commercialobserver.com Open in urlscan Pro
2a04:fa87:fffd::c000:422f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD...
Effective URL:
https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD...
Submission: On November 15 via manual (November 15th 2023, 2:58:44 pm UTC) from US — Scanned from DE

Summary HTTP 162 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 63 IPs in 5 countries across 47 domains to perform 162 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:422f, located in Ireland and belongs to AUTOMATTIC, US. The main domain is commercialobserver.com. The Cisco Umbrella rank of the primary domain is 212620.
TLS certificate: Issued by R3 on October 9th 2023. Valid for: 3 months.

This is the only time commercialobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 22	2a04:fa87:fff... 2a04:fa87:fffd::c000:422f	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:7711	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e0:... 2606:4700:e0::ac40:6003	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	23.192.241.163 23.192.241.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:225... 2600:9000:225e:ea00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.39 13.32.27.39	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.45 18.66.112.45	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
13	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.132.59 13.224.132.59	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:b07e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:c200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2 2	207.198.113.205 207.198.113.205	13768 (COGECO-PEER1) (COGECO-PEER1)
2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:710... 2a02:26f0:7100:997::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:7400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.154.35.51 54.154.35.51	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	167.235.124.59 167.235.124.59	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	52.222.209.4 52.222.209.4	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:a07e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.5.10.16 3.5.10.16	14618 (AMAZON-AES) (AMAZON-AES)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
162	63

22 2a04:fa87:fffd::c000:422f (Ireland) 2 redirects

ASN2635 (AUTOMATTIC, US)

www.commercialobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
commercialobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6003 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

truculentrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.241.163 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-241-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:ea00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-45.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.132.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-132-59.lhr3.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.205 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

centro.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:7100:997::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.35.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-35-51.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.10.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	commercialobserver.com 2 redirects www.commercialobserver.com commercialobserver.com — Cisco Umbrella Rank: 212620	301 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	418 KB
14	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2904 api.permutive.com — Cisco Umbrella Rank: 2165	105 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	62 KB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	181 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4992 p1cluster.cxense.com — Cisco Umbrella Rank: 9632 comcluster.cxense.com — Cisco Umbrella Rank: 4678 id.cxense.com — Cisco Umbrella Rank: 10459	82 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	6 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	114 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	70 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925	61 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	580 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
3	truculentrate.com truculentrate.com — Cisco Umbrella Rank: 105605	25 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	32 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3348	475 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3887	191 B
2	pixel.ad 2 redirects centro.pixel.ad — Cisco Umbrella Rank: 62930	132 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	19 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245 pixel.quantserve.com — Cisco Umbrella Rank: 964	10 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	60 KB
2	gstatic.com fonts.gstatic.com	86 KB
2	tinypass.com cdn.tinypass.com — Cisco Umbrella Rank: 6082 buy.tinypass.com — Cisco Umbrella Rank: 6577	114 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1908	11 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2855 pixel.wp.com — Cisco Umbrella Rank: 2799	3 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 9873	110 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	170 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	282 B
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 12219	460 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	permutive.app 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app — Cisco Umbrella Rank: 293501	104 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	186 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1122	603 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	457 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	296 B
1	piano.io c2.piano.io — Cisco Umbrella Rank: 5472	2 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 587	483 B
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 7460	9 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	579 B
1	prmutv.co 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co — Cisco Umbrella Rank: 337457	399 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3492	33 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2793	41 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3638	164 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7597	3 KB
162	47

