gfmag.com Open in urlscan Pro
3.223.56.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gfmag.com/
Effective URL:
https://gfmag.com/
Submission: On December 10 via api (December 10th 2023, 3:36:58 am UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 95 HTTP transactions. The main IP is 3.223.56.46, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is gfmag.com.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.

This is the only time gfmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	3.223.56.46 3.223.56.46	14618 (AMAZON-AES) (AMAZON-AES)
30	18.66.122.94 18.66.122.94	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
11	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	52.213.168.6 52.213.168.6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
95	20

2 3.223.56.46 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-56-46.compute-1.amazonaws.com

gfmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 18.66.122.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-94.fra60.r.cloudfront.net

s44650.pcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.168.6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-168-6.eu-west-1.compute.amazonaws.com

pncbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	pcdn.co s44650.pcdn.co	859 KB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	693 KB
16	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	248 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	287 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	215 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3986	28 KB
2	demdex.net 1 redirects pncbank.demdex.net — Cisco Umbrella Rank: 34325	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	12 KB
2	gfmag.com 1 redirects gfmag.com	23 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	109 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	395 B
1	t.co t.co — Cisco Umbrella Rank: 589	377 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	250 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
95	15

	Domain	Requested by
30	s44650.pcdn.co	gfmag.com s44650.pcdn.co
14	pagead2.googlesyndication.com	gfmag.com pagead2.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	securepubads.g.doubleclick.net	gfmag.com securepubads.g.doubleclick.net e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com www.googletagservices.com
6	www.googletagservices.com	securepubads.g.doubleclick.net e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com www.googletagservices.com ad.doubleclick.net
3	www.googletagmanager.com	gfmag.com www.googletagmanager.com
3	static.addtoany.com	gfmag.com static.addtoany.com
2	pncbank.demdex.net	1 redirects ad.doubleclick.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	gfmag.com
2	gfmag.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	ad.doubleclick.net
1	ad.doubleclick.net	www.googletagservices.com
1	analytics.twitter.com	gfmag.com
1	t.co	gfmag.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
95	20

This site contains links to these domains. Also see Links.

Domain
app.frevvo.com
www.facebook.com
www.linkedin.com
www.youtube.com
twitter.com

Subject Issuer	Validity	Valid
gfmag.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
pcdn.co Amazon RSA 2048 M01	`2023-08-12` - `2024-09-08`	a year	crt.sh
static.addtoany.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://gfmag.com/
Frame ID: C980DBD700FE64C2EB8E7071FF4DABCC
Requests: 57 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 0B93A4AF47E1A967E4B31CCC3FA8748F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: C8103B4F5075D69B97F2DD5E0451AFEC
Requests: 1 HTTP requests in this frame

Frame: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F197C8A66BC487C8AA5E4B094E55765
Requests: 1 HTTP requests in this frame

Frame: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 051E342C6DC73FF3E7FA1E6708E88EFA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyzk1c3j-5thqK5i7fuFWSu-aIZoPVb_Q17Ri_Hkzvariym41LVApfZL0v-nZidT884mvVTJ8U_1lE3l6Yi2waW0eIBuie0fofym0-VnJZLYyupE2sCBUrzExxYEejr17c-OBk4D-33WasXKrcP9VrOwAGhjf-QtvLPdAR05zkKwjI-I_NvGhknm5RhLckkhAfksj-xbGaT55TlHgUGLvwpCNXSQLnpo91RGcs80QYeX-aOv4iviPmURj8WY93vyuCTpsPMHhTxIYBqkUmQ0i1cO3f1kIF2n0GZdBmnJQAGhwqgDdeYAYlJq8&sai=AMfl-YTZydQsr8w9OEwuEaHvFe9yjDSud7rwYZVGUYL7cqnhnSLU3RHbHR7RVFEPdnhl6ZA2DiYzNutsz1i9KUC7Tnu9VALEM5TDkrin3o05nVuwl8uu6d8mtIafAq4Pc1XWRny7F5xmgvdNV1hiYsxSQpNJU1kxKnKJEYH5dyU&sig=Cg0ArKJSzC6c_o0KmdlJEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A12B2F705CD995FC883E85CEF5C6196E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu24xIR5mLYSJq-eNSHW1K8in-RVF_fZfN8iSu1JhHs3GsLXuZXaf2piGp3ON20Ze-3iGgmj4ulzMfJVOww7krx-cnvbS0bPziiyytha974ifyJZU66CXHVezsN2ts4ApVlKlYqOvTmNleM5IOlOf1M13KUmpVHq-K-73AdahiFepQD5kMdUlrvs6-XX_Ia8PyyC_2tiMu7iSyTacjcVMHMD7JINaH4n7nyeiiilOpwVZ1pV6uOnTAF8u_3mFpDrBQ8kd1nULC6UqdwhLJC3OXVX0T993RTlUx8PN3q9V2BetUPvY8LZhcByBf4eFk1ipDEZb7GUOYHODQ&sai=AMfl-YQFIDAjkdfxtNCn6tgIlwWlAFfJdNIJwgEsm0h42TmJrymSVAklA2S1lFPKNztt1CV4mdEjalHA1rEuFpO4Ib_QscJEwiJYh-wFxt2mxqUP2QEY8ItwaZEdU4VnTIHwayQgC4xadbsjJsz84zC6Z-rZ7uD_1DmNWyXC3g&sig=Cg0ArKJSzA1n8UbscwDBEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7D09AD44E1F5A718F0B38A0FA1EC5A62
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860458211880459&output=html&adk=1812271804&adf=3025194257&lmt=1702164091&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fgfmag.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702179413399&bpp=1&bdt=351&idt=219&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2aea31e54817d8f2%3AT%3D1702179413%3ART%3D1702179413%3AS%3DALNI_MakBpTc6qwMfdxr15ZTFq00CnuA3Q&gpic=UID%3D00000d1118d999ea%3AT%3D1702179413%3ART%3D1702179413%3AS%3DALNI_MaCuF4bnixNRKHVHQ1yW4JH-RuVuQ&nras=1&correlator=5329504274681&frm=20&pv=2&ga_vid=1899175900.1702179413&ga_sid=1702179413&ga_hid=481537146&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079864%2C31079924%2C31079979%2C42531705%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=2949462083623446&tmod=138095638&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=233
Frame ID: E623BF7648CD5D91B52CADE9D99F50D2
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N126810.126093GLOBALFINANCE/B29863637.372906583;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=2539895705;ord=8sspnn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstPihGEtdkmCZ6tBxhJit95RgTj26OoriouZd1Qpgn-EivC7c8_J_fiTApbmsmfD84AnRrI0R79ydIFDretGUNF9Xo1FKnWoskRgsoxJ31M5qCH6ul5hInLPJWavwFuelTsV48I-XSsQkqF3tLMuXL0ORQ14m06Ev44mB-9QTvrtRmqeF18NrC9bjvtzUtuPVdY8rx6AEkhr6LTLfAAiaOITToUOf4VGfL-l7-DmG5l_cMkikaraioMWM1g9-u2btmBWlomsIomY2g_oYLNarWjQnlr_xFZe76kgNW3kpJaGZy7qpi5fVrj2dtm%26sai%3DAMfl-YTyAa5Fy6RCPKsXsMQ46fp1UQaCEfzlRf96OLbcXrMZDdAoPFR1966bdB3U6hJ9eDNHgShkbLpWh8NAcByqNTIj_hR7NkUhNEbv2lvIj9-FLKZvvlczsQzshpEYx7esIFLchcGpszmM044BDjB8cyfuStX17z73_LZ1hw%26sig%3DCg0ArKJSzOgIGfFs8OBfEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fgfmag.com%2F$0;xdt=1;crlt=AoPcB5XhCp;stc=1;chaa=1;sttr=80;prcl=s
Frame ID: 856636FE253784CE2631A8BEEA357FF5
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 195268BD0CDAAEBCE0CACAABEAB0ED93
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: A1FDF3E040DF69F53629DFCB327FDF20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7F9EA722B108AC03C493DE3CB152A3D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 09A2192ADED21A2E515C7B4A7B147185
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Global Finance Magazine search search-outline close-x-magnifier search facebook linkedin youtube twitter arrow-chevron-right-redarrow-chevron-rightbutton-arrow-left-greybutton-arrow-left-red-400button-arrow-left-red-500button-arrow-left-red-600button-arrow-left-whitebutton-arrow-right-greybutton-arrow-right-red-400button-arrow-right-red-500button-arrow-right-red-600button-arrow-right-whitecaret-downcaret-rightclosecloseemailfacebook-square-holdfacebookhamburger-newhamburgerinstagramlinkedin-square-1linkedinpauseplaysearch-outlinesearchsubscribe-digitalsubscribe-printtwitter-square-holdtwitteryoutube

Page URL History Show full URLs

http://gfmag.com/ HTTP 301
https://gfmag.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

95
Requests

99 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

2491 kB
Transfer

5369 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://app.frevvo.com/frevvo/web/tn/stamats.com/u/35cdd5e9-7bbe-45a3-ba7b-89597d3acaa6/app/_IxvuIG0jEe6irPfE3_cVHw/formtype/_1XOv8BE9Ee6Sgd18XvMUeg/popupform
Title: Print Subscription

Search URL Search Domain Scan URL

URL: https://www.facebook.com/globalfinancemag/
Title: facebook Link to Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/global-finance-magazine/
Title: linkedin Link to LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Global_Finance
Title: youtube Link to YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/GFmag
Title: twitter Link to X

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gfmag.com/ HTTP 301
https://gfmag.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://pncbank.demdex.net/event?d_event=imp&d_src=472420&d_site=7162507&d_creative=196223009&d_adgroup=563818644&d_placement=372906583&d_campaign=29863637&d_bust=281411756 HTTP 302
https://pncbank.demdex.net/firstevent?d_event=imp&d_src=472420&d_site=7162507&d_creative=196223009&d_adgroup=563818644&d_placement=372906583&d_campaign=29863637&d_bust=281411756

