startefacts.com Open in urlscan Pro
2606:4700:20::681a:414 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://startefacts.com/
Effective URL:
https://startefacts.com/
Submission: On January 08 via api (January 8th 2024, 5:21:36 pm UTC) from US — Scanned from DE

Summary HTTP 117 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 51 IPs in 11 countries across 43 domains to perform 117 HTTP transactions. The main IP is 2606:4700:20::681a:414, located in United States and belongs to CLOUDFLARENET, US. The main domain is startefacts.com. The Cisco Umbrella rank of the primary domain is 479049.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 28th 2023. Valid for: a year.

This is the only time startefacts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:461b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:20:... 2606:4700:20::681a:414	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	3.15.36.104 3.15.36.104	16509 (AMAZON-02) (AMAZON-02)
3	18.239.69.131 18.239.69.131	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	146.59.110.100 146.59.110.100	16276 (OVH) (OVH)
2 2	15.235.15.221 15.235.15.221	16276 (OVH) (OVH)
1 1	54.246.43.192 54.246.43.192	16509 (AMAZON-02) (AMAZON-02)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a0c:5c87:523... 2a0c:5c87:5239::2	55081 (24SHELLS) (24SHELLS)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.250.5.176 34.250.5.176	16509 (AMAZON-02) (AMAZON-02)
1	18.193.236.213 18.193.236.213	16509 (AMAZON-02) (AMAZON-02)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
1	23.108.103.8 23.108.103.8	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	18.238.243.114 18.238.243.114	16509 (AMAZON-02) (AMAZON-02)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	23.43.60.179 23.43.60.179	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.43.60.191 23.43.60.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.83.71.234 185.83.71.234	55081 (24SHELLS) (24SHELLS)
2	88.221.169.246 88.221.169.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
4 4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 3	18.158.12.89 18.158.12.89	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2607:f350:3:2... 2607:f350:3:2569:0:10:0:d	27630 (AS-XFERNET) (AS-XFERNET)
1 1	54.196.247.2 54.196.247.2	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	54.81.187.36 54.81.187.36	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1f18:ed:... 2600:1f18:ed:550e:f339:4051:d8d6:6b16	() ()
1	2a05:d018:d29... 2a05:d018:d29:3601:8461:1fe4:b475:56d7	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.181.122 35.214.181.122	15169 (GOOGLE) (GOOGLE)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
117	51

1 2606:4700:20::ac43:461b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

startefacts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:20::681a:414 (United States)

ASN13335 (CLOUDFLARENET, US)

startefacts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.15.36.104 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-36-104.us-east-2.compute.amazonaws.com

kinesis.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.83.220.94 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.radius.technology

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.110.100 (France)

ASN16276 (OVH, FR)
PTR: ns3225025.ip-146-59-110.eu

server.smartytech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.235.15.221 (Terrebonne, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.43.192 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-43-192.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.5.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.236.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-236-213.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.103.8 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-114.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.60.179 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-179.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.60.191 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-60-191.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.12.89 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-12-89.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.196.247.2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-247-2.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.81.187.36 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-187-36.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:f339:4051:d8d6:6b16 (None, )

ASN- ()

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:8461:1fe4:b475:56d7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.181.122 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 122.181.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	startefacts.com 1 redirects startefacts.com — Cisco Umbrella Rank: 479049	1 MB
17	googlesyndication.com 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	188 KB
11	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	207 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 757 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	6 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6227	3 KB
5	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 878 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867 dis.criteo.com — Cisco Umbrella Rank: 943	8 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464	75 KB
4	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 979 i6.liadm.com	2 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 791 eus.rubiconproject.com — Cisco Umbrella Rank: 951 token.rubiconproject.com — Cisco Umbrella Rank: 744	15 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 356 acdn.adnxs.com — Cisco Umbrella Rank: 957	20 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	1 KB
3	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 4534 sync.go.sonobi.com — Cisco Umbrella Rank: 1696	2 KB
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766 ads.pubmatic.com — Cisco Umbrella Rank: 811 image6.pubmatic.com — Cisco Umbrella Rank: 1215	6 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	445 B
3	adpartner.pro 2 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 11773	911 B
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2266	71 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	646 B
2	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 881	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1067 cdn.indexww.com — Cisco Umbrella Rank: 2632	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	58 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 991 eb2.3lift.com — Cisco Umbrella Rank: 731	681 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3508 cm.adform.net — Cisco Umbrella Rank: 1664	637 B
2	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5923 sync.adtelligent.com — Cisco Umbrella Rank: 10527	2 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 1418	205 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3785	968 B
2	amazonaws.com kinesis.us-east-2.amazonaws.com — Cisco Umbrella Rank: 16025	558 B
2	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 37494	148 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435	514 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1467	289 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819	601 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274	1 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1485	734 B
1	media.net 1 redirects hbx.media.net — Cisco Umbrella Rank: 1982	406 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	65 KB
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2711	405 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 998	276 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1419	219 B
1	smartytech.io server.smartytech.io — Cisco Umbrella Rank: 39974	338 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	91 KB
117	43

	Domain	Requested by
28	startefacts.com	1 redirects startefacts.com
10	tpc.googlesyndication.com	startefacts.com 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	mc.yandex.com	3 redirects startefacts.com
5	securepubads.g.doubleclick.net	1 redirects startefacts.com securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	4 redirects
3	i.liadm.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	x.bidswitch.net	2 redirects
3	ib.adnxs.com	cdn.membrana.media acdn.adnxs.com
3	match.adsrvr.org	startefacts.com ssum-sec.casalemedia.com
3	a4p.adpartner.pro	2 redirects cdn.membrana.media
3	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
3	mc.yandex.ru	1 redirects startefacts.com
2	sync-tm.everesttech.net	2 redirects
2	sync.go.sonobi.com
2	bh.contextweb.com	1 redirects
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	googleads.g.doubleclick.net	4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	targeting.unrulymedia.com	cdn.membrana.media
2	pixel.onaudience.com	2 redirects
2	kinesis.us-east-2.amazonaws.com	cdn.membrana.media
2	cdn.membrana.media	startefacts.com cdn.membrana.media
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	match.adsby.bidtheatre.com	1 redirects
1	csync.loopme.me	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	i6.liadm.com	ssum-sec.casalemedia.com
1	dis.criteo.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	p.rfihub.com	1 redirects
1	sync.adtelligent.com	cdn.membrana.media
1	hbx.media.net	1 redirects
1	js-sec.indexww.com	cdn.membrana.media
1	ads.pubmatic.com	cdn.membrana.media
1	eb2.3lift.com	cdn.membrana.media
1	cm.adform.net	cdn.membrana.media
1	acdn.adnxs.com	cdn.membrana.media
1	www.googletagservices.com	4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
1	mug.criteo.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	inv-nets.admixer.net	cdn.membrana.media
1	apex.go.sonobi.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ap.lijit.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	hbopenbid.pubmatic.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	sync.crwdcntrl.net	1 redirects
1	server.smartytech.io	startefacts.com
1	cdn.jsdelivr.net	cdn.membrana.media
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	startefacts.com
117	65

This site contains links to these domains. Also see Links.

Domain
news.google.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-28` - `2024-03-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.membrana.media R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
kinesis.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-11-28` - `2024-02-26`	3 months	crt.sh
adpartner.pro R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2023-12-08` - `2024-12-07`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh

This page contains 16 frames:

Primary Page: https://startefacts.com/
Frame ID: CABDA8C544A6A20DC7060ED0C1E1D327
Requests: 73 HTTP requests in this frame

Frame: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB5B159ADDF3C394251314301B74B2CF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=startefacts.com
Frame ID: E9C5482E15C7E59882C299CEFD4B72CD
Requests: 2 HTTP requests in this frame

Frame: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42E22D6382AB445D3E22317217213432
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html
Frame ID: 4649C72DF0D4498221EDBB354ACC9E55
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FD74C912837721564C5915EDE5E7D348
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 791E631606996AE7E6DFAA79AAE4070F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0BBA85B6CE7F88D13510206EFC0A78B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E7B8D5E3D04438E2F5839BE83C74365
Requests: 3 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D36A54950FFBAE568%26sp%3D810139%26pb%3D316151%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstartefacts.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 41B26354A3F31498438FEE5BCDBBE4A6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2A53A7F3337CD5F0493B483FDD6BE3C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Frame ID: 931A60DD3D71864896B14D037B85A02E
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 88C1B9E46AE0D39A0E3AB1EE5AC358F9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=36A54950FFBAE568&sp=810139&pb=316151&c=750708&a=754412&domain=https://startefacts.com/&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: A55423122BC949297B69A36111796B07
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A9D2C0A50C2798C2C4AB1F41554824FF
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 7D563448926CDF2E195F7AED8071CB23
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Startefacts.com: A Different Take On Pop Culture

Page URL History Show full URLs

http://startefacts.com/ HTTP 301
https://startefacts.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

117
Requests

86 %
HTTPS

37 %
IPv6

43
Domains

65
Subdomains

51
IPs

11
Countries

2234 kB
Transfer

4131 kB
Size

69
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://news.google.com/publications/CAAqBwgKMPL4tAsw_5PMAw?hl=en-US&gl=US&ceid=US%3Aen
Title: Google News

Search URL Search Domain Scan URL

URL: https://twitter.com/startefacts_
Title: Twitter icon

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Startefacts_com-101296106065083
Title: Facebook icon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://startefacts.com/ HTTP 301
https://startefacts.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D HTTP 302
https://server.smartytech.io/icm.gif?uid=4a61c92d-720c-4701-8937-0671d1720e1a

Request Chain 41

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=283&mapped=91a778f5-2e48-40d3-8554-a5c444810c0c&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7ba8e24ab969a64c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 56

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10242.mwaBlFVPsn6pILR0iRWPX2CuEJTFz4vEI7hwr1AYWV0K6XGmBimH16m3lQazoeF6.pIFeKzILnIJsRenChFIrnvbGPg0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10242.HjBmd2fG8Se5uT_0FmS1sezEzPx5Tui2Zatrnz96CtduIehZEvuh2KI4LZj00Mr1TSzRN_xY4WrRR-Jo2H4MPizkpZ3ZOzeh2DI4Xw5H7NSrOBHl2QSTbFKRSs0VnusrX2pGMtchlgsSy_1RnI0fi6LmW98wnJXD4uiJOGqOTzAgfH5tPAZLAVNpi6fZYZXwkHbdaleS3EPZlxETSXjiTvB4Bztwkeh1tA-5LpLnxqM%2C.nYm13gjIy0gpf4xZIUgLOe6mZL0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.iPlS0ajuplTW8IGjHcoPPVs3q8hUhQqQBezPfn6vnHfZm1OZOaTXTo_o7YA7E7k2C4fnv_Grl8xbL6gTHxoANONR2ys9hA6nvp96lJVwmEjnPGL-dF5A5ZvjootYb0eUsEzCQXEvpDDTua2ohOsy0S9dpp6fcW3QlLDyH6_Ffif1_T70BfZpwbtB_qeXR9pKzkCvGz6zqPxh0parNUqSJQ%2C%2C.yXHIT5jj2RjIFxVeja5qmJR2oiE%2C