	Domain	Requested by
20	commercialobserver.com	commercialobserver.com
13	api.permutive.com	cdn.permutive.com 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
7	www.google-analytics.com	commercialobserver.com www.google-analytics.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com tpc.googlesyndication.com
6	cdn.cookielaw.org	commercialobserver.com cdn.cookielaw.org
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	www.google.com	commercialobserver.com tpc.googlesyndication.com
3	www.google.de	commercialobserver.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects commercialobserver.com
3	truculentrate.com	commercialobserver.com truculentrate.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	api.sail-personalize.com	ak.sail-horizon.com
2	connect.facebook.net	commercialobserver.com connect.facebook.net
2	pixel.sitescout.com	commercialobserver.com
2	centro.pixel.ad	2 redirects
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ml314.com	commercialobserver.com ml314.com
2	htlbid.com	commercialobserver.com htlbid.com
2	www.googletagmanager.com	commercialobserver.com www.googletagmanager.com
2	www.commercialobserver.com	2 redirects
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	rtb.nl3.eu.criteo.com	cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
1	ams-pageview-public.s3.amazonaws.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
1	ads.eu.criteo.com	cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
1	buy.tinypass.com	cdn.tinypass.com
1	cdn.id5-sync.com	commercialobserver.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app	htlbid.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	www.facebook.com	commercialobserver.com
1	px4.ads.linkedin.com	commercialobserver.com
1	www.linkedin.com	1 redirects
1	pixel.quantserve.com	commercialobserver.com
1	script.hotjar.com	static.hotjar.com
1	jadserve.postrelease.com	s.ntv.io
1	rules.quantcount.com	secure.quantserve.com
1	region1.analytics.google.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	c2.piano.io	cdn.tinypass.com
1	pixel.wp.com	commercialobserver.com
1	secure.quantserve.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.adsafeprotected.com	commercialobserver.com
1	cdn.tinypass.com	commercialobserver.com
1	public.profitwell.com	commercialobserver.com
1	ib.adnxs.com	cdn.permutive.com
1	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	cdn.permutive.com
1	fonts.googleapis.com	commercialobserver.com
1	stats.wp.com	commercialobserver.com
1	ak.sail-horizon.com	commercialobserver.com
1	cdn.jwplayer.com	commercialobserver.com
1	s.ntv.io	commercialobserver.com
1	www.npttech.com	commercialobserver.com
1	cdn.permutive.com	commercialobserver.com
162	69

This site contains links to these domains. Also see Links.

Domain
www.commercialobserverreprints.com
twitter.com
www.facebook.com
www.linkedin.com
privacyportal.onetrust.com
onetrust.com

Subject Issuer	Validity	Valid
commercialobserver.com R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
npttech.com GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
truculentrate.com R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.prmutv.co R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-24` - `2023-11-22`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Frame ID: 5460662B6966728526657980C593309D
Requests: 125 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 29103B6A4D53A38BCF88236F10D53EE3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 2E715D5166BF13706EEEC9C05D3A28B2
Requests: 4 HTTP requests in this frame

Frame: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 704FC8F34B6EEDA033BF56A90AC13755
Requests: 1 HTTP requests in this frame