95 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gfmag.com/
Redirect Chain

http://gfmag.com/
https://gfmag.com/

134 KB
23 KB

494ms
243ms

Document
text/html

3.223.56.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.223.56.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-56-46.compute-1.amazonaws.com
Software: Pagely-ARES/1.20.1 /
Resource Hash: 4b586b6f0a48a442ad9f4512f0b31e18fb5168b0e47dbe7747c821f1fc88931b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 22874
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 03:36:52 GMT
last-modified: Sat, 09 Dec 2023 23:21:31 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding Accept-Encoding
x-gateway-cache-key: 1702092452.155|standard|https|gfmag.com|||/
x-gateway-cache-status: HIT
x-gateway-request-id: 4680b70e15b0b9124ecbe0d63d2287e8
x-gateway-skip-cache: 0

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 10 Dec 2023 03:36:52 GMT
Location: https://gfmag.com/
Server: Pagely-ARES/1.20.1
X-Gateway-Cache-Key: 1702092452.155|standard|http|gfmag.com|||/
X-Gateway-Request-Id: 82e8a1629ab0709efd836ec143fb5ce7
X-Gateway-Skip-Cache: 1

GET
H2 200 gmf-logo.svg
s44650.pcdn.co/wp-content/uploads/2023/04/ 16 KB
8 KB 130ms
57ms Image
image/svg+xml 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/04/gmf-logo.svg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: c0f501620f90b646a1d1d1ec751309870170dfa2f0497adafd5367ebedf448e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:17:08 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 724785
x-cache: Hit from cloudfront
x-gateway-cache-status: HIT
x-gateway-request-id: 877329225d4e5173134f19eb64b79ca3
last-modified: Tue, 15 Aug 2023 21:10:09 GMT
server: Pagely-ARES/1.20.1
etag: W/"3e7c-602fc9a9ca4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-gateway-skip-cache: 0
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/uploads/2023/04/gmf-logo.svg
cache-control: max-age=2592000
x-amz-cf-id: 280T6ikLf-pm8zN88fGNIgHmy8vNqg0aNjiD0U5Cy0KtmyWdCagfMQ==
expires: Sun, 31 Dec 2023 18:11:36 GMT

GET
H2 200 index.css
s44650.pcdn.co/wp-content/themes/global-finance/build/ 261 KB
27 KB 108ms
34ms Stylesheet
text/css 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1.0.0
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: ff05f669c0454626ae058da99e275b7621f1662aa9da9f197d3d85c6050edc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:28:28 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 734905
x-cache: Hit from cloudfront
content-length: 27289
x-gateway-cache-status: MISS
x-gateway-request-id: c8d99ba8bb8493b1993ae0d567aeccaa
last-modified: Thu, 16 Nov 2023 22:01:47 GMT
server: Pagely-ARES/1.20.1
etag: "4131d-60a4c2a8b3c3d-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: text/css
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/themes/global-finance/build/index.css?ver=1.0.0
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Fy4ano6lu9Jsg2bm0nnqCFRldnGdQitLwS8MVZEvnRJM10MxgwVnaQ==
expires: Sun, 31 Dec 2023 15:28:28 GMT

GET
H2 200 index.js Show response
s44650.pcdn.co/wp-content/themes/global-finance/build/ 7 KB
3 KB 125ms
52ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.js?ver=1.0.0
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 3a814e97bee122a36f6ca55f04195d1dd97afd85ecdb133a1624d5635a4091a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:28:27 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 734906
x-cache: Hit from cloudfront
content-length: 1992
x-gateway-cache-status: MISS
x-gateway-request-id: 8877991138c311351e21c1c8c8717d2b
last-modified: Tue, 15 Aug 2023 14:55:44 GMT
server: Pagely-ARES/1.20.1
etag: "1d9f-602f75f963378-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/themes/global-finance/build/index.js?ver=1.0.0
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: tySRHIoJRkiZTLIVXn_y3Xddmpc17ggYjcwdi49-pSktGdrOf6-9rg==
expires: Sun, 31 Dec 2023 15:28:27 GMT

GET
H2 200 style.min.css
s44650.pcdn.co/wp-includes/css/dist/block-library/ 102 KB
14 KB 124ms
50ms Stylesheet
text/css 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:28:25 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 734908
x-cache: Hit from cloudfront
content-length: 13841
x-gateway-cache-status: MISS
x-gateway-request-id: 83f2eda5d01c1b54a3fd8c6392c29518
last-modified: Thu, 12 Oct 2023 21:20:44 GMT
server: Pagely-ARES/1.20.1
etag: "19824-6078b833e2300-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: text/css
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: nCGupgpz8mi3p1mn1p8Mst-9XIhyUkYT7J3JVIxppTYJtwy5aTovHQ==
expires: Sun, 31 Dec 2023 15:28:25 GMT

GET
H2 200 index.css
s44650.pcdn.co/wp-content/themes/global-finance/build/ 262 KB
27 KB 104ms
31ms Stylesheet
text/css 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 0200022aa1af57eeefa8e6a4365ee7d9a4ecbd7155e50146c64d74f0e405ec61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 22:12:22 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 278670
x-cache: Hit from cloudfront
content-length: 27343
x-gateway-cache-status: HIT
x-gateway-request-id: 26fcce6e0ba483f2f71c60dcb318832d
last-modified: Wed, 06 Dec 2023 22:11:59 GMT
server: Pagely-ARES/1.20.1
etag: "41899-60bdea3d82969-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: text/css
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/themes/global-finance/build/index.css?ver=1701900719
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: The9VLGuTf-fDzdmDH_8kvu68zIDx_Y6GdWM2jiW6S92UHCLgJ_UKQ==
expires: Fri, 05 Jan 2024 22:12:02 GMT

GET
H2 200 addtoany.min.css
s44650.pcdn.co/wp-content/plugins/add-to-any/ 2 KB
1 KB 126ms
53ms Stylesheet
text/css 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:28:24 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 734908
x-cache: Hit from cloudfront
content-length: 534
x-gateway-cache-status: MISS
x-gateway-request-id: b46ab93bc685b35dc442f3b8f0cebd2d
last-modified: Wed, 15 Nov 2023 06:02:57 GMT
server: Pagely-ARES/1.20.1
etag: "644-60a2aa79c1068-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: text/css
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: iO2C6944O8z6E3Z8EBqMuV_AMpi14U-QoT1g6Or8tfY1tk6FFr4M1A==
expires: Sun, 31 Dec 2023 15:28:24 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 87ms
31ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8512
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"03396a6543cd35a0e73d2b4de150841b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkKPm5msZAhHefIqPezyXnc%2ByQmIBCCZD6mNyuLjD314DqLzb8hCrRSlGznJL4eSeWUKVpzblp10pg3UXJR4d3l1Xmb%2FjYgusrzcrJxgA4qmAK1wJ52VkaxuPcbJDU0GdMfow%2FJR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 83327234ffe29219-FRA

GET
H2 200 jquery.min.js Show response
s44650.pcdn.co/wp-includes/js/jquery/ 85 KB
30 KB 127ms
55ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:55:48 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 906065
x-cache: Hit from cloudfront
content-length: 30343
x-gateway-cache-status: MISS
x-gateway-request-id: 6989f55685faa9ff72749a3fa504a681
last-modified: Thu, 12 Oct 2023 21:20:44 GMT
server: Pagely-ARES/1.20.1
etag: "155ba-6078b833e2300-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: iKCG41oGYRr1wRuSqh1g6HpsMelIUoct-MwCUxz9gQBaDq9Za525Lw==
expires: Fri, 29 Dec 2023 15:55:48 GMT

GET
H2 200 addtoany.min.js Show response
s44650.pcdn.co/wp-content/plugins/add-to-any/ 129 B
719 B 28ms
27ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:55:48 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 906065
x-cache: Hit from cloudfront
content-length: 126
x-gateway-cache-status: MISS
x-gateway-request-id: 7aa8552e1a9ead6bf18bb0006d4cb345
last-modified: Wed, 15 Nov 2023 06:02:57 GMT
server: Pagely-ARES/1.20.1
etag: "81-60a2aa79c1068-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: AiToJebhu_G9rKoSfLm2eRj-Q-rD2xMxxDno4oW1-usJnHK5oz0RoQ==
expires: Fri, 29 Dec 2023 15:55:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 112ms
62ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-TWR2FD2

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d953f759d6d0d41c9a49aabf176048405700ce2b391c9eb12aa5014859e30b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79195
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 123ms
70ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3860458211880459&host=ca-host-pub-2644536267352236

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f608752bff144d97b362ffeb8ab447759b5bc1d64523ce6bdf7ff3381bcb637a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfmag.com/
Origin: https://gfmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51452
x-xss-protection: 0
server: cafe
etag: 12767286244438778523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 115ms
66ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf15e4349c32c6986a79cdabcd22cdcdfae21d5887ec7fcd05eba832181b3274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29938
x-xss-protection: 0
server: cafe
etag: 131 / 19701 / 31079991 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 Fabio-Natalucci-552x450.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 33 KB
33 KB 145ms
73ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Fabio-Natalucci-552x450.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 4fecd340d843e22c8c8404bee9eb1a04cf1536bbcece0b20c55ddf1f015fa36d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:08:52 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 214081
x-cache: Hit from cloudfront
content-length: 33475
x-gateway-cache-status: MISS
x-gateway-request-id: 0d805ef0c134f6d17add59094f773d3d
last-modified: Wed, 06 Dec 2023 16:41:53 GMT
server: Pagely-ARES/1.20.1
etag: "82c3-60bda074d7d7e"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Fabio-Natalucci-552x450.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: X9_FCnvIGqO69zgicwEg-rVYFIBgg-RhqJH8B9UCTImkByx2xbB_eg==
expires: Sat, 06 Jan 2024 16:08:52 GMT