Request Chain 62

https://mc.yandex.com/watch/90557532?wmode=7&page-url=https%3A%2F%2Fstartefacts.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1574355138191%3Ahid%3A955590009%3Az%3A60%3Ai%3A20240108182130%3Aet%3A1704734490%3Ac%3A1%3Arn%3A712411731%3Arqn%3A1%3Au%3A1704734490642569330%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C82%2C258%2C2%2C107%2C0%2C%2C86%2C1%2C%2C%2C%2C537%3Aco%3A0%3Acpf%3A1%3Ans%3A1704734489592%3Agi%3AR0ExLjEuMjA2NTYyNTc4MS4xNzA0NzM0NDkw%3Afp%3A497%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704734491%3At%3AStartefacts.com%3A%20A%20Different%20Take%20On%20Pop%20Culture&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/90557532/1?wmode=7&page-url=https%3A%2F%2Fstartefacts.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1574355138191%3Ahid%3A955590009%3Az%3A60%3Ai%3A20240108182130%3Aet%3A1704734490%3Ac%3A1%3Arn%3A712411731%3Arqn%3A1%3Au%3A1704734490642569330%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C82%2C258%2C2%2C107%2C0%2C%2C86%2C1%2C%2C%2C%2C537%3Aco%3A0%3Acpf%3A1%3Ans%3A1704734489592%3Agi%3AR0ExLjEuMjA2NTYyNTc4MS4xNzA0NzM0NDkw%3Afp%3A497%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704734491%3At%3AStartefacts.com%3A%20A%20Different%20Take%20On%20Pop%20Culture&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 75

https://gum.criteo.com/sid/json?origin=publishertag&domain=startefacts.com&sn=ChromeSyncframe&so=0&topUrl=startefacts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=DH39S3w3eFlzWFlmMlZ5MC9EelNPcjNud0J5KzFKZWdrajk3bDZ4b29uSGNnam5WVGo4UUpYSnBJay8rckpFQzhpZEFLMFUyWk11ZzdCcUJZd2t3cDYvYVNSZ1BLVFdOYjNTczJoeEljUG4yTmsvb1pTWlFIZno5RW1KM3NuTkhnemlBODJTdE9LMDlBN2FUNm1Ma0sycE1YbUh5dnhvem5XK1l3ZjZFUGRHNDV6bFhkQktwZmVCejlwcnlmZlE1TEh4U0JTdnl0bnE5ZDdBN2t0NlRxZmNNTFV3OUcwM3E4Tlo4R0xnaTJNV2NsaTBROTJ2OC9Gb0xlUjlRMnZEa0psdm5NM1pxZzhtSjFIYUJOd0FIc1JOd2Z6WGlVMWRzN0tvNFVrQXRSUm1DUzljQT18&cppv=2

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 88

https://securepubads.g.doubleclick.net/pagead/adview?ai=C-gx1Gy-cZerJE-K3x_AP4v-fmAyA4PmZdZ2hjIKMEoC708OLDhABIPLfk5kBYJWCgICwB6AB7cLZtQLIAQngAgCoAwHIAwKqBK8CT9AcYQzMIjpsdCLRVdel3qbE7BivLszbJ_X6bguQ4wXr91fVLdjkvW0KdLBhoaWEBhj9zY3Q02C3Qv6BdMewdm4LgJ_ogCaKabFVBd3PoICm2N-vGQkYtfEyP-biAkUbv4XekSA4vJTsvkqHZC8bn12vizYMggqPC0-De0sxu-ZrojbLq1dJFxXdOkROUYjXSdqmxMZ7BPBW2kvtePKxoQZLgz62M5p8XcLuU7NwgcfxqkZnMJlJ-FZsWW36onw1NHucTt9WjnzIrrpxN7XK-mxdEG6eGuAF_wNpCiClvx7kwdyA4CLjaAj4VpXlUL-q0pt7TbELtughRjvfRcp67YVtLJ1wJWKrEyv0zppyxZTJx_H8uuBZS4Hn61fjTg0ECr1bUyptIXclX8CJ1W3jwATq5KjJzgTgBAGIBeTo-N5NkgUECAQYAZIFBAgFGASgBl2AB_u8psoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpLcO0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj2m6nups6DA5oJ2QFodHRwczovL211c2NsZS1ib29zdGVyLmlvP2JyYW5jaC1uYW1lPWdvb2dsZSZ0ZXN0LW5hbWU9Z280dGlrJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwODY4NjQxODkyJmFkZ3JvdXBfaWQ9MTU4NTMwNjc5NDAyJmFkX2lkPTY4NTAyNzEyMTY5NyZ1dG1fdGVybT1rdyUyMGVudGl0eSUyMDA0NWM3YiZwbGFjZW1lbnQ9c3RhcnRlZmFjdHMuY29tgAoDyAsB4g0TCOvFqe6mzoMDFeLbEQgd4v8Hw9gTDNAVAZgWAYAXAbIXHwodCAASFHB1Yi03MzIwOTU0MDcwOTE3MTUyGMyyjgE&sigh=Db933VHaanM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_jWhUjgmRK-XbCZ3IZxovAcAsmUob_xj_qZZWFfRgTdQroIV1J6ae2GzBo48MoQZSSOo5efeLFyJ1O1JUP02ePmCcniqm7VLi8AkYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218358632282902157505%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216229174850298567409%22}&andc=true

Request Chain 98

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D36A54950FFBAE568%26sp%3D810139%26pb%3D316151%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fstartefacts.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=36A54950FFBAE568&sp=810139&pb=316151&c=750708&a=754412&domain=https://startefacts.com/&gdpr=0&gdpr_source=&gdpr_consent=

Request Chain 101

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=c1690cbe-ddc7-4297-a0cc-7f14dd7f025d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=THlkY0RVZVAyNUlxM3ZKbUxOVW1GUQ&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEDhFmk5_58PcS2fRZvvxsiA&google_cver=1

Request Chain 102

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d760e026-c8c5-4cbd-a39b-7abd69f4de3f&google_hm=ZDc2MGUwMjYtYzhjNS00Y2JkLWEzOWItN2FiZDY5ZjRkZTNm HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIpumkRtF6bheBPuSOgjx64&google_cver=1&ssp=sonobi&bsw_param=d760e026-c8c5-4cbd-a39b-7abd69f4de3f

Request Chain 103

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685631761376743

Request Chain 104

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o

Request Chain 105

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZwvHpBohoQtfdws1RgiBAAAFE0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1MrsMIMOgUOe_pP17Jghg&google_cver=1

Request Chain 111

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZwvHpBohoQtfdws1RgiBAAA%265197&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZwvHpBohoQtfdws1RgiBAAA%265197&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=5721a4621cc8481f8d47fd56be3daa39 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9Iibc4eNeBUQj7IdKIM7pEUJAGbHh6usz3ABGA HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9Iibc4eNeBUQj7IdKIM7pEUJAGbHh6usz3ABGA

Request Chain 112

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZwvHpBohoQtfdws1RgiBAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnQKhcxeFKmht6B_BOjeEo&google_cver=1

Request Chain 115

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=39e39dc3-af6a-46c0-bd3e-29f50f27c9c2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZZwvHgANBoHuzABU HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZwvHgANBoHuzABU&_test=ZZwvHgANBoHuzABU

Request Chain 117

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZZwvHpBohoQtfdws1RgiBAAA%265197 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a205614c-fd9e-4255-8880-397779cd1239

117 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
startefacts.com/
Redirect Chain

http://startefacts.com/
https://startefacts.com/

153 KB
31 KB

341ms
258ms

Document
text/html

2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94689fee2f04f1e745d0b243f82b3fb18298078f805f027296f8607dd8643e4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84261e014e542c4e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 17:21:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q570dvD8Exc5mv0QwgRwUvn9lKXSPXdNcdMA9NDDzbN1kk3j5Fa3le8pHuftx0SXBTewmZUQrmorS2vFsysRv7k3obNwA9QuPerfduLQ7udQIHNjVyJjtUMwB%2F7HddIJYPxj1LSxCilxEpZqbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent

Redirect headers

CF-RAY: 84261e0069e42c76-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 08 Jan 2024 17:21:29 GMT
Expires: Mon, 08 Jan 2024 18:21:29 GMT
Location: https://startefacts.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmO3T4uYQgFMATtR3tqR%2FlXbLisDJZga5gNishOpHNwd7Q5REba7yQOFmpSvFtTuBzw7bGovtateYo9QQxOYezQWXidNegb1yTAe%2Bm2CKvF%2FGyYYQ1bz76HAL4%2BTLolKZpVkrzCon5k6cc934Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 base.js Show response
startefacts.com/assets/js/ 21 KB
7 KB 49ms
49ms Script
application/javascript 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://startefacts.com/assets/js/base.js?202401061603299a5b3fbd4058c1842f24b356eccc3cf2
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2369d352fa4841b8d881c3a3454182653775b10742d48bca7371837994cdbec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Jan 2024 14:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 181621
etag: W/"65995db1-52e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzfLwG4QoFRGvxNhAYAis9o%2B3OtHVyDUJKIWbFUyXMhehwsl1jsZC8fRXH630OjcqRNpsf6KTX3780eAGVN5q%2BGrYclx5WjdWaXnVgbrVPFC3J9S3J51WNnGlHCY2ZlpnVnn153CRGVnGpWYDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 84261e02ef872c4e-FRA
expires: Sun, 05 Jan 2025 14:54:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 147ms
59ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CSS7ZBBEV0

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

676c08348248916038007976703dcb636e63ea598128991382a03df37d222fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92658
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 17:21:30 GMT

GET
H2 200 992022388536.webp
startefacts.com/k2/news/1200/upload//upload/news/ 147 KB
148 KB 204ms
203ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/1200/upload//upload/news/992022388536.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ddcb26dfd35e1dac1b726af44be440b3b0f0a6298bb5e462c5ae4c535ccbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 15:31:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "24c92-60e70e52ae5a9"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uB1aT7T%2BFmOgL2y3I6nBu2Q0oGYgDW4aP5hm83MvAti9nifivBiw%2BFQRt7Gia9zDu1oW7GMUltm%2Fs9jDuHv94dhbInTPtpUK5mrBU3U%2Fk7N45ou3L539l8XkOeNnF9o2c2PuHoFCqfIW1POjeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e02ef832c4e-FRA
content-length: 150674

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 228ms
139ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47475ca20b74723298d32901d52174aeacd057cfb3421fb360a767aa367028dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29023
x-xss-protection: 0
server: cafe
etag: 408 / 19730 / 31080239 / config-hash: 9304509521456424894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 17:21:30 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/stf/ 461 KB
148 KB 148ms
39ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/stf/ym.js
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 41c77e599c0cedd4823ae419cc59f7fab0d77039421c9ead30ae93b0b008d1a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-676
cdn-cachedat: 01/02/2024 11:41:09
cdn-pullzone: 139012
last-modified: Tue, 02 Jan 2024 11:39:59 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 374
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6593f60f-73580"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=3600
cdn-requestid: 608a2db6cfe86f3e7a8f698dbd9fea8c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 283650779692.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 26 KB
26 KB 163ms
163ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/283650779692.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2808dfa8dbc58265b8b2c4492a50b9dc87dea592f89892b572cf1ae99c2a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Sun, 07 Jan 2024 19:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b6-60e6027d2a62e"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9pP4FTKNbvbZg%2BTREeMOZuJpeLVAoJtwZGrQQdyxw9tzUZWHDyl%2Fjr9oQlw%2BdM%2Fm4F5UBiiBuG%2FSCDL%2BsBIWoIn5KWZ79q39ter8fZk6dCeLU2I%2FkVfOfANNPPwl2DF3puWBZ%2F2FQ1gECIgRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e02ef852c4e-FRA
content-length: 26294

GET
H2 200 379947400195.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 35 KB
35 KB 161ms
159ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/379947400195.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 137bc9dac8d6a243253c2e245f7edc0e3225935a4b4b24272bd660405e024c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Sat, 06 Jan 2024 15:28:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8be8-60e489ea95f35"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGrziqmqndOl%2F4UJzS8uWpHCT%2B3V1lNkAVWEdX0Q4cyB6vskqWf14WHdAfW9uMCMyx1DknjcfOEyznmeagJtb%2B8UCa3uYPp6W7PjOp71pWmeY%2FOjyfUNaOD64vgH5yIOxV7SofDTBwKiw1fP6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e02ff972c4e-FRA
content-length: 35816