Frame: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E6380F37FE9BCA7CF6DC5A7A109B11E
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVTcoQAOgK0K4FrXAAiE4wap6Nbi6oULwSgMYw&u=%7C8ovDl1KbnhJbYiiFV%2BNBHXTGifWk7ReCgaS8EF3pNig%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98DffT9TjnS6bFrtB8u-fyI9gCuBzWQig91ndBlsXnbLdtcOF-rHkcG_D3X-Iv-eH0TqoTm-EcR_Me8ndUV7keimeaL2U7SMfUXey_YrxJN6lEd9XIVT-VPOlEKLZ3-ltyxwtiF075Jp6bfuCJ29Bf_veNeNodElviBdvn2LpSFqxNFN5IRCpuLYy3_r8ZJdGqpVOhsU6llLC1OVRoB2woH0SeHSEycBNFeAGl1chUVyGQIeZyixdFhC8TkgacY6hQHBgml8UM3gnni4olGh2sfzBTrl-vTqCzPfgnavrsMrHYxnoBfoLhbnNtrFsxKirOBZJS-E-JMWtqQG17WOGFNnz3NdH1ZDHb7ngqY6-l1Ek7CtMl9S9UGmYs29Lvb7tePuy7YfkQ1jVbnr4cBJ6R5xEIBYAtwOYLLLcRVzGVPNpjMCyn9gx6n2vb96b3lOk-etxZXfVQJYxPfSa1TjtnZRe5laJ81LytOpN9GrHzuhztgJCXWBpooLIXvv3_DoRY0MsdTwAiwEQeNJzmzpz9KGYZmdYOkfuqHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSimnodxUZa2BOte1gQfjiaKoBMme0rFc1Z2R93DAjbcBEAEgAGCVuv2BlAeCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCTPfOg6A3sj7gAgCoAwHIAwKqBOADT9C44SNAHTHYMuEXwy-tmZlN-FFEiW2KdMVxRlZRQ8SrbaTs05_qldedboDt79EttOjgghYULpWrRNlyB-E7GW8k13lOZ97C5QUMkDPekRvIvXkkrnC_LRjRuAnE1B1RGi2n21QRSZA6LhdMPqURc-fpK6eUaBPnVIzhVWMnl8BfODamH_YfBb35Y95t1u-tvscw2JyISYSb9-hnztXsP9yhbkTnzcz2I4d27PSUkL-Wvf7CKFrPADz7Fy4kEd1OZ3mvhbQJXqspteTiytJlRN5f6gqfzQhE7TDl25A-7BJOOohdppdly2BMUmHBKCiPx4uqskff4qx6dmta6Ai7sOumqMXshTO5FXA8qGLGdyZPleCpUu76-cS5lCFzBaQy6QQ-DfaHjMZcaw58XGrdyrJbSxv3HGxPTkBBBHFMV14zGvoRjNOtDh_ob1xHJPxai2afSjRi6TB4NR5PNvvBSaR8jBZpAq_iapMhwQUfc85JLeyilu653IvkDVs_a3PAsEk6CpL2U1peOzJmU-39_4fE1zglqWJ4d2PGLmcvXVppvxvHnEFAZfzryC2gS41KinmGGzDHifn40GJiYsoggrqBavDl9jvAlyQ-UVKDTpcGlqU40YaU7atzzzU4zF-D4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIltvXnKLGggMV11rgCh3jhAhF0BUBgBcB%26num%3D1%26sig%3DAOD64_1nVlUarHdLT8kf9Q0nM19sszrL9A%26client%3Dca-pub-3998824402121602%26adurl%3D
Frame ID: D36DBAF58410198A5FFEBA79CC3CCEFD
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A835876C55DE4070AA477C824B663F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EEFC3FC3AA7147D3F5ACB85064D7C972
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found – Commercial ObserverBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://www.commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%B... HTTP 301
https://www.commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%B... HTTP 301
https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%B... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

162
Requests

95 %
HTTPS

60 %
IPv6

47
Domains

69
Subdomains

63
IPs

5
Countries

2593 kB
Transfer

7897 kB
Size

44
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.commercialobserverreprints.com/
Title: Reprints

Search URL Search Domain Scan URL

URL: https://twitter.com/commobserver

Search URL Search Domain Scan URL

URL: https://www.facebook.com/commobserver

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/commercialobserver

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/8bf444f2-ddd6-41ff-8e24-b69ac0176e05/19c22396-023a-465c-a9c0-d9f831d1d9cd
Title: Do not sell my data

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD HTTP 301
https://www.commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD HTTP 301
https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sb.scorecardresearch.com/cs/37161820/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 44

https://centro.pixel.ad/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 46

https://centro.pixel.ad/iap/8c6d45a6a28354fe HTTP 301
https://pixel.sitescout.com/iap/8c6d45a6a28354fe

Request Chain 78

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2066236%26time%3D1700060318922%26url%3Dhttps%253A%252F%252Fcommercialobserver.com%252Fadvertise%25250F%2525EF%2525BF%2525BD%2525DF%2525AF%25251F%2525EF%2525BF%2525BDf%2525EF%2525BF%2525BD%2525EF%2525BF%2525BD%2525EF%2525BF%2525BDu%2525EF%2525BF%2525BD%2525EF%2525BF%2525BD7%2525EF%2525BF%2525BD%2525EF%2525BF%2525BD%25251A%2525EF%2525BF%2525BDN%2525EF%2525BF%2525BDk%2525EF%2525BF%2525BD%25251D%2525D3%25258D%2525EF%2525BF%2525BD%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&cookiesTest=true&liSync=true&e_ipv6=AQIhoKyxIDs1zwAAAYvTfc7v3CJTN0-UU4Uq5pu9rnYiJ2xc_kubrnLS3BxQGfF-QKK6iMfGJQgN

162 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD Show response
commercialobserver.com/
Redirect Chain

http://www.commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
https://www.commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD

116 KB
24 KB

312ms
301ms

Document
text/html

2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

db3939f74a7feb1b9df6a453fc14c0cd1da6e969acdfba2783b4ea9049be1b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 15 Nov 2023 14:58:38 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://commercialobserver.com/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
vary: Accept-Encoding
x-cache: miss
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 96 184 443

Redirect headers

age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Wed, 15 Nov 2023 14:58:37 GMT
host-header: a9130478a60e5f9135f765b23f26593b
location: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-cache: miss
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-redirect-by: WordPress
x-rq: hhn1 96 184 443

GET
H2 200 3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response
cdn.permutive.com/ 367 KB
104 KB 105ms
46ms Script
application/javascript 2606:4700::6811:7711
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f9383dcba29f06b85b891a331477953f9f27e6e087eac53bd3d6c9352ff9daf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d
age: 0
x-guploader-uploadid: ABPtcPp_5QFYkJtFB57mIyIitz1pboVUEw5RhqUa_gwWXkHtLLgk9bqmeLzN73Kx-C-2ITuUS020Eh6qlEFVg9CMz_2I
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 30 Oct 2023 17:36:21 GMT
server: cloudflare
etag: W/"b04894b5e9ef189b07d9875e84211a68"
vary: Accept-Encoding
x-goog-generation: 1698687381209078
content-type: application/javascript
x-goog-hash: crc32c=s+lsRQ==, md5=sEiUtenvGJsH2YdehCEaaA==
cache-control: public, max-age=900
x-goog-stored-content-length: 107367
timing-allow-origin: *
cf-ray: 82685a7c68bc71cd-FRA
expires: Wed, 15 Nov 2023 15:13:38 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 117ms
37ms Script
application/javascript 2606:4700:e0::ac40:6003
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6003 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BJ1KERFE6P3314XC
age: 4869
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gDqcy5G6g3hxrKmEWf6s9pyYT9nxh5d4jvDz/QzcR72tPpF6kmAiWnD++V/HLIfVtGM0WOcZMtk=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr4j%2FrF8Hw5rQ6S%2BSJijJTSe53WJtlR%2BZ%2F4xiiCHaNkiYipF9Ft882pokKZAUwY5tUxiQ4dClEylpaoiCQg6IQkQulj1QDzR%2FE36WuBu1AN3RuMFFipd92ihJZwAYvQTb3NbzS5DKjZj496P16E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 82685a7cb9981ede-AMS

GET
H2 200 732a7f83476493aedc29d7ff8caa.index.js Show response
truculentrate.com/static/e297772d/ 68 KB
24 KB 105ms
34ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/static/e297772d/732a7f83476493aedc29d7ff8caa.index.js

Requested by

Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0cf3027d95c0787660bd6bc1069f0466e396769483c221a61802e28db578d4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Wed, 15 Nov 2023 14:58:38 GMT
x-datacenter: gce-europe-west1
etag: "233d78e08dcc0a840cbebfa0a709ce7b3aaaec74ec521785239316a033bd2eb3"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-3zkl
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1052555292
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
80 KB 88ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCGJ5DK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7310351863aa624e94d4aaebd857c1e0541959071f6146812d5bce91de5009ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81738
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Nov 2023 14:58:38 GMT

GET
H2 200 style.min.css
commercialobserver.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 22ms
21ms Stylesheet
text/css 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/wp-includes/css/dist/block-library/style.min.css?m=1699399644g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Nov 2023 23:27:24 GMT
server: nginx
x-rq: hhn1 96 185 443
etag: W/"654ac7dc-19824"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H2 200 /
commercialobserver.com/_static/ 15 KB
4 KB 22ms
21ms Stylesheet
text/css 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGppZWhpbWpqZmAIARTIu+A==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Nov 2023 23:27:25 GMT
server: nginx
x-rq: hhn1 96 184 443
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000

GET
H2 200 related-posts-block-styles.min.css
commercialobserver.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/ 222 B
456 B 22ms
21ms Stylesheet
text/css 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css?m=1699986969g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 96 185 443
last-modified: Tue, 14 Nov 2023 18:36:09 GMT
server: nginx
etag: "6553be19-de"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 222