GET
H2 200 Sezgin-Lule-Isbank-768x521.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 35 KB
36 KB 29ms
29ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Sezgin-Lule-Isbank-768x521.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 7da42f6496598bdb9cf8dc2e3f520d0f7c9eca305e129eea0215d5ca660a400e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:58:20 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 279513
x-cache: Hit from cloudfront
content-length: 36334
x-gateway-cache-status: MISS
x-gateway-request-id: d6ff5a794ff8a8300fe1030b00efab80
last-modified: Wed, 06 Dec 2023 21:55:43 GMT
server: Pagely-ARES/1.20.1
etag: "8dee-60bde69ab14ba"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Sezgin-Lule-Isbank-768x521.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: C_Q9A43UUPxjw7Eif7zv8R_eUR7U5n3JZni9FSGnSrEDh6p_SrF2eQ==
expires: Fri, 05 Jan 2024 21:58:20 GMT

GET
H2 200 Amy-Yang-CTBC-Bank-768x512.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 35 KB
36 KB 398ms
398ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Amy-Yang-CTBC-Bank-768x512.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: d92ad37692a4875596423193a63334def39f236e5fbbf49437de0a03c5df3eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-length: 36156
x-gateway-cache-status: MISS
x-gateway-request-id: f8534c6910334e38e1c25c4140445e9b
last-modified: Wed, 06 Dec 2023 21:44:31 GMT
server: Pagely-ARES/1.20.1
etag: "8d3c-60bde41a0b47f"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Amy-Yang-CTBC-Bank-768x512.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: oHcxEJXxIXXxv2NohfLfNU8_lfNf-B85qKbqYRNoVg-cp18QJ1PyXg==
expires: Tue, 09 Jan 2024 03:36:53 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 83ms
28ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css?ver=1.8.1

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2679940
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230074-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpUHkntfx0%2BJ34B5LT%2FDK2kwsNxOPnf%2FAUzEe7DUXFfn5%2BHt%2BWDVynRXhu7TVxtt9vp9VJ3S%2FB4LFFyFFfLdQrO7S8VielFdPwG%2FNK2eRrR9PtjVTibmxJJachbwEOXJeKiLEnek6V%2B8TpMpGHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83327234fff85ca4-FRA

GET
H2 200 wp-polyfill-inert.min.js Show response
s44650.pcdn.co/wp-includes/js/dist/vendor/ 8 KB
3 KB 28ms
26ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:55:48 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 906065
x-cache: Hit from cloudfront
content-length: 2484
x-gateway-cache-status: MISS
x-gateway-request-id: a7328b1e73e7873f075369239a0427e5
last-modified: Thu, 12 Oct 2023 21:20:44 GMT
server: Pagely-ARES/1.20.1
etag: "1feb-6078b833e2300-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: gkL9PHmEjUBzExKnuDzsF18CFtSQF6KtseCu4i-j2o_mObsF9ALckQ==
expires: Fri, 29 Dec 2023 15:55:48 GMT

GET
H2 200 regenerator-runtime.min.js Show response
s44650.pcdn.co/wp-includes/js/dist/vendor/ 6 KB
3 KB 26ms
24ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 17:11:44 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 987909
x-cache: Hit from cloudfront
content-length: 2499
x-gateway-cache-status: MISS
x-gateway-request-id: b8bdcc7daa5085263ecf60a9c5891e2c
last-modified: Thu, 12 Oct 2023 21:20:44 GMT
server: Pagely-ARES/1.20.1
etag: "19cf-6078b833e2300-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: aOe_5jT8nfCVaQBK4ZEitjhSg6foeRyTA0oVJzI-1SdreGnsHnv0KA==
expires: Thu, 28 Dec 2023 17:11:44 GMT

GET
H2 200 wp-polyfill.min.js Show response
s44650.pcdn.co/wp-includes/js/dist/vendor/ 16 KB
6 KB 27ms
25ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:28:28 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 734905
x-cache: Hit from cloudfront
content-length: 5889
x-gateway-cache-status: MISS
x-gateway-request-id: 44ec339ff6d88afeae8d221818b43c0e
last-modified: Thu, 12 Oct 2023 21:20:44 GMT
server: Pagely-ARES/1.20.1
etag: "3f12-6078b833e2300-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Ouj84bbyoHFqTjIRv1Yvp5MkFTV-rpRR4NJoAzbZzFtHjCx2gjg4vA==
expires: Sun, 31 Dec 2023 15:28:28 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 86ms
31ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js?ver=1.8.1

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2489375
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiVDhmii2FKuTNMBAcgIeTez8RVfr9j%2FD1zabg6mJafv63IAy9hkfMkDMVs2rGckRpYCi9Nk9Z5VmHH1ymg%2F25PanFSiWSkMiPtG%2Bm8828WZPtVCuF4HbUei6JGGRXl%2F3%2B8OfhlmZ9RC3vwhZqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83327234fff95ca4-FRA

GET
H2 200 block-featured-articles.js Show response
s44650.pcdn.co/wp-content/themes/global-finance/src/js/blocks/ 1 KB
1 KB 30ms
29ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/src/js/blocks/block-featured-articles.js?ver=1.1.0
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: fe48e033e11e4e0715139ef577aae3761f742894c2cd5e118b6dfba8299c37fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:04:03 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 718370
x-cache: Hit from cloudfront
content-length: 827
x-gateway-cache-status: MISS
x-gateway-request-id: 09a1303765d68b5b0c2cac41415cfad1
last-modified: Mon, 30 Oct 2023 16:32:31 GMT
server: Pagely-ARES/1.20.1
etag: "5e1-608f195ac34c2-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1701459730.962||https|gfmag.com|||/wp-content/themes/global-finance/src/js/blocks/block-featured-articles.js?ver=1.1.0
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: UIQPZNXv5WFJKL-wwU-uBOJ2QZALAP4Enl7egBnSdtl68hKnQOe7ZA==
expires: Sun, 31 Dec 2023 20:04:03 GMT

GET
H2 200 block-category-articles.js Show response
s44650.pcdn.co/wp-content/themes/global-finance/src/js/blocks/ 2 KB
2 KB 29ms
28ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/src/js/blocks/block-category-articles.js?ver=1.1.0
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: f79d6a132171fbb0ace9ff94a05e311a4e97a505bbb3786a7ca0a5e699d8f0d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:44 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 718689
x-cache: Hit from cloudfront
content-length: 1037
x-gateway-cache-status: HIT
x-gateway-request-id: d8a8c8286bfee5271961da1b53283cbe
last-modified: Mon, 30 Oct 2023 16:32:31 GMT
server: Pagely-ARES/1.20.1
etag: "8e6-608f195ac34c2-gzip"
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1701459730.962||https|gfmag.com|||/wp-content/themes/global-finance/src/js/blocks/block-category-articles.js?ver=1.1.0
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: -qMp06mShI-CYKl1iRB6NW-cNG082OWKYSfzEqrhxcE348zHFhDUzw==
expires: Sun, 31 Dec 2023 19:53:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 163 KB
60 KB 83ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPGHSF

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

825fa07eb1ae26fe5bfe505113ecba8b15e2d504ab1dac947595d2ad2a0e5629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60813
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d1627fcb8cbbda33375c8d55dc9ac63de5d473a60cdbebc535a60b6905c7272

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 426 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ede7b9c89881d1241700dc5770df5091744a4ffde441536da6d7bfde6c36ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 622 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0acb3b2e9d33a424eabbcf0c6d8215c9ca17ffd5ca68fc31d8268952cb422dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 774 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 357f0d5f3759055f1c1219568e21ab182b6ec67f44fbdca08f80d201ba90e599

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 open-sans-v34-latin-regular.woff2
s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/ 16 KB
17 KB 93ms
48ms Font
font/woff2 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/open-sans-v34-latin-regular.woff2
Requested by: Host: s44650.pcdn.co
URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

Referer: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Origin: https://gfmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:55:49 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 906064
x-cache: Hit from cloudfront
content-length: 16740
x-gateway-cache-status: MISS
x-gateway-request-id: f9a163cff92c8fc66d6f3982d99ee88d
last-modified: Tue, 15 Aug 2023 14:55:44 GMT
server: Pagely-ARES/1.20.1
etag: "4164-602f75f964318"
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
x-gateway-skip-cache: 0
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/themes/global-finance/build/fonts/open-sans-v34-latin-regular.woff2
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: mPbGb4vTHbtCJPgvy3m7cE5kGd1Jmc66MRQhq6zULQmfc9Rg7BmBLA==
expires: Fri, 29 Dec 2023 15:55:49 GMT

GET
H2 200 open-sans-v34-latin-700.woff2
s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/ 16 KB
17 KB 90ms
44ms Font
font/woff2 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/open-sans-v34-latin-700.woff2
Requested by: Host: s44650.pcdn.co
URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Request headers

Referer: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Origin: https://gfmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:55:49 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 906064
x-cache: Hit from cloudfront
content-length: 16372
x-gateway-cache-status: MISS
x-gateway-request-id: e2fc0959f4497b978647186b8d5f5a4e
last-modified: Tue, 15 Aug 2023 14:55:44 GMT
server: Pagely-ARES/1.20.1
etag: "3ff4-602f75f963378"
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
x-gateway-skip-cache: 0
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/themes/global-finance/build/fonts/open-sans-v34-latin-700.woff2
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: n0kUCAQixw-OQiXSrln9Ebphw_GMMGJRQ1ydgBd-EdJO-iLN8UPszQ==
expires: Fri, 29 Dec 2023 15:55:49 GMT