GET
H2 200 611518552545.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 58 KB
58 KB 193ms
192ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/611518552545.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82f73505e42ebebc66dcf52160e420441d7e3dd0623b7593c3dd4cc77852e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Sat, 06 Jan 2024 15:01:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e63a-60e483d5f4d42"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvxPyHaZynev3e4vesR6BleZ4VpG2iPHSU%2BQsP0ETEFpuGa%2Fakg0qxrwPag4hISLWKSh%2BdHHP4wVh37FgNP82LXyo2pEEYAnX2WCw%2Bc3db34SEWa3%2FKm3zWY2oE95ZSDlOP0I5cbDfEEZIDyzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e02ff982c4e-FRA
content-length: 58938

GET
H2 200 499611032117.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 41 KB
41 KB 192ms
191ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/499611032117.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6737ee02f71faed918deb0d82741d5bfe13cf0a8e1b604eb8f9ff7a219b9d793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 17:05:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659c2b65-a210"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe9HsnGN2jb%2BoKhfQYXysfglLdmjoUovjmn4RoSqngaGNDSh94xDWSsnBgq%2BotQshYij0cUu26jWAFmLgTLfvDDTNUTvsbODGY0iD%2BgJJ89nz99gmHAX9nKQ1m7XYIv4ua32WgQJ238xXs5%2FOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e02ff992c4e-FRA
content-length: 41488
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 992022388536.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 56 KB
56 KB 192ms
191ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/992022388536.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ff18488c104207792884b22c2f7e7ed0de0076401e75811bc4d94d44962378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 15:31:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659c155f-de7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCpWp%2BVMjM4IvgjGI72NlDELuiz%2FokKdRDIovRNviBguiNCpr04Ng3w%2Fnclg7SjarIDYJDSOWVqYOdsFsAqUsir7fu%2BI%2FPbm7pZ8Ye9WuWhq40Pa0mZ0siozD8k32D7AM%2BZ8KsOrws3pyYRofA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e02ff9b2c4e-FRA
content-length: 56956
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 144597643168.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 44 KB
45 KB 193ms
192ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/144597643168.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67b99822bb72cfb47b01d0cfab1113b2ee13fbd44759f518483993bade4ad5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 15:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659c1209-b0e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ggr0d%2FY1GYSGOWparoz8DHonfgU2LX4mYClCvigIg4Q7VefpCFvufmN2TStUNBky8%2BnjbmE5r9fwfRrMG%2F7HjO%2Bc3RMx3K9AQujG1KKXdGZNXGP3AGFexBefNfXupFK5t%2BosFkEMahHoiFv5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e02ff9d2c4e-FRA
content-length: 45280
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 540924834382.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 65 KB
66 KB 192ms
192ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/540924834382.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 785d943b6ee1522e992169e311c5dfb563d639c8d55dd6738a77c6e225bdfca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 15:02:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659c0e72-105eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MJTkBdLHXAERv2XLNPAZ5mNobZlVv8IOdLljmnLdubywndW0CS6JEKDonORoCLp18uccqv7xNQvjThKJp%2BID5EdmeTtL7sk3EMfAfFnc0gbtH2ZAcTSDxlxUrZgP3xXFMhIpwytneOWsNV7%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e02ff9e2c4e-FRA
content-length: 67051
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 306984755102.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 36 KB
37 KB 163ms
163ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/306984755102.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d25ef7879f3624bddc7093e94bdacada5e020127df46a414461aac37cae7c3a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 14:55:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "914c-60e706528a24c"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnh8Auu1BzC2qpCthM2SzN7rNTdV7PHiR2OmX4ooMrrK5bykTwa3J41DIs%2Ffa8LRKPIzbj5ZCzK1x%2BNdkU4jyjtIYIU1h8gHBR%2Ffq%2Bp0d%2BPqbk6FZrOHlKfcWQ7u9T5PQ2zUPqjCyk3tXTpC0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e030f9f2c4e-FRA
content-length: 37196

GET
H2 200 748291331149.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 23 KB
24 KB 104ms
103ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/748291331149.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fee6145fd1760b047ea53931bbcf80e1d26b557ed61a80c0c1fbcb668fe8f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 14:40:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d5e-60e702f9196cd"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrDkuz4355VvubIv3M%2BULxwsYQ1D68wV%2FPXe7d2%2BsmBMQfMaaT0fGl1oIhRBONUsJQztl8KXHZgfCKTFpXG9xuO4Y4kOLh95UN1ym%2B5X8vIpnzG1NRwEOfFDCI8OGLrUJYM5earU0JSsCXjlzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fbb2c4e-FRA
content-length: 23902

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 327ms
166ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Mon, 08 Jan 2024 18:21:30 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 221455347807.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 25 KB
25 KB 200ms
199ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/221455347807.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd446b1b8944af67cd2d9f56246090d379fd044f10b9a3b27306b52b0af8ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 14:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63a8-60e70079d4ccb"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epikCvdoeT3WF9y4P5gXmKwZXmhu73lzoeDN%2B%2By%2BaevT%2F9W%2BV1nM3q116uEtbj5J7GaorP1V%2FGgjtVhDW2Vtzy4j7uhsLs2wEWGCF81EzTtMtYT1%2B6TyZ6x6yOmNDF1U24ZhGynmtE8UJAQiRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fbd2c4e-FRA
content-length: 25512

GET
H2 200 386177756139.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 30 KB
31 KB 225ms
224ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/386177756139.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3312c33d38be0c1d399c66901e8c4639058269a727d656515d962947742d9cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 13:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "79e8-60e6ed300b5d8"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Axp5L%2BKCpUtDCfmk%2F9%2FNrmmQvkLIoJQuvzMQ352C4IYeCTIM%2B0IVOlSlQrfzPFPEf0VfLkwdwQXWHLQd3qoP1mDQdmOWB9UUZsRgovDMCBSwEsSbWcjdoQ7Sei0poP2xcm5jy9IlF50tdvkfSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fbe2c4e-FRA
content-length: 31208

GET
H2 200 459798344933.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 32 KB
32 KB 200ms
198ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/459798344933.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aec34aca4d8caab214a38ae98ec229ef274e53de3172a252530722e06005596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 12:32:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659beb45-7e1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMqctfrO4RW7p2lt%2BQa6QTJ0qjGandW%2BZgPM2cVzGeRXiYUkEW%2BKwoU85HYQIUejt2pkcZQTr6JDScIusseYgBLv4cy1NkYfz9Y8hyE8BW9fSXBzBCeTbXwhWqNL907GLo1tsnnBY8LxuUUiiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e032fbf2c4e-FRA
content-length: 32287
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 793204629496.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 75 KB
75 KB 226ms
225ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/793204629496.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c03998e1dd7c6fb9ac8deebb205f9aab453317393bb1018fba93a746ce5b11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 11:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659bdc60-12aaa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjf1V%2BUmkK4oN1YcLZu98yVMHpEAINqsDdJfPAvmHl4NXwcpW%2B3X9FZ0QDgWvj03pEzzkfVW1QAVtopiCGvLsdhWGsyZtJ%2Fa%2FHD4pFwD%2BNX0FeX11rK1RAEiX%2F4yfBze99n5VeGU5mPAe%2F4Dvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e032fc02c4e-FRA
content-length: 76458
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 283650779692.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 178 KB
178 KB 227ms
226ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/283650779692.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90cf6f9eeab24fb56030b92be23567d6a9fe63ded016894280ae36a2e07e63cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Sun, 07 Jan 2024 19:33:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659afc81-2c7b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZNFqsXmgTB8O7zeMW6qlddd%2F8x6DFrI1iOiG2C%2Ft8Rj6lkNQdF0hBZvVHh8EnQjX7sjTYG0hO6uQiNBJsRCevnP0m%2BFqEF4DT13TRTWsziKaDjPzOPFz964Qoqkj4CmYTReeu2uW6oHy6%2Bl0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e032fc12c4e-FRA
content-length: 182192
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 499611032117.webp
startefacts.com/k2/news/1200/upload//upload/news/ 55 KB
55 KB 225ms
224ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/1200/upload//upload/news/499611032117.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdcd2d83484c69a7ac1bce4ba73898e61200575ffc2eb0e2f3f31e9ee05f51fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 17:09:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dbe0-60e7243febbbd"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXA5jaUcMyqdqulv9FrpoI01kQChWEYqK16nWPUYKjre5sYqEXbdy7cBOWp3I%2BLQzZm5KS8UnVKgyKlQpra7rmxqXIcUFeWtOiqJdIq27iH4uGE%2Bkxsh6ITh5qWRhrTuggT8eV1%2FelR1fd2B9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fc22c4e-FRA
content-length: 56288

GET
H2 200 144597643168.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 27 KB
27 KB 200ms
199ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/144597643168.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd9787a2b8d07640430baa436d34098a59e42496fe4837041bb8515ed20bf80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 15:17:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6c36-60e70b391dba7"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FTI03BOWGEA4BHESUJNpLDsZWqGy2d1S7T1OYVMmkwrjWgicasCJ03vcBU8AM6UREF3y5uKmDGTTVUbGYmvYfQ3Qd9DGe3Jywn7YIFUsStEO6d05C7Rg2gaXY%2BWQ7Uuxb4Q4tkd5600FXMCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fc62c4e-FRA
content-length: 27702

GET
H2 200 540924834382.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 47 KB
48 KB 227ms
226ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/540924834382.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaea43a2b2fea22a94f788336747656f2aa0d238b1dd6fac64ae3e633d57b9da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 15:02:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bce8-60e707d05bd04"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idZelRUmeQs7E8uWa2A8%2BX349sKetBuSa6oNHdvSV26%2F4SGJzUBnfLT2iPowWOaG5FoTn9yBP2HdumV6XfKy%2BrFQA9LmXEe2X%2Ff8PzIV%2BuIkys9KeVKbCfzgykPD1fVIoaF2PwA%2FOJy7%2BI0qwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fc72c4e-FRA
content-length: 48360

GET
H2 200 548305207436.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 29 KB
30 KB 200ms
199ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/548305207436.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2a6a48b959844d5c201b5740c96a835854a5e68994d84c5a87185b41f2142e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 14:19:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "758e-60e6fe15acade"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL%2B9R7TXAvqlEjNbhm4bGaRm2XiPDXP2flkIVm2knSLdNUI1ixUCs4SYCZB9MajJBpvLakRDzF0JSqFtBZQvT3Gw%2BmxbJxAHACRhdkqWL02arZ6nryWLVg6O2dR980fqHr5KT9Fy4XScjHP%2BkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fc82c4e-FRA
content-length: 30094

GET
H2 200 358340005548.webp
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 22 KB
22 KB 199ms
198ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/358340005548.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9893a2e9af1cd3343ac2cca7203aff481a8bac25db44626e77513be0b53407b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 14:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "573a-60e6fd5c3030a"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPWfCdDV61cGoZPcXiPKOiu59HIMpKmXZ889H5PUAE0IWRORIZIL9ATM36I9S5233VBIzooktbzFCjdXXASZBE2sseJ43oS9txuV6O5yhl829Mjw1eR9w8SDTDecOjjOYENDiDpqLqCYZgV6Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e032fc92c4e-FRA
content-length: 22330