GET
H2 200 /
commercialobserver.com/_static/ 306 KB
50 KB 26ms
25ms Stylesheet
text/css 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/_static/??-eJxtjt0OgjAMRl/IUjFG5ML4LGNUqK5j2Q+Et3dIJJpw1fS052txcqAHG8lGdCZ1bAMKtaxA+1wyTI1hjTr880LYFhke8Ccg9iQUcGgC+ZE8JKt7xZZaDHE2tOt8jz4ncEbN2argMXjIK86TcJJlNHHbUfx8sXWwFycJtkSKTukXlKeiWs0VLM5dbuWlrutrdSzPb8XkXxY=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b42d5e743d9a26a972dc660ee5144bb0da9d768906a1c3aa7b21ffe6e047f916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 14 Nov 2023 18:36:54 GMT
server: nginx
x-rq: hhn1 96 184 443
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
cache-control: max-age=31536000

GET
H2 200 select2.min.css
commercialobserver.com/wp-content/themes/observer-unchained/inc/plugins/white-papers/css/ 15 KB
2 KB 26ms
26ms Stylesheet
text/css 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/wp-content/themes/observer-unchained/inc/plugins/white-papers/css/select2.min.css?m=1690819882g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 31 Jul 2023 16:11:22 GMT
server: nginx
x-rq: hhn1 96 184 443
etag: W/"64c7dd2a-3a76"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 619 KB
164 KB 164ms
47ms Script
application/x-javascript 23.192.241.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js?ver=20200731
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.192.241.163 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-241-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7310e401efd5214d7c4baf2a6df94becd6d945da0682fbc3a93274eadc68e8c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 14:58:38 GMT
Content-Encoding: gzip
x-amz-request-id: WN6CRNGBC7Q5EKK0
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: eOCsc9yceo4S4lv+W9OuH2eGmzxz+yVTuIOlwGlBoTdYajiqC8+FuFdyq8QUQV3rRTJN+M814is=
Last-Modified: Wed, 15 Nov 2023 00:44:41 GMT
Server: AmazonS3
ETag: "4fbba8ffe8ed5e2e12f43893b989ffc1"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
commercialobserver.com/_static/ 155 KB
49 KB 47ms
45ms Script
application/javascript 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/_static/??-eJytzF0KwyAQBOAL1Sz9C/hQepZUJ1XRjXU1obePhB6hMDAvMx9tWXk2sVkIhZ5PQ/n+akiehyAn6iOzcAVXqg6pT5eXoKwoqrFxk2dY6gzl2N6ehTbnK1SeMsrBCiJMvfwPnMtxt117psd51Pqq9Xi7hx1/Zk2q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8cc5129d612156f5dacee17d960307aec642c2f5913d3cfc7decc6de3651b490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 07 Nov 2023 23:27:25 GMT
server: nginx
x-rq: hhn1 96 184 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 JbLDKTXE.js Show response
cdn.jwplayer.com/libraries/ 108 KB
41 KB 103ms
25ms Script
text/javascript 2600:9000:225e:ea00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/JbLDKTXE.js?ver=6.3.2
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ea00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: cf13275d0fcd8567d40d37f20d2c75f8c2384cf50fe40529037950f8f27a9fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:56:18 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 140
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 41442
x-amz-cf-id: XI26LOarEE0lq2ILd8s8BQwiT7pwiBfv2Q1Y-_vNjcJz1fSGTnlt8g==

GET
H2 200 jw-widget-min.js Show response
commercialobserver.com/wp-content/plugins/jw-player-7-for-wp-premium/jw-widget/js/ 3 KB
2 KB 47ms
46ms Script
application/javascript 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/wp-content/plugins/jw-player-7-for-wp-premium/jw-widget/js/jw-widget-min.js?m=1690819881g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7a051286c0c2cee14405a493192a1927669a2ed3882b637c3cda0c0885bb364c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 31 Jul 2023 16:11:21 GMT
server: nginx
x-rq: hhn1 96 185 443
etag: W/"64c7dd29-cee"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 htlbid.js Show response
htlbid.com/v3/commercialobserver.com/ 425 B
816 B 860ms
800ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/commercialobserver.com/htlbid.js?ver=3.0
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8668ce395cdd0bc767d9255e86b5840c699a9ec267799477927b80b25fd0176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 21:02:22 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 17:55:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 496578
x-amz-server-side-encryption: AES256
etag: "c9f835e04ce4f6e0840acea6891f271f"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 425
x-amz-cf-id: D8ipRFlK4f5nZOHmjPuS_oCFHNs8STAcljIR4pqkYDKl8-k_PSpW2Q==