GET
H2 200 libre-baskerville-v14-latin-700.woff2
s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/ 27 KB
28 KB 71ms
26ms Font
font/woff2 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/libre-baskerville-v14-latin-700.woff2
Requested by: Host: s44650.pcdn.co
URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Request headers

Referer: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Origin: https://gfmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 19:42:41 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 1238052
x-cache: Hit from cloudfront
content-length: 27976
x-gateway-cache-status: MISS
x-gateway-request-id: 7ff3cf9759840f92ec53975e17b4a7e9
last-modified: Tue, 15 Aug 2023 14:55:44 GMT
server: Pagely-ARES/1.20.1
etag: "6d48-602f75f963378"
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
x-gateway-skip-cache: 0
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/themes/global-finance/build/fonts/libre-baskerville-v14-latin-700.woff2
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 8UcQqNKAoitpA_Tb6piAldfW7WS-KAoSIsyIFqM8yMr3Vu-9CiHDsg==
expires: Mon, 25 Dec 2023 19:42:41 GMT

GET
H2 200 libre-baskerville-v14-latin-regular.woff2
s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/ 26 KB
27 KB 97ms
52ms Font
font/woff2 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/fonts/libre-baskerville-v14-latin-regular.woff2
Requested by: Host: s44650.pcdn.co
URL: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Request headers

Referer: https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1701900719
Origin: https://gfmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 16:55:12 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 988901
x-cache: Hit from cloudfront
content-length: 27120
x-gateway-cache-status: MISS
x-gateway-request-id: 41cbd16db6d727b14fd7e5c94645c554
last-modified: Tue, 15 Aug 2023 14:55:44 GMT
server: Pagely-ARES/1.20.1
etag: "69f0-602f75f963378"
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
x-gateway-skip-cache: 0
x-gateway-cache-key: 1700477464.331||https|gfmag.com|||/wp-content/themes/global-finance/build/fonts/libre-baskerville-v14-latin-regular.woff2
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: bBshA9DXdeykvKoigK40e1Zimx3jbCb0YnQR8cUtVLBFRrklk4AhTg==
expires: Thu, 28 Dec 2023 16:55:12 GMT

GET
H2 200 Qatar-country-report-768x432.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 69 KB
70 KB 420ms
412ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Qatar-country-report-768x432.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: e0905f0fbf2667119e46613820895c6d0d4f8a63c260a4279e174a0c4abc8274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-length: 71052
x-gateway-cache-status: MISS
x-gateway-request-id: 3c0f955bd9636882e74fffa8ef3240ba
last-modified: Wed, 06 Dec 2023 19:32:28 GMT
server: Pagely-ARES/1.20.1
etag: "1158c-60bdc69559bc4"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Qatar-country-report-768x432.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: qVrsNm6MCz7UWRCEm4dMyONV5bdlVuiaEl8T72Wj2DvZg4tB9lKU3Q==
expires: Tue, 09 Jan 2024 03:36:53 GMT

GET
H2 200 best-private-banks-2024-North-America-768x432.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 96 KB
97 KB 40ms
33ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/best-private-banks-2024-North-America-768x432.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 961e1cef94148b4f12e1f61a74ac5f161b1adb79192fcebd63661e1f0d74499c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:38:06 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 287926
x-cache: Hit from cloudfront
content-length: 98709
x-gateway-cache-status: MISS
x-gateway-request-id: 68195ff775bcaed264ad23ee4ee41b37
last-modified: Wed, 06 Dec 2023 19:25:54 GMT
server: Pagely-ARES/1.20.1
etag: "18195-60bdc51de08d0"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/best-private-banks-2024-North-America-768x432.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: fruWhO3XiRlibY608g0-nsSvrb3e3D_vYCuUnDdLEBkE5o8LCR3Qig==
expires: Fri, 05 Jan 2024 19:38:06 GMT

GET
H2 200 Panama-mining-protests-528x297.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 45 KB
46 KB 33ms
25ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Panama-mining-protests-528x297.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: c5119e33e1d41315b2862b990d56edaded14591603972283698f4f79556ce4d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:09:46 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 282427
x-cache: Hit from cloudfront
content-length: 46402
x-gateway-cache-status: HIT
x-gateway-request-id: a75d9eeb33783060ac592b1febccdd48
last-modified: Wed, 06 Dec 2023 18:57:40 GMT
server: Pagely-ARES/1.20.1
etag: "b542-60bdbece272a1"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Panama-mining-protests-528x297.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: y-qDHb6VHp9DQtXCu86v95FH1aQ38pWjMNp_NowOER1J7ba1Cs3rMQ==
expires: Fri, 05 Jan 2024 20:58:54 GMT

GET
H2 200 Race-to-Zero-528x352.jpg
s44650.pcdn.co/wp-content/uploads/2023/11/ 30 KB
30 KB 37ms
30ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/11/Race-to-Zero-528x352.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 6425af62abb06ccb1025fa82e7aab707d2cf8d3819b3fbdc64908767ab96f655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:40:51 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 1936562
x-cache: Hit from cloudfront
content-length: 30271
x-gateway-cache-status: MISS
x-gateway-request-id: fb5bd24166b9526a923e6e891228a431
last-modified: Thu, 16 Nov 2023 14:41:04 GMT
server: Pagely-ARES/1.20.1
etag: "763f-60a460267d26f"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1700229090.663||https|gfmag.com|||/wp-content/uploads/2023/11/Race-to-Zero-528x352.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: nMHyl8uIj2FdPjfMDIYvYlP75a6i2dgrAsalQEen4ikNx0fpfw8Akg==
expires: Sun, 17 Dec 2023 17:40:51 GMT

GET
H2 200 Renault-EV-528x297.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 49 KB
49 KB 50ms
43ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Renault-EV-528x297.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 45d13a915fb7477508baeee988363969018a93353b47cef64fe20dfb6338ba27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:09:47 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 282426
x-cache: Hit from cloudfront
content-length: 49968
x-gateway-cache-status: HIT
x-gateway-request-id: dbf17273f76248b63633a05fdaa5921b
last-modified: Wed, 06 Dec 2023 18:49:51 GMT
server: Pagely-ARES/1.20.1
etag: "c330-60bdbd0f7c5fe"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Renault-EV-528x297.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: PJtyFCmUz2AU_70I2fkiPcGjoqCbIFddF9pJh1CovIyXQGE8Y4uZAQ==
expires: Fri, 05 Jan 2024 20:58:54 GMT

GET
H2 200 Softbank-528x297.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 27 KB
28 KB 416ms
409ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Softbank-528x297.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 019c7dc99227e4b25d062b2970ba42b8287c9b57985e050e0c398f55cdcfe421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-length: 27916
x-gateway-cache-status: MISS
x-gateway-request-id: 457b97ff8ba19175a2d56f92f97da1e8
last-modified: Wed, 06 Dec 2023 18:37:45 GMT
server: Pagely-ARES/1.20.1
etag: "6d0c-60bdba5a71416"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Softbank-528x297.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: zZEbVNddrN3u2oLTWsTO_FaPmPBxOHJl8aQQqpNu548TaNvNtcY64A==
expires: Tue, 09 Jan 2024 03:36:53 GMT

GET
DATA 200
OK truncated
/ 501 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5bf75a5690dd3baf21ef2d4c5e638d0943f410d895f6c7b09a96081476a89b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 0B93 677 B
715 B 33ms
32ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gfmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 22073
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8332723548009219-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 03:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kQ2R02aGx712J5Nu82HHRcf0EZf5HdGmojNXhcNqP9cIeacrqBHGMLllZRsTZObahV3xuiWQyRhEFWtmSAyUIK4fzbsKd3KsdHCG8e8xcmvvIzRdqm4ToJ2w1UI9lx5EClSm9FW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.11bfb520.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 80ms
38ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.11bfb520.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gfmag.com/
Origin: https://gfmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14574
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a34c5f06f67d42236ec124345ba1b81c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EifT5paSUoU1AhLcEy3V3eYpboNsEWNUae2EFIVIlTo5GtWsQ%2BM27xtrrxekza6K8ILJk%2BDD9yAD0BUfH6X9PlDT0ocIPlpO7YTTttF8JtH%2FVBlBlSI2qxh1Gv0iN1urUpRl0UhZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 833272358e789b8f-FRA

GET
H2 200 Qatar-country-report-528x297.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 53 KB
53 KB 26ms
24ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Qatar-country-report-528x297.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 74897f1279b7136e21a60cfa8dce3c8f4931b292ddc8ef97a588b499baaf94da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:09:46 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 282427
x-cache: Hit from cloudfront
content-length: 54025
x-gateway-cache-status: HIT
x-gateway-request-id: b585dfaa06dcd591f4914118cfcd614c
last-modified: Wed, 06 Dec 2023 19:32:28 GMT
server: Pagely-ARES/1.20.1
etag: "d309-60bdc6955ab64"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Qatar-country-report-528x297.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 8KIEXG0WDJBzolTjroIjQT4DVe6_oXOad7rg_rLD3eXjvxuYTgEMng==
expires: Fri, 05 Jan 2024 21:06:17 GMT

GET
H2 200 Mauritius-country-report-528x297.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 58 KB
58 KB 397ms
396ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/Mauritius-country-report-528x297.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 802a9a23f19fc30f55fb98ce78c0f360525860fb5bfae57ffe06beac0ebd4290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-length: 59013
x-gateway-cache-status: MISS
x-gateway-request-id: 10384f1914fdc10e5993a9802b5e4887
last-modified: Wed, 06 Dec 2023 19:06:24 GMT
server: Pagely-ARES/1.20.1
etag: "e685-60bdc0c1f3872"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/Mauritius-country-report-528x297.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: qjUsxgP2hYP-7-VsPMudONJTpGxyVeaq9i3-9xvfpsD9Vhx2yPz6sA==
expires: Tue, 09 Jan 2024 03:36:53 GMT