GET
H2 200 447680964188.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 45 KB
46 KB 226ms
225ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/447680964188.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e262f1f3419d948dff4b9cd4977ed3c17b74dd54f009f58763d5e438dd3a01e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 12:45:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659bee6e-b5bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQAcHtNFmxnU9IOb%2FfHNu%2BSaQ4c%2Fva1TO7w0bjdLOiwqO%2Fn%2B7j0FHZiBRCeVXQYIzGAYh1oCywz%2Frt7J%2BkR8EXSBrSey37ThgJeIZVguE%2FAidC4b7GL5bLpcK0E7l%2F5BJL%2Blb2%2FR1rVkCmldGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e032fcc2c4e-FRA
content-length: 46527
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 800086681938.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 56 KB
56 KB 224ms
223ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/800086681938.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7107427ca2efdfc674ffcbc3735d4efa23b8f5ecf15fad8c6c9ba4b4b16c8ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 12:01:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659be42f-e00c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRJYiWHjtmgQbsPrzmhcDSttskewZaliUaeQWJirp5TKfxQzjf%2FYcaNCkIlt6946m7ppHPmy50KID2crgufZuMfVmOPNJiBXMJgdtwvzYlrJ4rbr48Ro0ydZ4eHwi0mUcmf1RsV27pIsrJ0BBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e032fce2c4e-FRA
content-length: 57356
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 562882581349.jpg
startefacts.com/k2/news/canvas/640x360/upload//upload/news/ 54 KB
54 KB 225ms
225ms Image
image/jpeg 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/news/canvas/640x360/upload//upload/news/562882581349.jpg
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97e0982532b0133e5d356112ff4beb877621252e6977d01a0959508f80f117e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 12:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "659be4c3-d7a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uSj2jIAXkr%2FaBtXlCacXRgjehh123ZYerZwZjPywgtSPiPP80aQmC6HOSuM1eNdigpDasOR1HziFEgktHTejAJUHwiiomBk6lwgWRnbVbhuHWRETbBNFUcNBXh6NhvX7o80GELlIiP0zv4X9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84261e032fd02c4e-FRA
content-length: 55200
expires: Tue, 07 Jan 2025 17:21:30 GMT

GET
H2 200 email-decode.min.js Show response
startefacts.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 64ms
64ms Script
application/javascript 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://startefacts.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvAOjMrnAzsTGcE1Re8ns8%2B3KOroYl0u%2FZiUBYUgy1rtKbM5Wb4AW5os3fVoxso3B1OO0ze%2FQwwcvk4wEOY3wg0KbX6vO4KXLzDcp%2B16rrvljRVWGu3p1zXKq92%2FkKuR%2B1U%2F2l7qZsl9ltXO%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84261e032fbc2c4e-FRA
expires: Wed, 10 Jan 2024 17:21:30 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b12ea13771abd2ddbf01552ee09c40582cb574ed8720faa9652c3a9f93a5bc56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 170 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58bda1b1f65dcca1e9e575d11a89deaa578002b734694927066e3435c172768d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 943551938067.webp
startefacts.com/k2/crush/270x190/upload//upload/ 9 KB
9 KB 154ms
154ms Image
image/webp 2606:4700:20::681a:414
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://startefacts.com/k2/crush/270x190/upload//upload/943551938067.webp
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1230af5f5bad96c82e6b7ae13a76bff1dcbdc4710077427d4e23a7415e63984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jan 2024 08:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2332-60e6b524a30de"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjUmTWgZOaCDfgLXs0o4CBEMhK2lbk73H%2BOc2ws%2FLuhHk6jI%2BakfBQyDukj%2BHR2KnE%2BwtehBdmPXJl6bCEV286mcCFCDki522k%2F0ZWD8xAWKIwUA4YybmcVQO2IFMcIUEZBG2l3%2BhfRdu1lYzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84261e0378082c4e-FRA
content-length: 9010

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 137ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CSS7ZBBEV0&gtm=45je4130v881813489&_p=1704734490057&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2065625781.1704734490&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704734490&sct=1&seg=0&dl=https%3A%2F%2Fstartefacts.com%2F&dt=Startefacts.com%3A%20A%20Different%20Take%20On%20Pop%20Culture&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=713
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CSS7ZBBEV0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://startefacts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 436 KB
137 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 02:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53978
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140053
x-xss-protection: 0
server: cafe
etag: 1469350900164882112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 Jan 2025 02:21:52 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 405ms
125ms Preflight 3.15.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-104.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://startefacts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Mon, 08 Jan 2024 17:21:30 GMT
x-amzn-RequestId: f399ac03-a0b5-3392-ad8f-9d59a7857624

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
677 B 118ms
39ms Fetch
text/plain 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ym-ip: 2a01:4a0:1338:92::7
date: Mon, 08 Jan 2024 17:21:30 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-588
cdn-cachedat: 12/28/2023 16:03:25
cdn-pullzone: 139012
x-ym-country: DE
content-length: 3
last-modified: Wed, 27 Dec 2023 22:22:27 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 732
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "658ca3a3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, x-ym-ip, cdn-requestcountrycode
cache-control: public, max-age=3600
cdn-requestid: 757bde92a499217a99faf97abb5d031c
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 132ms
44ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:13:14 GMT
content-encoding: gzip
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 497
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: JLvnQd5cPv02ol3QQRX_NdKVBrW5GQTOYDC389XT6wuCMJzucwgfQg==

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
558 B 135ms
134ms Fetch
application/x-amz-json-1.1 3.15.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.36.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-104.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 3a8582531bb9b4dfca6ce9e3a1a4a7437b343a94ed6a7c98b04a7e7704a56271

Request headers

Referer: https://startefacts.com/
X-Amz-Target: Kinesis_20131202.PutRecord
accept-language: de-DE,de;q=0.9
X-Amz-Date: 20240108T172130Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI224ZL6UM7KB/20240108/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=9f1e656488fb9a95e1bc1ff2f98fced7b9626e0a400dc9986fc946c28e451dc7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Mon, 08 Jan 2024 17:21:30 GMT
x-amzn-RequestId: d66f5361-2c5e-5771-8879-623b2b6e12c7
Content-Length: 110
x-amz-id-2: Bm735XeAyfblz8KnDX9jAhg+KDBFlrqkWoxWUGxntNQGHz0jG5vWIBDTIKvDPHWZ331QT4kNoOoe4AsLEpE/lfgGIKgjTalYTlX6CuvzCKo=
Content-Type: application/x-amz-json-1.1

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 128ms
48ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240108

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7febcc726b716a1a57630aa63271a8e44d67fff16d2383b394779c9262d1f194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4841
x-jsd-version: 1.0.1929
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21933-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-6QoajLJVvi3XrTfmzq7QFsxvX3Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vVGcW5rwAALB2tLuEVhvqtwXNaNYDVb3JzgRcARGm1Q2XgXgrgJI%2FQHCC9gAhYQFu6o26enWdLBbCN64ODhCFVHSx8JLfrSMNtVEPZhxIDKixJTHtXw8TiCZIR%2FAHI%2FLu2wM3dD7t6DY%2FlB7P8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84261e056c8d9b3d-FRA

GET
H2

200

icm.gif
server.smartytech.io/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D
https://server.smartytech.io/icm.gif?uid=4a61c92d-720c-4701-8937-0671d1720e1a

43 B
338 B

173ms
55ms

Image
image/gif

146.59.110.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.smartytech.io/icm.gif?uid=4a61c92d-720c-4701-8937-0671d1720e1a
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Server: 146.59.110.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3225025.ip-146-59-110.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
last-modified: Mon, 08 Jan 2024 17:21:30 GMT
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://server.smartytech.io/icm.gif?uid=4a61c92d-720c-4701-8937-0671d1720e1a
date: Mon, 08 Jan 2024 17:21:30 GMT
cache-control: no-store no-transform
server: nginx
content-length: 143
content-type: text/html; charset=utf-8

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0
https://pixel.onaudience.com/?partner=283&mapped=91a778f5-2e48-40d3-8554-a5c444810c0c&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7ba8e24ab969a64c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
149 B

176ms
55ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: startefacts.com
URL: https://startefacts.com/
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 144ms
45ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://startefacts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://startefacts.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Mon, 08 Jan 2024 17:21:30 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 302ms
208ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

48dd2edc065bfb97fe32d50e6b5c17f7a62da8b75665d6016b2e91067b10c302

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
an-x-request-uuid: 1e39043b-e359-48e2-80b5-3d9b30fcad05
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://startefacts.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 4 KB
1 KB 328ms
199ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f8154827d46ff5297dcf022f852bbd234da5a00088ebebf9405e75b48b5f451a

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 08 Jan 2024 17:21:29 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://startefacts.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 838

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 192 B
407 B 167ms
61ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=9455&sizes=300x600|300x250|160x600&referer=https%3A%2F%2Fstartefacts.com%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.radius.technology
Software: nginx /
Resource Hash: af377a37e0ecff92dde0e36d897b43ee9775d2f922fbe846cd888d6a86974484

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://startefacts.com
date: Mon, 08 Jan 2024 17:21:30 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
531 B 153ms
66ms XHR
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://startefacts.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 147ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://startefacts.com
date: Mon, 08 Jan 2024 17:21:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
838 B 194ms
112ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=449422&zone_id=2750560&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!notsy.io,e0db6eaa-f228-86eb-58c4-41de235ba5e9,1,,,&rf=https%3A%2F%2Fstartefacts.com%2F&tg_i.page=https%3A%2F%2Fstartefacts.com%2F&tg_i.domain=startefacts.com&tk_flint=pbjs_lite_v7.35.0&x_source.tid=3a4d4230-4421-48b8-a1e0-9707e8da5315&l_pb_bid_id=124500411c122ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23863753880281147
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3d3b40d6960fb87772f837b262b571463851b862893dbdd610b582e8a66c3046

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://startefacts.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 324
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 197ms
84ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=64028839320&lsavail=0

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://startefacts.com
date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
276 B 180ms
57ms XHR
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b6c26ccf6522608895fd4676d33ab36a1e051ab033bc39e9ea4ec257391026ae

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://startefacts.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
541 B 127ms
41ms XHR
application/json 18.193.236.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fstartefacts.com%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.193.236.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-236-213.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
accept-ch: sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://startefacts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
205 B 140ms
48ms XHR
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://startefacts.com
pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
544 B 201ms
135ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=861203
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9fd369f239eabd53ca43729414c926fe9dfea08fb4702aa12dcf85480dfecc5

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jH2KlWsou1uRL4OOI24jR3ESgfz2lonJAF3qO1k1Feio6N8IQD%2FkmDM%2ByFYfhDG5WobA6RmPyI1xxDtbFDCWv1k%2BfQJoz3mT6qBCbaq70aJpuojAlRQKTm9HE4ohhl3YwzyA2xog"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://startefacts.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84261e056a64452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 730 B
1 KB 419ms
149ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2224920f3ac55ec1f%22%3A%222f11e27c6eb6a337a599%7C300x600%2C300x250%2C160x600%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fstartefacts.com%2F&s=04336d38-8a8b-41c5-b14c-d0ce7f2d49e0&pv=95bdb1c5-5029-4109-b952-9b97bca662a3&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fstartefacts.com%2F%22%2C%22domain%22%3A%22startefacts.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22startefacts.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22e0db6eaa-f228-86eb-58c4-41de235ba5e9%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

82d924bb557e90ec500809eef22c1dcc98d0767875b790b130a97cb9ae361e70

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-70
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://startefacts.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 436
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content adxprebid.1.2.aspx Show response
inv-nets.admixer.net/ 0
405 B 848ms
445ms XHR
text/plain 23.108.103.8
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxprebid.1.2.aspx

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.108.103.8 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://startefacts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 08 Jan 2024 17:21:31 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://startefacts.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10242.mwaBlFVPsn6pILR0iRWPX2CuEJTFz4vEI7hwr1AYWV0K6XGmBimH16m3lQazoeF6.pIFeKzILnIJsRenChFIrnvbGPg0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10242.HjBmd2fG8Se5uT_0FmS1sezEzPx5Tui2Zatrnz96CtduIehZEvuh2KI4LZj00Mr1TSzRN_xY4WrRR-Jo2H4MPizkpZ3ZOzeh2DI4Xw5H7NSrOBHl2QSTbFKRSs0VnusrX2pGMtchlg...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.iPlS0ajuplTW8IGjHcoPPVs3q8hUhQqQBezPfn6vnHfZm1OZOaTXTo_o7YA7E7k2C4fnv_Grl8xbL6gTHxoANONR2ys9hA6nvp96lJVwmEjnP...

