890ee
e820f26e3f69528008df4930c702b77678a6ea42a49ddf5f6a79191271a29a2b
e9953887eb310250b15b622eb85aa87fe1868db9cd86bcd09f4c9b71c345fdc4
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eae81bd5a19e50b7b31bc326c1036e54e45e2da5e511d2f98b5b3976a2890f0a
eb542e09f2d9f06b3dd88bc530c3178861172de5a32b8163e325dcfbfe8cb38a
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ed838fb7bff02044f6fac6255ee96e585e9262f980074d4c5124e037c7560461
edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9fea57506e43c8b8189fedf82505c353ec9105a95fa9fd16d663aa3a3e5fa2
efd6f7d3912d8e7201c7df80b3d632ae03a1944cc1b3a47e7d9aea57eda3c461
f10c2ef28bc741f9ffd0a2eb720cc51407d45e6c6b4c5897cbc742ff9a8d590a
f1e25a67c85672b425315d6418b881db426ea8fe7b103f0f32dfa7bde1953472
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f4d533afe3ad0c3274417d810b8766fd3e2350a7cfcdcb119c3bbc810d4f0e94
f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca
f5fa0dd1c4bc993566a9610fef316e9a9d42b757f9d0e7c49c1f189fcca75f9a
f800ef1f45b5f2af69164599ed59bd68c3a5d913a9a0bb388fa5aeda32272fc4
f8e49947d3547dba3e5bf18c2cefcc2dda7ff5f714e52f398b97d84887d1c586
fc48fa75e215803fc749570d1080a8d0b1f0f42549720b1953f096ef342873ac
fca9540341b0d7ebbb2487ec48440cb077db616fa4145028595aa304fbb42929
fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376
fcfae5623bd5f8b47ad998684ef0c9230258a6415a9fe3699dfb44601a6b557c
fe31c3672f7d2135a661367f3114cc9e37a60eb368f0f1032c8f8f4cf80efcc4

www.stripes.com Open in urlscan Pro 3.33.168.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

388 Requests

97 %HTTPS

43 %IPv6

47 Domains

95 Subdomains

82 IPs

7 Countries

9514 kBTransfer

21258 kBSize

51 Cookies

62 Outgoing links

Redirected requests

388 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.stripes.com Open in urlscan Pro
3.33.168.159 Public Scan

Screenshot
Live screenshot

Full Image

388
Requests

97 %
HTTPS

43 %
IPv6

47
Domains

95
Subdomains

82
IPs

7
Countries

9514 kB
Transfer

21258 kB
Size

51
Cookies

388 HTTP transactions
7 data transactions