GET
H2 200 ESG-proxy-copy-528x293.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 28 KB
29 KB 29ms
27ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/ESG-proxy-copy-528x293.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 379e9caadbe2cab24c701f8dca57d8b6ad99eaf0bc23e1529be252b0bb34b8d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:31:10 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 291943
x-cache: Hit from cloudfront
content-length: 29039
x-gateway-cache-status: MISS
x-gateway-request-id: dda160396bcc18605033c5bfeafcf086
last-modified: Wed, 06 Dec 2023 18:23:05 GMT
server: Pagely-ARES/1.20.1
etag: "716f-60bdb7138d2f7"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/ESG-proxy-copy-528x293.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: nEWZUjBuB0JsCPDenNg-GA1xTlNj2rwNFvaVSve-kbM9fUTChJzNBQ==
expires: Fri, 05 Jan 2024 18:31:10 GMT

GET
H2 200 split-economy-528x297.jpg
s44650.pcdn.co/wp-content/uploads/2023/12/ 77 KB
78 KB 395ms
393ms Image
image/jpeg 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s44650.pcdn.co/wp-content/uploads/2023/12/split-economy-528x297.jpg
Requested by: Host: gfmag.com
URL: https://gfmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 1fa8c6eb2cd545e71d486ca3c233bacb76f658d8d1f394c14db09edbe847e66b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-length: 78935
x-gateway-cache-status: MISS
x-gateway-request-id: 824ab7d1bd7aa62a26525c145dbff23a
last-modified: Wed, 06 Dec 2023 15:42:23 GMT
server: Pagely-ARES/1.20.1
etag: "13457-60bd9328218bb"
x-gateway-skip-cache: 0
content-type: image/jpeg
x-gateway-cache-key: 1701856716.355||https|gfmag.com|||/wp-content/uploads/2023/12/split-economy-528x297.jpg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: jmQPiHiHauLXEgyaNxhxdAdCLihK5VnbEYAbqa7AcfR2Z1jbyu2Xqw==
expires: Tue, 09 Jan 2024 03:36:53 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 86ms
22ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPGHSF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230053-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-TWR2FD2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPGHSF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d17e31406195c11e06bf5f2704cf4b9bdb47f02076a95cd7a21c0a372b6d85b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79228
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56715
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 11:51:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 82ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BH6J9ZBSBE&gtm=45Pe3bt0v9164349560&_p=1702179413212&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1899175900.1702179413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702179413&sct=1&seg=0&dl=https%3A%2F%2Fgfmag.com%2F&dt=Global%20Finance%20Magazine&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1089
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TWR2FD2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 03:36:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ 399 KB
135 KB 120ms
77ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3860458211880459&plah=gfmag.com&bust=31080064

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3860458211880459&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13219bcdb009060940b61c84773483843999e31ae4bb820ea0d867b00c53dcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137974
x-xss-protection: 0
server: cafe
etag: 1530883545315090945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame C810 9 KB
4 KB 70ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3860458211880459&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 74ms
73ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2949462083623446&correlator=3456200312035571&eid=31080075%2C31079991&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=1011674%2CNEWStyle1TopLeaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C728x90%7C970x90%7C320x100&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702179413466&lmt=1702164091&adxs=640&adys=273&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfmag.com%2F&vis=1&psz=1128x50&msz=320x50&fws=4&ohw=1600&ga_vid=1899175900.1702179413&ga_sid=1702179413&ga_hid=481537146&ga_fc=true&dlt=1702179413048&idt=401&adks=143568643&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bfd1f8db8fc5334df473088cc2750e3c6f0f0ec105e84009c976a619dd87d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17670
x-xss-protection: 0
google-lineitem-id: 6421982376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138456799523
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gfmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 65ms
65ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2949462083623446&correlator=3456200312035571&eid=31080075%2C31079991&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=1011674%2CrightMPU&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702179413471&lmt=1702164091&adxs=1051&adys=769&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfmag.com%2F&vis=1&psz=192x319&msz=160x250&fws=4&ohw=1600&ga_vid=1899175900.1702179413&ga_sid=1702179413&ga_hid=481537146&ga_fc=true&dlt=1702179413048&idt=401&adks=3745361521&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7517a81738105bb9df3701441822e309289f6a0c59250a5c3819b8cb138ddce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17611
x-xss-protection: 0
google-lineitem-id: 6424954970
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138456673245
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gfmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 60ms
60ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2949462083623446&correlator=3456200312035571&eid=31080075%2C31079991&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=1011674%2Chalfpage&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702179413473&lmt=1702164091&adxs=1038&adys=4929&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfmag.com%2F&vis=1&psz=300x621&msz=300x600&fws=4&ohw=1600&ga_vid=1899175900.1702179413&ga_sid=1702179413&ga_hid=481537146&ga_fc=true&dlt=1702179413048&idt=401&adks=221594238&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ab9b85e450246849ede9be47f69eed56ccd55498d0ad2b0953909af1fc4c26f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12939
x-xss-protection: 0
google-lineitem-id: 6387151576
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138447524396
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gfmag.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F19 6 KB
3 KB 99ms
33ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 03:36:53 GMT
expires: Mon, 09 Dec 2024 03:36:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct
t.co/i/ 43 B
377 B 184ms
131ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=8b270ee2-b1a5-4fd6-b9ba-089819b0d8d3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7cc0e852-10c6-407e-b52b-676578ba1a96&tw_document_href=https%3A%2F%2Fgfmag.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz2r7&type=javascript&version=2.3.29

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 109
date: Sun, 10 Dec 2023 03:36:52 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f4fec7ab961dd090
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 67bd202a4e082b11688a050d3fcc08cb48f208885778985f829ee6779f347a12
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 253ms
189ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8b270ee2-b1a5-4fd6-b9ba-089819b0d8d3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7cc0e852-10c6-407e-b52b-676578ba1a96&tw_document_href=https%3A%2F%2Fgfmag.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz2r7&type=javascript&version=2.3.29

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 167
date: Sun, 10 Dec 2023 03:36:53 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8b0525be7a0d7d85
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 419c6d8a03d762e1e8a7ea2ac1b9ba7d8bc7680774b1add5e84dc7e8ebdd1661
content-length: 43

GET
H2 200 container.html Show response
e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 051E 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 03:36:53 GMT
expires: Mon, 09 Dec 2024 03:36:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A12B 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyzk1c3j-5thqK5i7fuFWSu-aIZoPVb_Q17Ri_Hkzvariym41LVApfZL0v-nZidT884mvVTJ8U_1lE3l6Yi2waW0eIBuie0fofym0-VnJZLYyupE2sCBUrzExxYEejr17c-OBk4D-33WasXKrcP9VrOwAGhjf-QtvLPdAR05zkKwjI-I_NvGhknm5RhLckkhAfksj-xbGaT55TlHgUGLvwpCNXSQLnpo91RGcs80QYeX-aOv4iviPmURj8WY93vyuCTpsPMHhTxIYBqkUmQ0i1cO3f1kIF2n0GZdBmnJQAGhwqgDdeYAYlJq8&sai=AMfl-YTZydQsr8w9OEwuEaHvFe9yjDSud7rwYZVGUYL7cqnhnSLU3RHbHR7RVFEPdnhl6ZA2DiYzNutsz1i9KUC7Tnu9VALEM5TDkrin3o05nVuwl8uu6d8mtIafAq4Pc1XWRny7F5xmgvdNV1hiYsxSQpNJU1kxKnKJEYH5dyU&sig=Cg0ArKJSzC6c_o0KmdlJEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A12B 3 KB
1 KB 77ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 22:01:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A12B 202 KB
64 KB 87ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 16436310541987325485
tpc.googlesyndication.com/simgad/ Frame A12B 90 KB
90 KB 78ms
27ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16436310541987325485

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ed7a5317accc5c509fcac2b2d21481eecf500356eefc1ebc4903b76e17e3738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:11:56 GMT
x-content-type-options: nosniff
age: 77097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91826
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:29:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 06:11:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D09 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu24xIR5mLYSJq-eNSHW1K8in-RVF_fZfN8iSu1JhHs3GsLXuZXaf2piGp3ON20Ze-3iGgmj4ulzMfJVOww7krx-cnvbS0bPziiyytha974ifyJZU66CXHVezsN2ts4ApVlKlYqOvTmNleM5IOlOf1M13KUmpVHq-K-73AdahiFepQD5kMdUlrvs6-XX_Ia8PyyC_2tiMu7iSyTacjcVMHMD7JINaH4n7nyeiiilOpwVZ1pV6uOnTAF8u_3mFpDrBQ8kd1nULC6UqdwhLJC3OXVX0T993RTlUx8PN3q9V2BetUPvY8LZhcByBf4eFk1ipDEZb7GUOYHODQ&sai=AMfl-YQFIDAjkdfxtNCn6tgIlwWlAFfJdNIJwgEsm0h42TmJrymSVAklA2S1lFPKNztt1CV4mdEjalHA1rEuFpO4Ib_QscJEwiJYh-wFxt2mxqUP2QEY8ItwaZEdU4VnTIHwayQgC4xadbsjJsz84zC6Z-rZ7uD_1DmNWyXC3g&sig=Cg0ArKJSzA1n8UbscwDBEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: gfmag.com
URL: https://gfmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7D09 3 KB
1 KB 72ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 22:01:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D09 202 KB
64 KB 132ms
87ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 15962333768991700964
tpc.googlesyndication.com/simgad/ Frame 7D09 286 KB
287 KB 119ms
74ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15962333768991700964

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

422ba4d30f810d3f3d3ff8efc1f8be0f3c6e410e63bf41e7f94bd4e4bdabcc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:28:42 GMT
x-content-type-options: nosniff
age: 112091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293369
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:33:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 20:28:42 GMT

GET
DATA 200
OK truncated
/ Frame A12B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88b7701b1c7fedfafd659d3a825d97d99747378d83ae5670d540829c42286389