43 B
583 B

78ms
78ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.iPlS0ajuplTW8IGjHcoPPVs3q8hUhQqQBezPfn6vnHfZm1OZOaTXTo_o7YA7E7k2C4fnv_Grl8xbL6gTHxoANONR2ys9hA6nvp96lJVwmEjnPGL-dF5A5ZvjootYb0eUsEzCQXEvpDDTua2ohOsy0S9dpp6fcW3QlLDyH6_Ffif1_T70BfZpwbtB_qeXR9pKzkCvGz6zqPxh0parNUqSJQ%2C%2C.yXHIT5jj2RjIFxVeja5qmJR2oiE%2C

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10242.iPlS0ajuplTW8IGjHcoPPVs3q8hUhQqQBezPfn6vnHfZm1OZOaTXTo_o7YA7E7k2C4fnv_Grl8xbL6gTHxoANONR2ys9hA6nvp96lJVwmEjnPGL-dF5A5ZvjootYb0eUsEzCQXEvpDDTua2ohOsy0S9dpp6fcW3QlLDyH6_Ffif1_T70BfZpwbtB_qeXR9pKzkCvGz6zqPxh0parNUqSJQ%2C%2C.yXHIT5jj2RjIFxVeja5qmJR2oiE%2C
date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
499 B 88ms
88ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 08 Jan 2024 18:21:30 GMT

GET
H2 200 71d4b8ca-53d1-4309-a952-3306259fb046 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
831 B 128ms
39ms Script
application/javascript 18.238.243.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-114.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 90fe3df0c40a502adc1f6f233be2b70039ce66cd5c53eae5cee6a793dfb29313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:14:36 GMT
via: 1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 414
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: tgRNDKiBHoQzQEk3lf_uswqyI8M-feeWy7xVgICCfz2p5HqTicqLPg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 39ms
39ms XHR
text/plain 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fstartefacts.com&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:13:13 GMT
via: 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 14897
x-cache: Hit from cloudfront
access-control-allow-origin: https://startefacts.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: noD8FXScb8ATonOej6ISGR1AEz8zJ_LedOW8B2NcJg9JHQyXjhf0sA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 162ms
77ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fstartefacts.com%2F&pid=ywIEZjcryu9U0&cb=0&ws=1600x1200&v=23.1211.1645&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_365163261%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F22868733797%2FSTF_SBR_300%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: 92GE49HHRW77HJH1AKRM
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://startefacts.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SeRCqWNLRx6Rdf6ayuS3KfHASMnitJozFFCTXd8yHc367CfDkbSQdQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 117ms
39ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 04:15:53 GMT
x-amz-cf-pop: AMS58-P4
age: 47721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 9KHKVwwEdmTwYjFB3mekL2cys92wlk4dE5hd6W0OeFWPBM1NApYSNg==

GET
H2

200

1 Show response
mc.yandex.com/watch/90557532/
Redirect Chain

https://mc.yandex.com/watch/90557532?wmode=7&page-url=https%3A%2F%2Fstartefacts.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/90557532/1?wmode=7&page-url=https%3A%2F%2Fstartefacts.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%...

460 B
552 B

85ms
85ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90557532/1?wmode=7&page-url=https%3A%2F%2Fstartefacts.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1574355138191%3Ahid%3A955590009%3Az%3A60%3Ai%3A20240108182130%3Aet%3A1704734490%3Ac%3A1%3Arn%3A712411731%3Arqn%3A1%3Au%3A1704734490642569330%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C82%2C258%2C2%2C107%2C0%2C%2C86%2C1%2C%2C%2C%2C537%3Aco%3A0%3Acpf%3A1%3Ans%3A1704734489592%3Agi%3AR0ExLjEuMjA2NTYyNTc4MS4xNzA0NzM0NDkw%3Afp%3A497%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704734491%3At%3AStartefacts.com%3A%20A%20Different%20Take%20On%20Pop%20Culture&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6155c2e012aa4f3cfdf73b73be3700e502aaecfb1a8e101af73a3104a1b16a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 08-Jan-2024 17:21:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://startefacts.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 460
x-xss-protection: 1; mode=block
expires: Mon, 08-Jan-2024 17:21:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08-Jan-2024 17:21:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90557532/1?wmode=7&page-url=https%3A%2F%2Fstartefacts.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1574355138191%3Ahid%3A955590009%3Az%3A60%3Ai%3A20240108182130%3Aet%3A1704734490%3Ac%3A1%3Arn%3A712411731%3Arqn%3A1%3Au%3A1704734490642569330%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C82%2C258%2C2%2C107%2C0%2C%2C86%2C1%2C%2C%2C%2C537%3Aco%3A0%3Acpf%3A1%3Ans%3A1704734489592%3Agi%3AR0ExLjEuMjA2NTYyNTc4MS4xNzA0NzM0NDkw%3Afp%3A497%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704734491%3At%3AStartefacts.com%3A%20A%20Different%20Take%20On%20Pop%20Culture&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://startefacts.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 08-Jan-2024 17:21:30 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 121 KB
40 KB 358ms
358ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=723801206072365&correlator=1103517554230020&eid=31079784%2C31080239%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=22868733797%2CSTF_SBR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C160x600&ifi=1&sfv=1-0-40&fsbs=1&sc=1&cookie_enabled=1&abxe=1&dt=1704734491257&lmt=1704734491&adxs=1000&adys=420&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fstartefacts.com%2F&vis=1&psz=300x600&msz=300x0&fws=516&ohw=300&ga_vid=2065625781.1704734490&ga_sid=1704734491&ga_hid=1832758497&ga_fc=true&dlt=1704734490043&idt=425&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26page_id%3Dpage_desktop%26traffic_source%3Ddirect%26amznbid%3D2%26amznp%3D2&adks=1874767755&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

554a51f1123b6f4356597c59a4ad39405095d8a5d70f9e0c1425bfad15292ea1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrDqu6mzoMDFeLbEQgd4v8Hww&gqi=&layout=/sadbundle/%24csp%253Der3%24/7687181443436380160/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKrDqu6mzoMDFeLbEQgd4v8Hww&gqi=&layout=/sadbundle/%24csp%253Der3%24/7687181443436380160/index.html
date: Mon, 08 Jan 2024 17:21:31 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40867
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://startefacts.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB5B 6 KB
3 KB 151ms
47ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 17:21:31 GMT
expires: Tue, 07 Jan 2025 17:21:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 146ms
47ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Jan 2024 17:21:31 GMT

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 179ms
90ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:33 GMT
server: nginx
etag: W/"642e8db5-162ff"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Jan 2024 17:21:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 172ms
87ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

879e3ed25995da2d4f16f44efad4d368af37912809c4a249dc0fd5ef27c42a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E9C5 14 KB
6 KB 165ms
53ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=startefacts.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 17:21:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 381586
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 container.html Show response
4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42E2 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 17:21:31 GMT
expires: Tue, 07 Jan 2025 17:21:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/ Frame 4649 67 KB
20 KB 162ms
77ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Requested by

Host: startefacts.com
URL: https://startefacts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd498fd1947a2766f8e5789f96bf580dae97098609c9c7634a175f291cc44dd1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 340756
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18434
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 18:42:15 GMT
expires: Fri, 03 Jan 2025 18:42:15 GMT
last-modified: Fri, 15 Dec 2023 10:31:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 42E2 23 KB
9 KB 129ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
URL: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 14:37:27 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD74 143 B
383 B 128ms
42ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
URL: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 16:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 42E2 3 KB
1 KB 128ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
URL: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 12:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 42E2 20 KB
9 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
URL: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 10:12:40 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E9C5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=startefacts.com&sn=ChromeSyncframe&so=0&topUrl=startefacts.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=DH39S3w3eFlzWFlmMlZ5MC9EelNPcjNud0J5KzFKZWdrajk3bDZ4b29uSGNnam5WVGo4UUpYSnBJay8rckpFQzhpZEFLMFUyWk11ZzdCcUJZd2t3cDYvYVNSZ1BLVFdOYjNTczJoeEljUG4yTmsvb1pTWlFIZno5RW1KM3...

438 B
654 B

47ms
47ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DH39S3w3eFlzWFlmMlZ5MC9EelNPcjNud0J5KzFKZWdrajk3bDZ4b29uSGNnam5WVGo4UUpYSnBJay8rckpFQzhpZEFLMFUyWk11ZzdCcUJZd2t3cDYvYVNSZ1BLVFdOYjNTczJoeEljUG4yTmsvb1pTWlFIZno5RW1KM3NuTkhnemlBODJTdE9LMDlBN2FUNm1Ma0sycE1YbUh5dnhvem5XK1l3ZjZFUGRHNDV6bFhkQktwZmVCejlwcnlmZlE1TEh4U0JTdnl0bnE5ZDdBN2t0NlRxZmNNTFV3OUcwM3E4Tlo4R0xnaTJNV2NsaTBROTJ2OC9Gb0xlUjlRMnZEa0psdm5NM1pxZzhtSjFIYUJOd0FIc1JOd2Z6WGlVMWRzN0tvNFVrQXRSUm1DUzljQT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

278522f3370df0fc58a4b4a30fe58aded31f376c84a294d7673bf4779908898f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1245780
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=DH39S3w3eFlzWFlmMlZ5MC9EelNPcjNud0J5KzFKZWdrajk3bDZ4b29uSGNnam5WVGo4UUpYSnBJay8rckpFQzhpZEFLMFUyWk11ZzdCcUJZd2t3cDYvYVNSZ1BLVFdOYjNTczJoeEljUG4yTmsvb1pTWlFIZno5RW1KM3NuTkhnemlBODJTdE9LMDlBN2FUNm1Ma0sycE1YbUh5dnhvem5XK1l3ZjZFUGRHNDV6bFhkQktwZmVCejlwcnlmZlE1TEh4U0JTdnl0bnE5ZDdBN2t0NlRxZmNNTFV3OUcwM3E4Tlo4R0xnaTJNV2NsaTBROTJ2OC9Gb0xlUjlRMnZEa0psdm5NM1pxZzhtSjFIYUJOd0FIc1JOd2Z6WGlVMWRzN0tvNFVrQXRSUm1DUzljQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 295724
content-length: 0
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 110ms
91ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 17:21:31 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42E2 204 KB
65 KB 220ms
58ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
URL: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 17:21:32 GMT

GET
DATA 200
OK truncated
/ Frame 42E2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2da06356378753d5d43bc33ce0feec50856b787ea09637f7f890fd0ea96f779a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD74
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

297ms
297ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
URL: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 17:21:32 GMT
expires: Mon, 08 Jan 2024 17:21:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 17:21:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4649 16 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 20:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:29:40 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4649 34 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 08 Jan 2024 19:07:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 791E 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:08:44 GMT
expires: Tue, 07 Jan 2025 14:08:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0BB 829 B
1 KB 161ms
52ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8a92729df49cab640d07052a79c5c86feacd49c2e213abd6277928f08960495

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zut_SlviwsCYsUYpfb0gfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Zut_SlviwsCYsUYpfb0gfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 17:21:32 GMT
expires: Mon, 08 Jan 2024 17:21:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 MB_17346_17346_MA_DE_sen_PRY_HtmlG_Res_300x600_ani_top__mod.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/ Frame 4649 86 KB
86 KB 39ms
39ms Image
image/gif 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7687181443436380160/MB_17346_17346_MA_DE_sen_PRY_HtmlG_Res_300x600_ani_top__mod.gif