GET
H2 200 / Show response
commercialobserver.com/_static/ 11 KB
3 KB 47ms
47ms Script
application/javascript 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/_static/??-eJylzEEOwjAMBdELESyQaOkCcZaQfKWJaruy0/b69AywHs2jYw1JpUM69RkMJ/04bIeFTdIcqyBTc2LN23LWtUbRUNBDt1oKzK/NL/Qbg6TMf/xcc15wRMOJvPl1G6bxeZ/Gx9C+QiNREw==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1ed3b959c36bb549f92d58c8d0a7569bb552e2a37958114c946eb214b21d9ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Fri, 20 Oct 2023 19:22:36 GMT
server: nginx
x-rq: hhn1 96 185 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 92ms
45ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 61293
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 09 Nov 2023 14:41:49 GMT
server: cloudflare
etag: 0x8DBE13201873ECE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 615f4d5d-701e-0057-437a-1397b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82685a7ddbc3914c-FRA

GET
H2 200 co_logo_white.png
commercialobserver.com/wp-content/themes/observer-unchained/images/ 6 KB
6 KB 21ms
20ms Image
image/png 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/themes/observer-unchained/images/co_logo_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7ae993db12bc71217259a2201b9e2d012d3aa51c05a6790abc1dbd45cc1042b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 96 184 443
last-modified: Mon, 31 Jul 2023 16:11:22 GMT
server: nginx
etag: "64c7dd2a-1805"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6149

GET
H2 200 frontend.js Show response
commercialobserver.com/wp-content/plugins/observer-block-editor/dist/js/ 945 B
625 B 38ms
38ms Script
application/javascript 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/wp-content/plugins/observer-block-editor/dist/js/frontend.js?m=1690819882g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6374c9a2081446ee989dd64ecb74c2286bdef1e60d1e087472718421b8ef2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 31 Jul 2023 16:11:22 GMT
server: nginx
x-rq: hhn1 96 185 443
etag: W/"64c7dd2a-3b1"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 98 KB
33 KB 93ms
26ms Script
application/javascript 18.66.112.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=20170302
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:49:31 GMT
content-encoding: gzip
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 21:44:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 548
x-amz-server-side-encryption: AES256
etag: W/"edee28fbd3a5c9f3c17e0333554b5646"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: vLuSKllzqwk6HHrYR-Ts16a2z7K5jeNhLsAiNQ7Pwp5_piiMBDL7jg==

GET
H2 200 / Show response
commercialobserver.com/_static/ 129 KB
38 KB 22ms
21ms Script
application/javascript 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/_static/??-eJy1kMEKAjEMRH/Ibl0RdQ/ip0htw27WNi1NqujXW8EVD15UPCaZmTdEn5NCsr44YD2yLuQgs40ZmoDUjDzTVWEjCZBoGSBUXTww5BNkVcgOBgnc3eqQRbPNmITfmUNRyZceqYJAkrFH1S6a9TTsT0AuZm2KxGBE0D5l3lwvCoPp4UHBmpgZrGAkNbX5I+9l8dFLQnTF1+u1ooCPX3kTGorq9wQ26GXIpUbswrZddV23Wc/b5XgDa2HBwg==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4312306ac375436d1f3247806e92b9501cb2677ecdc5e0b6a55a9230c3a49f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 14 Nov 2023 18:36:54 GMT
server: nginx
x-rq: hhn1 96 185 443
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 e-202346.js Show response
stats.wp.com/ 7 KB
3 KB 66ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202346.js
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 11 Nov 2024 12:17:15 GMT

GET
BLOB 200
OK dbec9206-8543-4b74-8b1a-6038aec70d3b
https://commercialobserver.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://commercialobserver.com/dbec9206-8543-4b74-8b1a-6038aec70d3b
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|PT+Sans:400,400i,700,700i|PT+Serif:400,400i,700,700i&display=swap