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7D09 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3a0ec42880479918888bca664d677c1a0d0fd205e38d98e9ea49efacc256fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 051E 24 KB
7 KB 52ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com
URL: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 08 Dec 2024 00:37:25 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 051E 18 KB
8 KB 52ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com
URL: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 02:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 10 Dec 2023 03:48:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 051E 202 KB
64 KB 98ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com
URL: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E623 603 B
65 B 42ms
42ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3860458211880459&output=html&adk=1812271804&adf=3025194257&lmt=1702164091&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l&format=0x0&url=https%3A%2F%2Fgfmag.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702179413399&bpp=1&bdt=351&idt=219&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2aea31e54817d8f2%3AT%3D1702179413%3ART%3D1702179413%3AS%3DALNI_MakBpTc6qwMfdxr15ZTFq00CnuA3Q&gpic=UID%3D00000d1118d999ea%3AT%3D1702179413%3ART%3D1702179413%3AS%3DALNI_MaCuF4bnixNRKHVHQ1yW4JH-RuVuQ&nras=1&correlator=5329504274681&frm=20&pv=2&ga_vid=1899175900.1702179413&ga_sid=1702179413&ga_hid=481537146&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079864%2C31079924%2C31079979%2C42531705%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=2949462083623446&tmod=138095638&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3860458211880459&plah=gfmag.com&bust=31080064

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 03:36:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 051E 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupYNX_5SpseGPvgIhXqqn01ejtMQ50MK8t9P3Ir4x7JTOe7YNSdo6Eg6zCs0eemxNg-hxMDMk3zI5znZXk42LaEO0nJJDT2pzEHmL9unMPu9blXDhtqlUUGtFiKe8l4Hj3TIzegT7GKtBwdV-3FGWb-WEJxMwgmBOC9gJsWrGW3gyoNYvwoOWoMwbZoHlvDGCIpaIxp5sdCPh_IkgCcg-3UBWfpTRo_3ibNbMQj8L_nvu2jz66xwV0oauXhaTzqwDd2qYgoQiBxEyi__V-BO5GRlTly32uUYrUdmcCGuqAHdxl6QbhhmGv9YYZclKK&sai=AMfl-YQowvFt4L6JASoJaqKp999SqkzXTyuhSfUe3fVemj9VTv5ZPo9rVM6gCE2vaS6bpubi7pW5nGLsmVNeS3K6dyOncHb86OnU54oWaF2bm3VOdEM0-CRRcsrinx1BYyETCbm6DUdx8gzkMciGgA0_jKEqQSFH1DSXxK1kTQ&sig=Cg0ArKJSzOXZPYe75ripEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com
URL: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 051E 59 KB
23 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 02:00:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A12B 0
0 101ms
59ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0R-_mJRVjzmtNrP-_cjtMMWW79iU7T8xwoaJ7ZW-4AWFEIyKCzXm7oNnNfODKeZr0No3-klvvVVrdyHyES2s1SUmtQLRbv8aWIgRiFSr1aJJgqgGii73kmt-AFjOJKUTNi0ymuf8TOfjZA5AzAv8eiLHRBSgwyyu-xXZy86lQKeoiCYf9c6A1YfCEs-4tym2lZAqoLejNCj0pH2It_eXHh4Z0zVOtTVhXSV84D2_lfGq_rdYE_tecCCuAkfxvEYs_fkffXUJiicTCSZY9QaIu9jnsmVmtJ3sreOtjnZzrdySPtCmcuVFaHnCBnA&sai=AMfl-YTt9uH6A9xqdAPdPjq1UZJhSUSvD5yLGlTtdsllIibr9M5zaJ5Jjw4kVePQ435YI53NdLjw6a2ht1_1AknKxNs9Nxo93QOJsrCjSXYnatS22Fw3dc-l5pop45K4ehZECVx4Lf8-9qsr0xTkpHrOCA4xg_0ZLI9INAHBxbI&sig=Cg0ArKJSzCeq3eF-CZhoEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 B29863637.372906583;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=2539895705;ord=8sspnn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstPihGEtdkmCZ6tBxhJit95RgTj26OoriouZd1Qpgn-... Show response
ad.doubleclick.net/ddm/adi/N126810.126093GLOBALFINANCE/ Frame 8566 69 KB
31 KB 120ms
61ms Document
text/html 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N126810.126093GLOBALFINANCE/B29863637.372906583;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=2539895705;ord=8sspnn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstPihGEtdkmCZ6tBxhJit95RgTj26OoriouZd1Qpgn-EivC7c8_J_fiTApbmsmfD84AnRrI0R79ydIFDretGUNF9Xo1FKnWoskRgsoxJ31M5qCH6ul5hInLPJWavwFuelTsV48I-XSsQkqF3tLMuXL0ORQ14m06Ev44mB-9QTvrtRmqeF18NrC9bjvtzUtuPVdY8rx6AEkhr6LTLfAAiaOITToUOf4VGfL-l7-DmG5l_cMkikaraioMWM1g9-u2btmBWlomsIomY2g_oYLNarWjQnlr_xFZe76kgNW3kpJaGZy7qpi5fVrj2dtm%26sai%3DAMfl-YTyAa5Fy6RCPKsXsMQ46fp1UQaCEfzlRf96OLbcXrMZDdAoPFR1966bdB3U6hJ9eDNHgShkbLpWh8NAcByqNTIj_hR7NkUhNEbv2lvIj9-FLKZvvlczsQzshpEYx7esIFLchcGpszmM044BDjB8cyfuStX17z73_LZ1hw%26sig%3DCg0ArKJSzOgIGfFs8OBfEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fgfmag.com%2F$0;xdt=1;crlt=AoPcB5XhCp;stc=1;chaa=1;sttr=80;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

9a8c81265bbebd3f46885df79b0fee52c2810d4ce0ae81483ec71d1ed5022193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 31625
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 03:36:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D09 0
0 69ms
58ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdW-EOIlRW4rSlbobXC86Q1iz7YFrY3M8x8QxMGV6HCLpqpYvX-oNN6aTb72-Beb5xa1MRIs4HmnPEabpBITKa-vukYsQ1VwmVsFA7Wzsthjepds0-WMeuc4klnept-87f9y6SMpYpasveOuEZ5YsrwbbKbVP439nIN-FSPp0QXQ47MzDxrwIySbwz--Oit_n7dYY8Lfq8ihzYbC4ECF4_odPZtwFthbo9DS0IDm-QOOFRQmUh4DftWlgmJAvDFkkjlVSZ2K1zalwxQrpKA2gSrAuV22Hd-v6rDnGSUcX5kzgo9E-_En9fpG7fg1P80L_nV3uR6QdlIwkqsg&sai=AMfl-YSL865D50ArMt0DtRPJcYxeUlPncV_H2W7UsEsAo41vAGwDUhBfgj8NL6PJ_lGuVJtiQw2tCulLLo19Do9g-4hu7BRsQi2EgMLLTmXXeXTBx9h6DOqLR5T3iLkx4pv7UDqxELvjkgGb9_GJr5l0jtd-v9r2q8f_Fa9B9w&sig=Cg0ArKJSzLmNsbwhQwL1EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 051E 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukIh8WA32_Wo2yrdKYYryvDkODXvt7Z4xg9NdtgfWhnM1wcFTwhzsmYi0E3Yp7Uz6ns7374Y2IKEMio3hezmPk-laNHLy0GzArn8WNF3g12FnckN-gVCp6QBAUq0xvo2m1fNZAX2MBJDwim05klyGQt5Q9wHY77U93s78yA8U-YGSdsXve3a60beFRipGBxvmyuyR6Z63UaDWv8bfjwGyDmi9miza8meqo_EO2C8fcqelQWkgYiLhhXfCMS9bMKqwWUpYxKP2IBhyR1dereRrtaC-bhlZSqA4ShPAhNNcMS2TPLqmVYelpfbzNnXjr7TI&sai=AMfl-YQRt2skw-sM7MzIVuT1KatM4_ivVujwTswAnhzdn5BBHYNFXQErZp6PYH-9yAliuqAtM19aPmT-fSofAfkasqn7TuA2OxUR2bsAbXTMcNVj3ojWWNyclb-_0Pnzehv0hxNc21UDY57hDaqzzXLfqyHaWJ0X4g2SQlbQHQ&sig=Cg0ArKJSzPQz9Ul41M2SEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
DATA 200
OK truncated
/ Frame 051E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e25e131653bc7d775e309f778d9c612f7a91277008c101b21e5a48399184ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10228189567004082737
s0.2mdn.net/simgad/ Frame 8566 109 KB
109 KB 76ms
22ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10228189567004082737