Requested by

Host: 4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
URL: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f0c7742858ce12e69a8dc76098e2ed5439f10f47588e15cc76ed1ab3dab762d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sun, 05 Jan 2025 17:52:47 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 06 Jan 2024 17:52:47 GMT
x-content-type-options: nosniff
age: 170924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88309
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:31:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 791E 39 KB
15 KB 368ms
289ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0BB 0
0 348ms
322ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=723801206072365&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 167ms
74ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C-gx1Gy-cZerJE-K3x_AP4v-fmAyA4PmZdZ2hjIKMEoC708OLDhABIPLfk5kBYJWCgICwB6AB7cLZtQLIAQngAgCoAwHIAwKqBK8CT9AcYQzMIjpsdCLRVdel3qbE7BivLszbJ_X6bguQ4wXr91fVLdjkvW0KdLBhoaWEBhj9zY3Q02C3Qv6BdMewdm4LgJ_ogCaKabFVBd3PoICm2N-vGQkYtfEyP-biAkUbv4XekSA4vJTsvkqHZC8bn12vizYMggqPC0-De0sxu-ZrojbLq1dJFxXdOkROUYjXSdqmxMZ7BPBW2kvtePKxoQZLgz62M5p8XcLuU7NwgcfxqkZnMJlJ-FZsWW36onw1NHucTt9WjnzIrrpxN7XK-mxdEG6eGuAF_wNpCiClvx7kwdyA4CLjaAj4VpXlUL-q0pt7TbELtughRjvfRcp67YVtLJ1wJWKrEyv0zppyxZTJx_H8uuBZS4Hn61fjTg0ECr1bUyptIXclX8CJ1W3jwATq5KjJzgTgBAGIBeTo-N5NkgUECAQYAZIFBAgFGASgBl2AB_u8psoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpLcO0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj2m6nups6DA5oJ2QFodHRwczovL211c2NsZS1ib29zdGVyLmlvP2JyYW5jaC1uYW1lPWdvb2dsZSZ0ZXN0LW5hbWU9Z280dGlrJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwODY4NjQxODkyJmFkZ3JvdXBfaWQ9MTU4NTMwNjc5NDAyJmFkX2lkPTY4NTAyNzEyMTY5NyZ1dG1fdGVybT1rdyUyMGVudGl0eSUyMDA0NWM3YiZwbGFjZW1lbnQ9c3RhcnRlZmFjdHMuY29tgAoDyAsB4g0TCOvFqe6mzoMDFeLbEQgd4v8Hw9gTDNAVAZgWAYAXAbIXHwodCAASFHB1Yi03MzIwOTU0MDcwOTE3MTUyGMyyjgE&sigh=Db933VHaanM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_jWhUjgmRK-XbCZ3IZxovAcAsmUob_xj_qZZWFfRgTdQroIV1J6ae2GzBo48MoQZSSOo5efeLFyJ1O1JUP02ePmCcniqm7VLi8AkYAQ&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 17:21:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 42E2
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C-gx1Gy-cZerJE-K3x_AP4v-fmAyA4PmZdZ2hjIKMEoC708OLDhABIPLfk5kBYJWCgICwB6AB7cLZtQLIAQngAgCoAwHIAwKqBK8CT9AcYQzMIjpsdCLRVdel3qbE7BivLszbJ_X6bguQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218358632282902157505%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_windo...

0
0

156ms
75ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218358632282902157505%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2201-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216229174850298567409%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"18358632282902157505","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"16229174850298567409"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 17:21:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 08 Jan 2024 17:21:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18358632282902157505","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["01-08"],"6":["true"]},"priority":"500","source_event_id":"16229174850298567409"}&andc=true
access-control-allow-origin: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 791E 0
10 B 54ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?T2JNLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 176ms
80ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 17:21:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=723801206072365&bg=!TE-lTwDNAAY3kmNgF5I7ADQBe5WfONKap8gTEIYJwHtQi8bhEz6HmW26qE0VOok2K_jNzv7dDrUTaZSd9eL3RhKaM5bVAgAAADBSAAAAAWgBBwoAxpjzxt7RVAkyiTXPy7ujfEUePUVUpolxdTj9lEttNHU6X01biQOaGm42qDCFzWeMcwSlodVVSaO-grfyJEYtIyma3AHSjpUy0cWnhBfpcep5q8vrmAqh-Tn7jOmGXJXMkg25oX0DMYnsz0HnE1EGJjgIA1yEgz7O6jMbAm0Ig5Sysr5oolUJEO3P77XzxoSbR2dae6QzTA-f5an41zE_EfOVxz5H1_EmGghbX87fJoJBq7LH2lx8G_mc44qSFrBFdsiI5Asql5kCsNH3a7-bZFw40tfMlal5BYTro8gKYCSdXXNdEd-DfRuU5wRH3-AnIPKUhBuMKI483BxEikVIv_zNy_pqOy2L7hTEQxLzizomBpNR70dlkDe2nKeA_TNG8sgtSuUFm99Ooekbm6Hs6MXR1h9Z6lSBvtzpMI9aF3CdcPMjnjKpz5Ldpf89lzb5RkOEwsgHjcfGXMW5oi9C7Kjba_Hk-5mQg5TPdljh74P2wlThmNMxhQcQ742kPUhWYdXoDMrmLclFlrctpShMK-NWOEVmV9GWNWoucXAleDURJem1YVJeUJx-3dLrVAT56eIPXuCUDgfnwsS0EKr5HjoRNfqmVLjFH0xMJhT0aRumZVpzblyU5jpSy1gjlB7LIPBFJhn6gQoBoThAiGPCF_bHoz13cebH6lNejHdiAgjwVf_H3uVjXDfpxwT78DOAtr5F_4F69EQ8EuW13O5xz6teLrXKRV2BGc-l2sAXM52jWt-VC6tYRPjj-kqVAYjAv-0iUarO0vm1DAazW9sIdLmNaPm2L2kGT1azywZMb4HYeyZoJuQvRueLoxgKRz-9U5uMQMV7F_sDQHzJhCSdXrAWQv_OJVZW1OsphOlD43gP0RALlEjWqyukPG7NIeMy6236aKhbmyG6gN4OE5Gpsg7-1BvFnLfcXhnLcPyHErrhVwDH-GuqAePWZPeqaoWGhghqmQ6cDgDglMMTctEAcOoJoMg7ZspMWQVv-81iBC8x9bVHPa51Iw0-T35Ndhn7-7aOSl84mS_CjDrDcglHUUrBHhI25EGL12WiaipAJnqFE4-ATxTPMO4NQpRrZ40i3avqjY3MJU0bSt1lj2n3pDB0pbGp4CeTECUoVeEbb3t4i8RkAlORHHEi4bh0jOkwBiX224xMVuU2CNKVRhZrm-UpZqywJsmdOlA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 42E2 42 B
174 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvm4oYGYLwP_Wjdc5guRT6RpAcWv7egHULXI2q27WJp8EUwWBkIkbFPB5nVC_ac5xylRXlU12b78mgrS4PqmVpcAIUl9V2QcaHaeDzVfFLCs0VIhnQl_McZVtPplMs1aUSAycVFxRnowZ9Ysv7dmne8nsgh&sai=AMfl-YRFdW736CJgqXezyfOTGwt1ihKkqR1QwV0K5aWrfdKqq_rMsnprr9Z-9nr5a4n0GEskh1HFzjpI3A1ZHEu0VYy7uxprxoNt23hrIRzrROI-CQqkvsQVEzQ81Alof11rPkohuDlb8fj1b3Ilj_-VBA&sig=Cg0ArKJSzAOcUgfjiEfiEAE&cid=CAQSTwAvHhf_jWhUjgmRK-XbCZ3IZxovAcAsmUob_xj_qZZWFfRgTdQroIV1J6ae2GzBo48MoQZSSOo5efeLFyJ1O1JUP02ePmCcniqm7VLi8AkYAQ&id=lidar2&mcvt=1000&p=419,1000,1019,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1874767755&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704734491658&rpt=755&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4E7B 52 KB
17 KB 183ms
48ms Document
text/html 23.43.60.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.60.179 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-60-179.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 08 Jan 2024 17:21:34 GMT
ETag: "623de86a-cf34"
Expires: Tue, 09 Jan 2024 17:21:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 cookie Show response
cm.adform.net/ Frame 41B2 43 B
106 B 135ms
46ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D36A54950FFBAE568%26sp%3D810139%26pb%3D316151%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fstartefacts.com%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Mon, 08 Jan 2024 17:21:34 GMT
server: nginx

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2A53 37 B
140 B 239ms
42ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 08 Jan 2024 17:21:34 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 931A 16 KB
6 KB 138ms
46ms Document
text/html 23.43.60.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.60.191 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-60-191.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145746
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 08 Jan 2024 17:21:34 GMT
expires: Wed, 10 Jan 2024 09:50:40 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 88C1 3 KB
2 KB 103ms
43ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 289
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 84261e1d88e62681-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 17:21:34 GMT
expires: Mon, 08 Jan 2024 21:21:34 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame A554
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D...
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=36A54950FFBAE568&sp=810139&pb=316151&c=750708&a=754412&domain=https://startefacts.com/&gdpr=0&gdpr_sou...

43 B
444 B

202ms
48ms

Document
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=36A54950FFBAE568&sp=810139&pb=316151&c=750708&a=754412&domain=https://startefacts.com/&gdpr=0&gdpr_source=&gdpr_consent=
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 08 Jan 2024 17:21:33 GMT
Etag: 168e93faf4d4fd5a
Server: Adtelligent

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 154
content-type: text/html
date: Mon, 08 Jan 2024 17:21:34 GMT
expires: Mon, 08 Jan 2024 17:21:34 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA&traffic_source=snippet&session=36A54950FFBAE568&sp=810139&pb=316151&c=750708&a=754412&domain=https://startefacts.com/&gdpr=0&gdpr_source=&gdpr_consent=
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A9D2 281 B
555 B 121ms
39ms Document
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/stf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://startefacts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 Jan 2024 17:21:34 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 56ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=f8813fc801&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=c1690cbe-ddc7-4297-a0cc-7f14dd7f025d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=THlkY0RVZVAyNUlxM3ZKbUxOVW1GUQ&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEDhFmk5_58PcS2fRZvvxsiA&google_cver=1

49 B
485 B

54ms
54ms

Image
image/gif

208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEDhFmk5_58PcS2fRZvvxsiA&google_cver=1

Protocol

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-db744d8c7-vzxs4
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEDhFmk5_58PcS2fRZvvxsiA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=d760e026-c8c5-4cbd-a39b-7abd69f4de3f&google_hm=ZDc2MGUwMjYtYzhjNS00Y2JkLWEzOWItN2FiZDY5ZjRkZTNm
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIpumkRtF6bheBPuSOgjx64&google_cver=1&ssp=sonobi&bsw_param=d760e026-c8c5-4cbd-a39b-7abd69f4de3f

43 B
145 B

40ms
40ms

Image
image/gif

18.158.12.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIpumkRtF6bheBPuSOgjx64&google_cver=1&ssp=sonobi&bsw_param=d760e026-c8c5-4cbd-a39b-7abd69f4de3f
Protocol: H2
Server: 18.158.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-12-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIpumkRtF6bheBPuSOgjx64&google_cver=1&ssp=sonobi&bsw_param=d760e026-c8c5-4cbd-a39b-7abd69f4de3f
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685631761376743

49 B
443 B

387ms
129ms

Image
image/gif

2607:f350:3:2569:0:10:0:d
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685631761376743

Protocol

Server

2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-70
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5109685631761376743
Date: Mon, 08 Jan 2024 17:21:34 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o

49 B
442 B

128ms
128ms

Image
image/gif

2607:f350:3:2569:0:10:0:d
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o

Protocol

Server

2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://startefacts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-70
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o
Date: Mon, 08 Jan 2024 17:21:34 GMT
Connection: keep-alive
Content-Length: 99
Content-Type: text/html; charset=utf-8

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 7D56
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
880 B

59ms
59ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c23a43689501680fc79b84265de97622d808ecf51a0bd0d9906a5e03c6f0b3d7