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N126810.126093GLOBALFINANCE/B29863637.372906583;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=2539895705;ord=8sspnn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstPihGEtdkmCZ6tBxhJit95RgTj26OoriouZd1Qpgn-EivC7c8_J_fiTApbmsmfD84AnRrI0R79ydIFDretGUNF9Xo1FKnWoskRgsoxJ31M5qCH6ul5hInLPJWavwFuelTsV48I-XSsQkqF3tLMuXL0ORQ14m06Ev44mB-9QTvrtRmqeF18NrC9bjvtzUtuPVdY8rx6AEkhr6LTLfAAiaOITToUOf4VGfL-l7-DmG5l_cMkikaraioMWM1g9-u2btmBWlomsIomY2g_oYLNarWjQnlr_xFZe76kgNW3kpJaGZy7qpi5fVrj2dtm%26sai%3DAMfl-YTyAa5Fy6RCPKsXsMQ46fp1UQaCEfzlRf96OLbcXrMZDdAoPFR1966bdB3U6hJ9eDNHgShkbLpWh8NAcByqNTIj_hR7NkUhNEbv2lvIj9-FLKZvvlczsQzshpEYx7esIFLchcGpszmM044BDjB8cyfuStX17z73_LZ1hw%26sig%3DCg0ArKJSzOgIGfFs8OBfEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fgfmag.com%2F$0;xdt=1;crlt=AoPcB5XhCp;stc=1;chaa=1;sttr=80;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026dcc63c26a2dab47b2728a729ac583ca1ebea5a630da456f4981106e1feecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:15:09 GMT
x-content-type-options: nosniff
age: 8504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111155
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:33:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Dec 2024 01:15:09 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/xfa/ Frame 8566 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

accd286d5615ed70f6e559aced46cd395dec1ef331923df53b38118908b763e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4295
x-xss-protection: 0
server: cafe
etag: 4396225862294152759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 8566 11 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8566 202 KB
64 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 03:36:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8566 0
0 114ms
60ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoRaSpLdqH_mVjOaYqweScMr3q_WlpYMdWy_B8NQMz8RvsrqtkAWgaHOnsAlsxNN1zIgCG0UL_cM09-cTGyWzgdcKT5whiQBU6nikd1s5gOeQ1HGQLGlTuHlxik82IzUChu0NbUoWs6QuE8rugCjQ_4fG_rfSCxA&sai=AMfl-YQIulHabJsVMVsDN_Mb6eyOUOWXFYx3CXD1-18M3TQffMl7uBsQt2Esncsg3Acg1VagPSdNjRTMICk1589ibDLwxf1kzfTJ5sN1Vg&sig=Cg0ArKJSzF6jEurjGbh3EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.79194&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

firstevent
pncbank.demdex.net/ Frame 8566
Redirect Chain

https://pncbank.demdex.net/event?d_event=imp&d_src=472420&d_site=7162507&d_creative=196223009&d_adgroup=563818644&d_placement=372906583&d_campaign=29863637&d_bust=281411756
https://pncbank.demdex.net/firstevent?d_event=imp&d_src=472420&d_site=7162507&d_creative=196223009&d_adgroup=563818644&d_placement=372906583&d_campaign=29863637&d_bust=281411756

42 B
723 B

50ms
50ms

Image
image/gif

52.213.168.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pncbank.demdex.net/firstevent?d_event=imp&d_src=472420&d_site=7162507&d_creative=196223009&d_adgroup=563818644&d_placement=372906583&d_campaign=29863637&d_bust=281411756

Requested by

Protocol

Server

52.213.168.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-168-6.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-06db7c088.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Sun, 10 Dec 2023 03:36:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: D1s/VuDGSxA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-099548ed2.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 10 Dec 2023 03:36:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: LMtuAOBRSIY=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://pncbank.demdex.net/firstevent?d_event=imp&d_src=472420&d_site=7162507&d_creative=196223009&d_adgroup=563818644&d_placement=372906583&d_campaign=29863637&d_bust=281411756
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8566 41 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8566 8 KB
6 KB 65ms
65ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8981bf79b1a580428def1ab7fbd8d622467babf349cc99e100aa2339f8839a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5956
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1952 38 KB
13 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 03:45:48 GMT
expires: Sun, 08 Dec 2024 03:45:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1952 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8566 0
0 60ms
59ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoRaSpLdqH_mVjOaYqweScMr3q_WlpYMdWy_B8NQMz8RvsrqtkAWgaHOnsAlsxNN1zIgCG0UL_cM09-cTGyWzgdcKT5whiQBU6nikd1s5gOeQ1HGQLGlTuHlxik82IzUChu0NbUoWs6QuE8rugCjQ_4fG_rfSCxA&sai=AMfl-YQIulHabJsVMVsDN_Mb6eyOUOWXFYx3CXD1-18M3TQffMl7uBsQt2Esncsg3Acg1VagPSdNjRTMICk1589ibDLwxf1kzfTJ5sN1Vg&sig=Cg0ArKJSzF6jEurjGbh3EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=122&vt=11&dtpt=121&dett=2&cstd=0&cisv=r20231206.79194&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1952 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTwqjVTJ1Zb_YMa_H1PIPubeJmA0AAAAAOAHgBAI&bg=!Dg2lDULNAAY3kmNgF5I7ADQBe5WfOCLWzBcFkkg4xMBp-thmB1yzp-fKDBm7RAzCTnBPRNy9dI9g7akomDAzHEGDRkNsAgAAADJSAAAAAmgBB5kDbP3GVW-Zen2d3tivUnJ5ZU62FrdYGxZ3Y3UvTlV5D1BpQ9RKnIthJEErOm3l2CBCMr_kSs0xqMyOI1RTda079zg8YYj7sni3Z_QlvlRMmkSv6cLdyZOB5NFetgJcogFor7TMi5zSMUSZlM4jB1QsigbtaZ-CDq_W4PSZwIwHx3ovEAZgM4rNJT5IxjU25rH6HGFxUO91lfM-P0cTw832oBwmZDdgPXRGcpmsUQhldp3WI7gUmkk9adHgJ-YHQXvEGWWwnzjg0Pw5dZFiNYhJkDEh6ujqbIWy6yE8GznQEmAEt80-c3V-FMXI5-9MxiOcVPxFIbe3DNlQP2gJnI4iCb5nYaIvs-kOT4yvCf5liqEg6DNMtmJ14qV4IQKIlBrI3WRITeHLEn-4W3hkOk1pRhp4O4bOg-R9xMRqQ-XEnx3V5gKS2sOqwV7mAtNlpGqJH20aeBbFEXSFNZ7yZeZXGirwNeNP78G4N5oq25rl4lW6nkSAhmTwMxrWYhxEOYO-Ri8UgYsXaWguWhAQuNOQCHoNlMmWuZO5tSenbd9EdAcNfhgYFSUZMKdVU-grac8JRaRa1B0JABqHEkYnKW7wZQthxOr7oIvPqro6IvDPdsONf-8TLqS1cfcYsXlsAEBdIiJvZSQUgYwymkT5QpblZKTWdEMF5Q2vnqwo_Or_uz2v9VeajYjeHKhEWTAnTV48owBv7ZdTZtxFmIANsDUeseyE5XZvKK4n66LRj3uZm24MT6ymV2OzBLbeTsoTN0U9IvWkBYbyg7a8KNhqT0HO7bw3lhfCBKtWfsatbP0vLCnzmZm0fpRosgAoPu1tRemae2yQcJlPaKfnOqxzHa4LcsMIw6R1V_rZVP8igQrG1Bm94UHECMF1UxJRpOuOw9DS2iwV3IddnAPwNWAnLsfK7-7ljmyPkQmBsVukNSutooluVP3Vx2nlM2XTXuGimZJVsBoBsBRME_B_xj_87wp0-Nh3MrxqaVw_Bf4ZyamE4UZ_SKqumEMM38jiYeiJujozxqn1sSPZbMDE27lB8dF1khLm1o_ZfmyyAEFM3Xp-i1a8GuL9TzdPH43Vs_WwL5HaFC_qOfVzN5OSrq1B6VMELU_30VR6kNRsJjXnlfEezxIm1EhRou_F2CJBgdgWGjdaaXeyoVhGTYkFhwK9QQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 03:36:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8566 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 03:36:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d2ff0df5761bc862e3d5b9d73c7fc4258280f6c5fed542fc3343da8803ab3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12259
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A1FD 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 03:36:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C7F9 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 09A2 829 B
1 KB 88ms
33ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13dfd44dd6c1d6bbeb85072cbffcec8df37cdf00592cb35b33af961fa8f44ac1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tASZ7EjVbmKtY7OBvI_ziA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gfmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tASZ7EjVbmKtY7OBvI_ziA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 03:36:54 GMT
expires: Sun, 10 Dec 2023 03:36:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C7F9 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 14:01:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C7F9 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HDSMrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 03:36:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 09A2 0
0 54ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=2949462083623446&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A12B 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswdGsfdeRYVCBi_xn7mzaHNwGpJfFZFJyMDNDHxUNBx553dFlHslvs12yY2K7Akx8gY9mrHm6H7BnpcX1qjA8UuFldyTXrXbsyDyf7iAhTMU3fFS3vuyOXU_coCe7Y3sv2mLi5vd5fTA&sai=AMfl-YRVWuLBTwuf_4W9m89tNZBwO6TRjZUtHJyr8ovDROPgez0MeRU&sig=Cg0ArKJSzDx9fLVJxiZvEAE&id=lidar2&mcvt=1000&p=968,1051,1218,1351&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.92&vu=1&app=0&itpl=3&adk=3745361521&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702179413557&rpt=153&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 03:36:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D09 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveqwV1KtAcOIPtx6Zeb6TR2LaLy2J95Xl4fpDKKSHz0KTh-No2lDuBVxGRr6axsyWY0pVVejXAAyd-SwMQbp-HphgT-l90gp6DEqlaIrr3iAlM7GIFzNUxpHle5VKfDAi_XtP2ACu1rQ&sai=AMfl-YTEdgc-G3Ubb5ZU8gplf6rcHAenIb-X-HKd8n9ZaVTonIAD54Q&sig=Cg0ArKJSzEvfVz1xUDJbEAE&id=lidar2&mcvt=1000&p=273,315,523,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=143568643&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702179413569&rpt=172&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 03:36:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=2949462083623446&bg=!9_Sl9LvNAAY3kmNgF5I7ADQBe5WfOB2G6ySvF4Th5NkucIrVR-RnOFCNK7jhGv0OdeR0BEiMPw0Q829X-qwIchUFG9LKAgAAAC9SAAAAAmgBB5kC8g8nx2QDSg3ynNa_pMHk0CHI1nv9uGcB60LBgz6SQm5Xt11itkIK_bmLjr74o92BhHTpwaXF6nbgz_xYblH5c9-DCtmtKlUo-HgJoQLxx_FhPaPfNzAiZ0KDuIdk1o-LKm-_ZfNBkXK7omSGA1K07zCCjIZpwU2JpGsUZLAnJ3p71sVaEumIFBy3j4Efa9DwlUcaRDjY8k5kISiWsKSTbKWoNw5uoqpOZy0D3XJPGzGshcNQBVsgDqa5aVULPA_My8_a45Nx-__WMqq_BzSd6SbnQq3QUZGweamIn15urhdkGzPwteHJ5LZ-V3D7uFJk7-t9Vr1U6J6gpTBQSy_H2lKjYS7c7JXW2XBezy3Abq63EogYM7CnWX0pG84p1oMLWdMem7ozTQzv8CaEVE8e6Egca0BDGjiRDsQsRcOSAu25-yDQ-Wwejf7HWh74MDCxOgty57dxVs3CnNVwJmCgvC8NzvPYoDlqMQEN78jEAU4s950mVHnndsLgg5E3sWVKeRkP8krEl4cfocKus8Dsf2sDhj8ppLb-puxpPIeHu-F555RbWLduOBA_BmLnkAfrjD5Z7x4qEP26CQc9JYsMlrwuxNvYLzBe9Lh6HYnpNuVy0CnhjmQTzJWj6jlmEKw5mFrlQlPaBx1rVSG7XsVXNWjyr9xDgBwrcCzpa6adWUaV0NgGHMoI1sYam_HTaIaRVpcXXz5Dl9mSA21ePanqj9U7Wc78zJ2gJnhVkv6syV8ntY0sx8X-uduGSgHv_ak57HeCavArruNSr932QHwEPCZmPIX4WjtrVjLYOPvjoz-IYMtllrB087X7cU73b3AI8pB5YEZsEuxS5LF3N2_PIylkHzLbTmDdRgEEQkHeUdQBRA6IdPbDHzfWrTlgnrYAMrzHx7rYvg05geDK-xxXLVVv6e4cYAOcpuA9RZOLvf0f8-UaWiuPyzRHKDsds0RLXWZJz1k9Jpt3kd-lycTLo728VUyHOnPu-VX9J7p6TO-gK7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gfmag.com/	1970-01-21 02:25:39	Name: _ga_BH6J9ZBSBE Value: GS1.1.1702179413.1.0.1702179413.0.0.0
.gfmag.com/	1970-01-21 02:25:39	Name: _ga Value: GA1.1.1899175900.1702179413
.gfmag.com/	1970-01-21 02:11:15	Name: __gads Value: ID=2aea31e54817d8f2:T=1702179413:RT=1702179413:S=ALNI_MakBpTc6qwMfdxr15ZTFq00CnuA3Q
.gfmag.com/	1970-01-21 02:11:15	Name: __gpi Value: UID=00000d1118d999ea:T=1702179413:RT=1702179413:S=ALNI_MaCuF4bnixNRKHVHQ1yW4JH-RuVuQ
.doubleclick.net/	1970-01-21 02:11:15	Name: IDE Value: AHWqTUn23Sr7t2VUaWaOK_dfPWSznGiidRB8BVsbmaAclZZKM44m-2gyZiiZDavca7w
.t.co/	1970-01-21 02:25:39	Name: muc_ads Value: 69b69d44-d2d2-42eb-9d81-16ca5644b240
.twitter.com/	1970-01-21 02:25:39	Name: personalization_id Value: "v1_3j93VW4zojpUDnWrJ08Hfg=="
.doubleclick.net/	1970-01-20 21:08:51	Name: APC Value: AfxxVi7yWI-uFvymun6Cx_EaccX-PygbiTk-hFSoNwao2itRDnhfyw
.demdex.net/	1970-01-20 21:08:51	Name: demdex Value: 11845095547551926082254182792441488158
.pncbank.demdex.net/	1970-01-20 21:08:51	Name: pncbank Value: 11845095547551926082254182792441488158

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://gfmag.com/ Message: The resource https://s44650.pcdn.co/wp-content/themes/global-finance/build/index.css?ver=1.0.0 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
analytics.twitter.com
cdn.jsdelivr.net
e1cd468364ffdb9a1870c319110a2ac0.safeframe.googlesyndication.com
gfmag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
pncbank.demdex.net
region1.google-analytics.com
s0.2mdn.net
s44650.pcdn.co
securepubads.g.doubleclick.net
static.addtoany.com
static.ads-twitter.com
t.co
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.244.42.131
104.244.42.5
142.250.185.194
146.75.116.157
172.217.16.134
18.66.122.94
2001:4860:4802:34::36
2606:4700:10::6816:46c5
2606:4700::6810:5614
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
3.223.56.46
52.213.168.6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019c7dc99227e4b25d062b2970ba42b8287c9b57985e050e0c398f55cdcfe421
0200022aa1af57eeefa8e6a4365ee7d9a4ecbd7155e50146c64d74f0e405ec61
026dcc63c26a2dab47b2728a729ac583ca1ebea5a630da456f4981106e1feecb
042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0acb3b2e9d33a424eabbcf0c6d8215c9ca17ffd5ca68fc31d8268952cb422dd5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13219bcdb009060940b61c84773483843999e31ae4bb820ea0d867b00c53dcba
13dfd44dd6c1d6bbeb85072cbffcec8df37cdf00592cb35b33af961fa8f44ac1
1fa8c6eb2cd545e71d486ca3c233bacb76f658d8d1f394c14db09edbe847e66b
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2ab9b85e450246849ede9be47f69eed56ccd55498d0ad2b0953909af1fc4c26f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
357f0d5f3759055f1c1219568e21ab182b6ec67f44fbdca08f80d201ba90e599
379e9caadbe2cab24c701f8dca57d8b6ad99eaf0bc23e1529be252b0bb34b8d1
3a814e97bee122a36f6ca55f04195d1dd97afd85ecdb133a1624d5635a4091a3
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
422ba4d30f810d3f3d3ff8efc1f8be0f3c6e410e63bf41e7f94bd4e4bdabcc9b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45d13a915fb7477508baeee988363969018a93353b47cef64fe20dfb6338ba27
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b586b6f0a48a442ad9f4512f0b31e18fb5168b0e47dbe7747c821f1fc88931b
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4fecd340d843e22c8c8404bee9eb1a04cf1536bbcece0b20c55ddf1f015fa36d
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d1627fcb8cbbda33375c8d55dc9ac63de5d473a60cdbebc535a60b6905c7272
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6425af62abb06ccb1025fa82e7aab707d2cf8d3819b3fbdc64908767ab96f655
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
74897f1279b7136e21a60cfa8dce3c8f4931b292ddc8ef97a588b499baaf94da
7517a81738105bb9df3701441822e309289f6a0c59250a5c3819b8cb138ddce3
77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187
7da42f6496598bdb9cf8dc2e3f520d0f7c9eca305e129eea0215d5ca660a400e
7ede7b9c89881d1241700dc5770df5091744a4ffde441536da6d7bfde6c36ebf
802a9a23f19fc30f55fb98ce78c0f360525860fb5bfae57ffe06beac0ebd4290
825fa07eb1ae26fe5bfe505113ecba8b15e2d504ab1dac947595d2ad2a0e5629
88b7701b1c7fedfafd659d3a825d97d99747378d83ae5670d540829c42286389
8981bf79b1a580428def1ab7fbd8d622467babf349cc99e100aa2339f8839a37
8bfd1f8db8fc5334df473088cc2750e3c6f0f0ec105e84009c976a619dd87d73
961e1cef94148b4f12e1f61a74ac5f161b1adb79192fcebd63661e1f0d74499c
9a8c81265bbebd3f46885df79b0fee52c2810d4ce0ae81483ec71d1ed5022193
9d2ff0df5761bc862e3d5b9d73c7fc4258280f6c5fed542fc3343da8803ab3fd
9e25e131653bc7d775e309f778d9c612f7a91277008c101b21e5a48399184ea9
9ed7a5317accc5c509fcac2b2d21481eecf500356eefc1ebc4903b76e17e3738
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
accd286d5615ed70f6e559aced46cd395dec1ef331923df53b38118908b763e0
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b5bf75a5690dd3baf21ef2d4c5e638d0943f410d895f6c7b09a96081476a89b7
c0f501620f90b646a1d1d1ec751309870170dfa2f0497adafd5367ebedf448e4
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c5119e33e1d41315b2862b990d56edaded14591603972283698f4f79556ce4d4
cf15e4349c32c6986a79cdabcd22cdcdfae21d5887ec7fcd05eba832181b3274
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d17e31406195c11e06bf5f2704cf4b9bdb47f02076a95cd7a21c0a372b6d85b2
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d92ad37692a4875596423193a63334def39f236e5fbbf49437de0a03c5df3eb2
d953f759d6d0d41c9a49aabf176048405700ce2b391c9eb12aa5014859e30b05
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e0905f0fbf2667119e46613820895c6d0d4f8a63c260a4279e174a0c4abc8274
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a0ec42880479918888bca664d677c1a0d0fd205e38d98e9ea49efacc256fa8
f608752bff144d97b362ffeb8ab447759b5bc1d64523ce6bdf7ff3381bcb637a
f79d6a132171fbb0ace9ff94a05e311a4e97a505bbb3786a7ca0a5e699d8f0d3
fe48e033e11e4e0715139ef577aae3761f742894c2cd5e118b6dfba8299c37fb
ff05f669c0454626ae058da99e275b7621f1662aa9da9f197d3d85c6050edc2e

gfmag.com Open in urlscan Pro 3.223.56.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

99 %HTTPS

58 %IPv6

15 Domains

20 Subdomains

20 IPs

3 Countries

2491 kBTransfer

5369 kBSize

10 Cookies

5 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gfmag.com Open in urlscan Pro
3.223.56.46 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

99 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

2491 kB
Transfer

5369 kB
Size

10
Cookies

95 HTTP transactions
8 data transactions