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84261e1e5d8e452e-TXL
content-encoding: br
content-type: text/html
date: Mon, 08 Jan 2024 17:21:34 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLuR9EsjSSTqSdYFDNrvZ82T8JUxn5Nf%2BiRPRMpTPMR0rcVH%2FsgfCSN5%2BvmYNUXjqakHFNxC7K2GGlYKyEzg1%2FBeGtIWhzRXNJc50TVtohevVBRYCHGM07I44iiG6Hg9j7JkU6xEr%2Fo1ug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84261e1ddc5a452e-TXL
content-length: 0
date: Mon, 08 Jan 2024 17:21:34 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOwEWvEJ1mp8ZxRQTU4cAD69z8XuRlO7xtfM5QE6aYzADV1s14tfstOVhpwzca5%2Fs%2FlV8t6eu2tZDmNTxG4OoCO8Npgjne9T479KlRvMKwYp1sBMDOtA%2F6QzCJNkdwELrLCcj5YeSpjbEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A9D2 45 KB
13 KB 41ms
40ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5505512a4332fb38b740fbcc3ecd4e6efc5745f00ea66d6f55051d84e3c0fd3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:21:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2024 17:20:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=86326
Connection: keep-alive
Content-Length: 13173
Expires: Tue, 09 Jan 2024 17:20:20 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 931A 0
42 B 142ms
46ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93751694&p=162179&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:34 GMT
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A9D2 7 B
380 B 193ms
55ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 9db1556130a9e92b896eecae836f6a70
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 4E7B 0
762 B 46ms
46ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
an-x-request-uuid: 495e6386-b1eb-4804-aca3-0fb026ea44d4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 7D56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZwvHpBohoQtfdws1RgiBAAAFE0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1MrsMIMOgUOe_pP17Jghg&google_cver=1

43 B
765 B

88ms
88ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1MrsMIMOgUOe_pP17Jghg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PLB6Wn3h8nDPP2%2FCVnE%2BDprRpjm4c4q8ioFLs9G4lx8d9naHKrdhLJ429unarK3Bc2PKj3Uxh8FqfZZ9j%2B3AgBSriBmZoKpe32qCKJujqS0jMlef66c20tK2YIO3IcWp7A6VcvfxVeyvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84261e1f4800450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEM1MrsMIMOgUOe_pP17Jghg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 7D56
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZwvHpBohoQtfdws1RgiBAAA%265197&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZwvHpBohoQtfdws1RgiBAAA%265197&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=5721a4621cc8481f8d47fd56be3daa39
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9Iibc4eNeBUQj7IdKIM7pEUJAGbHh6usz3ABGA
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9Iibc4eNeBUQj7IdKIM7pEUJAGbHh6usz3ABGA

43 B
548 B

531ms
119ms

Image
image/gif

2600:1f18:ed:550e:f339:4051:d8d6:6b16

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9Iibc4eNeBUQj7IdKIM7pEUJAGbHh6usz3ABGA

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:f339:4051:d8d6:6b16 -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 17:21:35 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9Iibc4eNeBUQj7IdKIM7pEUJAGbHh6usz3ABGA
Date: Mon, 08 Jan 2024 17:21:35 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7D56
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZwvHpBohoQtfdws1RgiBAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnQKhcxeFKmht6B_BOjeEo&google_cver=1

43 B
734 B

72ms
72ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnQKhcxeFKmht6B_BOjeEo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtHwWc7dhjiNz%2FjZAlAgJPodXDWmn24vKNRwqYPMBhDAvtb3P1AcZ48ivs3lUKBY9R9YRVmWnX00oc0eu%2B1ywJ2LbQqzxcY7kwDSANjXj%2FiBk7PMLl8GDKX%2Ffaiev1PSvq9%2BP3dO3sAT7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84261e1f98e5450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnQKhcxeFKmht6B_BOjeEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7D56 70 B
148 B 56ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ZZwvHpBohoQtfdws1RgiBAAAFE0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7D56 43 B
601 B 188ms
56ms Image
image/gif 2a05:d018:d29:3601:8461:1fe4:b475:56d7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZZwvHpBohoQtfdws1RgiBAAAFE0AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:8461:1fe4:b475:56d7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D56
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=39e39dc3-af6a-46c0-bd3e-29f50f27c9c2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
478 B

74ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=39e39dc3-af6a-46c0-bd3e-29f50f27c9c2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlcDYlvE3QzyxxaSWcH1ST33eMV94wGUVPJWTE0YZAmN61ha6UF44B9Xd%2Bk%2BXpeqqX6%2B0rq7M3s6IDCyHvVpGT7r7bsMVR%2BJwM4SdObCnipDU9sTEQpqbr5VwndR0Wy%2BkM1cRWJh5MWUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 84261e1fb962450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=39e39dc3-af6a-46c0-bd3e-29f50f27c9c2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date: Mon, 08 Jan 2024 17:21:34 GMT
server: _
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D56
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZZwvHgANBoHuzABU
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZwvHgANBoHuzABU&_test=ZZwvHgANBoHuzABU

43 B
733 B

63ms
63ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZwvHgANBoHuzABU&_test=ZZwvHgANBoHuzABU
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6G1hGruqJacF76yjfMgPmD56JolPAO2RBVR1j7kHuDWmMkzExXdRdZ13w9pgEGcKPgHXTV1SeiHYWZ4F%2B9F6qGFejV4qDYSppdHN7fVMu0nQ4IpCt9GrbRcZcBiefj4h7qMv5%2B%2FJDRTVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84261e206b0a450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-fra-etou8220052-FRA
pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704734495.750345,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZZwvHgANBoHuzABU&_test=ZZwvHgANBoHuzABU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 7D56
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZZwvHpBohoQtfdws1RgiBAAA%265197
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a205614c-fd9e-4255-8880-397779cd1239

43 B
736 B

62ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a205614c-fd9e-4255-8880-397779cd1239
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pj%2BmYtv6menn1FXjuKj%2BZOZIU%2BAEYwApSPwm0R2B4r%2BeIQj0IGgo%2BWoCQN07qPL4w5KFaPjDgEMHMygQ7EjELh1eqGDUdJRLTB4GwQGECf71uZS9xa9L8cnRFC3GXM73o7b3RSbemXpynw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84261e206b03450a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=a205614c-fd9e-4255-8880-397779cd1239
Date: Mon, 08 Jan 2024 17:21:34 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 7D56 43 B
229 B 43ms
37ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZZwvHpBohoQtfdws1RgiBAAA%265197
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fstartefacts.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:21:34 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 34702
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84261e1ecb762681-TXL
content-length: 43
expires: Tue, 09 Jan 2024 17:21:34 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 4E7B 0
764 B 39ms
39ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 17:21:35 GMT
an-x-request-uuid: dc6a67ac-b078-403e-a5aa-5fc0492b80a8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:15:26	Name: _li_ss Value: CggKBgjdARD2Fg
.startefacts.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: dab62e547cbb8db112be7b4e40ea1710
.startefacts.com/	1970-01-21 03:08:14	Name: _ga_CSS7ZBBEV0 Value: GS1.1.1704734490.1.0.1704734490.0.0.0
.startefacts.com/	1970-01-21 03:08:14	Name: _ga Value: GA1.1.2065625781.1704734490
.startefacts.com/	1970-01-21 02:17:50	Name: ym_long_lasting_session_id Value: 236005270652
.startefacts.com/	1970-01-21 02:17:50	Name: _ym_uid Value: 1704734490642569330
.startefacts.com/	1970-01-21 02:17:50	Name: _ym_d Value: 1704734490
a4p.adpartner.pro/	1970-01-20 18:58:38	Name: apuid Value: 12a8299b-09b7-44e6-b6b4-1ed0353364de
.rubiconproject.com/	1970-01-21 02:17:50	Name: khaos Value: LR56WFAU-6-KRI3
.rubiconproject.com/	1970-01-21 02:17:50	Name: audit Value: 1\|naVuGyos1qp8ZaVhFTCevQNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w4eqUzy5sWIHe0KLw88t5rxFlDilYgRR+uBxGCOXoSK1+m+CWwPAjWu+xUA9sgf/4b7FQD2yB//h
.mc.yandex.com/	1970-01-20 17:32:15	Name: sync_cookie_csrf Value: 1923378504fake
.yandex.com/	1970-01-21 03:08:14	Name: i Value: 8t4kbG+0ZW+NFsvpUvxGHaDBLX5osJETTdoRWgTl211tD83YcAeY19FH3HojvIThyXWmvRRYWZ07dEtJO8JtDknyV8g=
.yandex.com/	1970-01-21 02:17:50	Name: yandexuid Value: 6490423791704734490
.startefacts.com/	1970-01-20 17:33:26	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:32:15	Name: sync_cookie_csrf Value: 1163183440fake
.adnxs.com/	1970-01-20 19:41:50	Name: icu Value: ChkIg4qIARAKGAEgASgBMJre8KwGOAFAAUgBEJre8KwGGAA.
.adnxs.com/	1970-01-20 19:41:50	Name: uuid2 Value: 7668513682833315295
server.smartytech.io/	1970-01-21 02:19:16	Name: uid Value: 4a61c92d-720c-4701-8937-0671d1720e1a
.mc.yandex.com/	1970-01-20 17:33:40	Name: sync_cookie_ok Value: synced
.go.sonobi.com/	1970-01-20 18:15:26	Name: __uis Value: c1690cbe-ddc7-4297-a0cc-7f14dd7f025d
.go.sonobi.com/	1970-01-20 17:33:40	Name: _usd_startefacts.com Value: 95bdb1c5-5029-4109-b952-9b97bca662a3
.go.sonobi.com/	1970-01-20 17:32:14	Name: __uih Value: 1
.yandex.ru/	1970-01-21 03:08:14	Name: yandexuid Value: 6490423791704734490
.yandex.ru/	1970-01-21 03:08:14	Name: yuidss Value: 6490423791704734490
.yandex.ru/	1970-01-21 03:08:14	Name: i Value: 8t4kbG+0ZW+NFsvpUvxGHaDBLX5osJETTdoRWgTl211tD83YcAeY19FH3HojvIThyXWmvRRYWZ07dEtJO8JtDknyV8g=
.yandex.ru/	1970-01-21 03:08:14	Name: yp Value: 1704820890.yu.2730430301704734490
.yandex.ru/	1970-01-21 02:17:50	Name: ymex Value: 1707326490.oyu.2730430301704734490
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1501109001704734490
.yandex.com/	1970-01-21 02:17:50	Name: yuidss Value: 6490423791704734490
.yandex.com/	1970-01-21 02:17:50	Name: ymex Value: 1736270490.yrts.1704734490
.yandex.com/	1970-01-21 02:17:50	Name: bh Value: KgI/MA==
.onaudience.com/	1970-01-21 02:17:50	Name: cookie Value: 7ba8e24ab969a64c
.onaudience.com/	1970-01-20 17:33:40	Name: done_redirects104 Value: 1
.onaudience.com/	1970-01-20 17:33:40	Name: done_redirects147 Value: 1
.admixer.net/	1970-01-20 19:41:50	Name: am-uid Value: 743a3469473544f88a1a9bd31fa9b8fe
.startefacts.com/	1970-01-21 02:53:50	Name: __gads Value: ID=8950fb40e8316a36:T=1704734491:RT=1704734491:S=ALNI_Mb10caEpV37uuGUi58HGKamCJnq5g
.startefacts.com/	1970-01-21 02:53:50	Name: __gpi Value: UID=00000d3d7665efd1:T=1704734491:RT=1704734491:S=ALNI_MaLLaog3g3mrIBl9TYIgbau5rVQ8A
.criteo.com/	1970-01-21 02:53:50	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:53:50	Name: uid Value: 0e7cce16-e6bb-4035-ab35-f13161413399
.startefacts.com/	1970-01-21 02:53:50	Name: cto_bundle Value: JvyE319XMDFSMGUlMkZQUiUyRnVKRzNSYXRkNDJERnNxcGY2NG01SGYlMkJEOVZQN3RYdnJTVzNEbWxLS0FHQjh4NyUyQlFkVFdJbEh6VjBFTTFKeWRwMnQlMkJ4aldBNXhSa2t1Zk9WQ0RubFpYbHE5STI0WGlOYmslMkJUcXlzMnE2ak1JUVQxc3lvTXBzZ05pRUpzbEZhaGViT0puWjFVaEVLaXclM0QlM0Q
.doubleclick.net/	1970-01-20 17:32:18	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:53:50	Name: IDE Value: AHWqTUkwga2wHXhTqmdWJSeCLJ42s-4eDzAH0-RZ-NXQm8mszQ2bvQCagLFzzkoihJU
.googleadservices.com/	1970-01-20 19:41:50	Name: ar_debug Value: 1
.ads.pubmatic.com/	1970-01-20 17:33:40	Name: KCCH Value: YES
.casalemedia.com/	1970-01-21 02:17:50	Name: CMID Value: ZZwvHpBohoQtfdws1RgiBAAA
.casalemedia.com/	1970-01-20 19:41:50	Name: CMPS Value: 5197
.casalemedia.com/	1970-01-20 19:41:50	Name: CMPRO Value: 5197
.rfihub.com/	1970-01-21 02:53:50	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQ3MzQ2NzM3MRbiM9R1js-Ldw6pMM4odswBAGMHWoIlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQ3MzQ2NzM3MRbiM9R1js-Ldw6pMM4odswBAGMHWoIlAAAA
.rfihub.com/	1970-01-21 02:53:50	Name: eud Value: H4sIAAAAAAAA_1slymtobmBibmxiYmliYmQGAMqw_DAQAAAA
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: f8f300cad04bd953
.adnxs.com/	1970-01-21 03:08:14	Name: XANDR_PANID Value: yR5GAJlIl4ORBtNIBct_-IfPnaTOhPA5F1g1ce1qvomWKBKYUDARyDNm55Xe7CHd0VbfxH4BSZCtaTYuyKei_y-KmE5HafyJlvDvXrrbpKw.
.bidswitch.net/	1970-01-21 02:17:50	Name: tuuid Value: d760e026-c8c5-4cbd-a39b-7abd69f4de3f
.bidswitch.net/	1970-01-21 02:17:50	Name: c Value: 1704734494
.bidswitch.net/	1970-01-21 02:17:50	Name: tuuid_lu Value: 1704734494
.adtelligent.com/	1970-01-20 19:01:31	Name: vmuid Value: 168e93faf4d4fd5a
.adtelligent.com/	1970-01-20 19:01:31	Name: a754412 Value: 0000EEA
.csync.loopme.me/	1970-01-20 19:43:16	Name: viewer_token Value: 39e39dc3-af6a-46c0-bd3e-29f50f27c9c2
.yahoo.com/	1970-01-21 02:18:12	Name: A3 Value: d=AQABBB4vnGUCEBWPTxIluciKthE2f_D_dt8FEgEBAQGAnWWmZQAAAAAA_eMAAA&S=AQAAAl8LGSblA_64Ne10WpMBKB8
sync.srv.stackadapt.com/	1970-01-21 02:17:50	Name: sa-user-id Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
.srv.stackadapt.com/	1970-01-21 02:17:50	Name: sa-user-id Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
sync.srv.stackadapt.com/	1970-01-21 02:17:50	Name: sa-user-id-v2 Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
.srv.stackadapt.com/	1970-01-21 02:17:50	Name: sa-user-id-v2 Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
sync.srv.stackadapt.com/	1970-01-21 02:17:50	Name: sa-user-id-v3 Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCCe3vCsBjABOgT90vuTQgSNlqhd.9c%2BtyEEMxemt1IswePIwbbmZwi9yWcZaUgzJDfzkb7w
.srv.stackadapt.com/	1970-01-21 02:17:50	Name: sa-user-id-v3 Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCCe3vCsBjABOgT90vuTQgSNlqhd.9c%2BtyEEMxemt1IswePIwbbmZwi9yWcZaUgzJDfzkb7w
.everesttech.net/	1970-01-21 02:17:50	Name: everest_g_v2 Value: g_surferid~ZZwvHgANBoHuzABU
.adsby.bidtheatre.com/	1970-01-20 17:42:19	Name: __kuid Value: a205614c-fd9e-4255-8880-397779cd1239.473948494
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8670\|ZZwvI
.liadm.com/	1970-01-21 03:08:14	Name: lidid Value: 5721a462-1cc8-481f-8d47-fd56be3daa39

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c4a85cbd3470460d0319fb4399040eb.safeframe.googlesyndication.com
a4p.adpartner.pro
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
adx.adform.net
ap.lijit.com
apex.go.sonobi.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.membrana.media
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
csync.loopme.me
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
kinesis.us-east-2.amazonaws.com
match.adsby.bidtheatre.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mug.criteo.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
securepubads.g.doubleclick.net
server.smartytech.io
ssum-sec.casalemedia.com
startefacts.com
static.criteo.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.srv.stackadapt.com
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.36.155
13.32.119.77
146.59.110.100
15.235.15.221
151.101.66.49
172.217.18.2
172.64.149.180
172.64.151.101
178.250.1.9
18.158.12.89
18.193.236.213
18.238.243.114
18.239.69.131
185.64.189.112
185.64.190.78
185.83.71.234
193.0.160.130
2.18.160.23
2001:4860:4802:32::36
208.93.169.131
216.58.206.34
23.108.103.8
23.43.60.179
23.43.60.191
2400:52e0:1e00::1082:1
2600:1f18:ed:550e:f339:4051:d8d6:6b16
2602:803:c003:200::61
2606:4700:20::681a:414
2606:4700:20::ac43:461b
2606:4700::6810:5614
2607:f350:3:2569:0:10:0:a
2607:f350:3:2569:0:10:0:d
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6b8::1:119
2a05:d018:d29:3601:8461:1fe4:b475:56d7
2a0c:5c87:5239::2
3.15.36.104
34.250.5.176
35.214.181.122
35.71.131.137
37.157.3.20
37.157.4.29
37.252.171.21
46.228.174.115
51.83.220.94
54.196.247.2
54.246.43.192
54.81.187.36
64.227.64.62
69.173.144.165
76.223.111.18
88.221.169.246
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0e262f1f3419d948dff4b9cd4977ed3c17b74dd54f009f58763d5e438dd3a01e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
137bc9dac8d6a243253c2e245f7edc0e3225935a4b4b24272bd660405e024c31
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2369d352fa4841b8d881c3a3454182653775b10742d48bca7371837994cdbec4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
278522f3370df0fc58a4b4a30fe58aded31f376c84a294d7673bf4779908898f
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2aec34aca4d8caab214a38ae98ec229ef274e53de3172a252530722e06005596
2da06356378753d5d43bc33ce0feec50856b787ea09637f7f890fd0ea96f779a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f2808dfa8dbc58265b8b2c4492a50b9dc87dea592f89892b572cf1ae99c2a7e
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
30ff18488c104207792884b22c2f7e7ed0de0076401e75811bc4d94d44962378
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3312c33d38be0c1d399c66901e8c4639058269a727d656515d962947742d9cd5
3a8582531bb9b4dfca6ce9e3a1a4a7437b343a94ed6a7c98b04a7e7704a56271
3d3b40d6960fb87772f837b262b571463851b862893dbdd610b582e8a66c3046
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c77e599c0cedd4823ae419cc59f7fab0d77039421c9ead30ae93b0b008d1a8
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47475ca20b74723298d32901d52174aeacd057cfb3421fb360a767aa367028dc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48dd2edc065bfb97fe32d50e6b5c17f7a62da8b75665d6016b2e91067b10c302
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4fee6145fd1760b047ea53931bbcf80e1d26b557ed61a80c0c1fbcb668fe8f76
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5505512a4332fb38b740fbcc3ecd4e6efc5745f00ea66d6f55051d84e3c0fd3c
554a51f1123b6f4356597c59a4ad39405095d8a5d70f9e0c1425bfad15292ea1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58bda1b1f65dcca1e9e575d11a89deaa578002b734694927066e3435c172768d
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f0c7742858ce12e69a8dc76098e2ed5439f10f47588e15cc76ed1ab3dab762d
6155c2e012aa4f3cfdf73b73be3700e502aaecfb1a8e101af73a3104a1b16a62
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6737ee02f71faed918deb0d82741d5bfe13cf0a8e1b604eb8f9ff7a219b9d793
676c08348248916038007976703dcb636e63ea598128991382a03df37d222fd8
6f2a6a48b959844d5c201b5740c96a835854a5e68994d84c5a87185b41f2142e
7107427ca2efdfc674ffcbc3735d4efa23b8f5ecf15fad8c6c9ba4b4b16c8ddb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
785d943b6ee1522e992169e311c5dfb563d639c8d55dd6738a77c6e225bdfca6
7febcc726b716a1a57630aa63271a8e44d67fff16d2383b394779c9262d1f194
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82d924bb557e90ec500809eef22c1dcc98d0767875b790b130a97cb9ae361e70
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
879e3ed25995da2d4f16f44efad4d368af37912809c4a249dc0fd5ef27c42a3f
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90cf6f9eeab24fb56030b92be23567d6a9fe63ded016894280ae36a2e07e63cc
90fe3df0c40a502adc1f6f233be2b70039ce66cd5c53eae5cee6a793dfb29313
94689fee2f04f1e745d0b243f82b3fb18298078f805f027296f8607dd8643e4a
9893a2e9af1cd3343ac2cca7203aff481a8bac25db44626e77513be0b53407b5
9c03998e1dd7c6fb9ac8deebb205f9aab453317393bb1018fba93a746ce5b11d
a97e0982532b0133e5d356112ff4beb877621252e6977d01a0959508f80f117e
aaea43a2b2fea22a94f788336747656f2aa0d238b1dd6fac64ae3e633d57b9da
af377a37e0ecff92dde0e36d897b43ee9775d2f922fbe846cd888d6a86974484
b12ea13771abd2ddbf01552ee09c40582cb574ed8720faa9652c3a9f93a5bc56
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6c26ccf6522608895fd4676d33ab36a1e051ab033bc39e9ea4ec257391026ae
b82f73505e42ebebc66dcf52160e420441d7e3dd0623b7593c3dd4cc77852e53
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1230af5f5bad96c82e6b7ae13a76bff1dcbdc4710077427d4e23a7415e63984
c23a43689501680fc79b84265de97622d808ecf51a0bd0d9906a5e03c6f0b3d7
c67b99822bb72cfb47b01d0cfab1113b2ee13fbd44759f518483993bade4ad5c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d25ef7879f3624bddc7093e94bdacada5e020127df46a414461aac37cae7c3a4
dfd446b1b8944af67cd2d9f56246090d379fd044f10b9a3b27306b52b0af8ea7
e2ddcb26dfd35e1dac1b726af44be440b3b0f0a6298bb5e462c5ae4c535ccbe5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a92729df49cab640d07052a79c5c86feacd49c2e213abd6277928f08960495
e9fd369f239eabd53ca43729414c926fe9dfea08fb4702aa12dcf85480dfecc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f8154827d46ff5297dcf022f852bbd234da5a00088ebebf9405e75b48b5f451a
fd498fd1947a2766f8e5789f96bf580dae97098609c9c7634a175f291cc44dd1
fd9787a2b8d07640430baa436d34098a59e42496fe4837041bb8515ed20bf80b
fdcd2d83484c69a7ac1bce4ba73898e61200575ffc2eb0e2f3f31e9ee05f51fe
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

startefacts.com Open in urlscan Pro 2606:4700:20::681a:414 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

86 %HTTPS

37 %IPv6

43 Domains

65 Subdomains

51 IPs

11 Countries

2234 kBTransfer

4131 kBSize

69 Cookies

3 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

startefacts.com Open in urlscan Pro
2606:4700:20::681a:414 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

86 %
HTTPS

37 %
IPv6

43
Domains

65
Subdomains

51
IPs

11
Countries

2234 kB
Transfer

4131 kB
Size

69
Cookies

117 HTTP transactions
4 data transactions