Requested by

Host: commercialobserver.com
URL: https://commercialobserver.com/_static/??-eJxtjt0OgjAMRl/IUjFG5ML4LGNUqK5j2Q+Et3dIJJpw1fS052txcqAHG8lGdCZ1bAMKtaxA+1wyTI1hjTr880LYFhke8Ccg9iQUcGgC+ZE8JKt7xZZaDHE2tOt8jz4ncEbN2argMXjIK86TcJJlNHHbUfx8sXWwFycJtkSKTukXlKeiWs0VLM5dbuWlrutrdSzPb8XkXxY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1de3cb479ec7d378426a70941ff15f64d1bfb6144587b8451cbdf7aec51e0f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 14:58:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Nov 2023 14:58:38 GMT

GET
H2 200 pxid Show response
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/ 46 B
399 B 91ms
33ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/pxid?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: ce5ada2f6e53446886e5c992c50ce94bfab48663e66f69ff1fbb07988ddf92fb

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
579 B 119ms
37ms XHR
application/json 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
an-x-request-uuid: 51107c9b-5d56-4ea7-824c-d3c257a24f92
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://commercialobserver.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.25; 217.114.218.25; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK 9e6819bf-0ea2-4a44-915a-f2ea59b72055
https://commercialobserver.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://commercialobserver.com/9e6819bf-0ea2-4a44-915a-f2ea59b72055
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57551608decb8a08da9e26e7bd3e3defc3f3fcae90d035fda714edd329616b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 77538
Content-Type

GET
BLOB 200
OK d78c059a-a265-409f-9000-b39a57adc1ee
https://commercialobserver.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://commercialobserver.com/d78c059a-a265-409f-9000-b39a57adc1ee
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57551608decb8a08da9e26e7bd3e3defc3f3fcae90d035fda714edd329616b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 77538
Content-Type

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 191 B
338 B 101ms
34ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
88 B 113ms
46ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
10 KB 81ms
22ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1510
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:53:16 GMT
via: 1.1 google
content-encoding: br
age: 322
x-guploader-uploadid: ABPtcPq08OUf-9qAuEVYyCSfGsfBxYzbVhnkKDGglFhCtrFpUvPaMyZ8a34Lm3QSBUxSAgA7wBpxImGmInCh8sJDfzPyYg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10209
last-modified: Fri, 12 May 2023 18:40:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1683916812364920
x-goog-hash: crc32c=mZ+Z9w==, md5=kd+C792N6TsjSfrrJlopCg==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 120ms
31ms Script
application/x-javascript 13.224.132.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=9fcbc71706e441281b7aa5cb24b9d76d
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.132.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-132-59.lhr3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 44_aCCdPU8RgOBSJHBv0LFOPizyiiCm0
content-encoding: gzip
via: 1.1 b633712974a8d226a1c191ef6869813c.cloudfront.net (CloudFront)
date: Wed, 15 Nov 2023 06:32:12 GMT
last-modified: Thu, 09 Nov 2023 11:53:48 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C2
age: 31004
x-amz-server-side-encryption: AES256
etag: W/"40097cdf413c1f1f303c66489742cb44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=86400
x-amz-cf-id: inkCh3PpCV-a7WdMT6IMjKRHi0DyB8Hv-GZt8Z0bzdbux8qJRkCjYA==

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 384 KB
114 KB 105ms
47ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59eb2597946aa8c95434f9ae866a18d834a05d0a1ee096c5a649f59ab1de81e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
x-amz-version-id: jRhpqAjZ2BKUi9F7LTJyATq_CqsxsMsH
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: 1NA12ASNFE70W60W
age: 181
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GQXCN8OsrhQT2SkkDpRtulbErp67DAdp87KnVjroHCK0LNl5HGzJQWjzRZrfI6vLP+djIjtNTl2p5oET78qJ+g==
last-modified: Tue, 14 Nov 2023 13:20:55 GMT
server: cloudflare
etag: W/"3c0a6dad9bd872cfbcb3ae9ea15f01b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 82685a7e0f2d2c27-FRA
expires: Wed, 15 Nov 2023 18:58:38 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/37161820/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

29ms
28ms

Script
application/javascript

13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 06:59:43 GMT
content-encoding: gzip
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28745
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: B7h35ou9m3ghhERi69RKdi4OyZ57vPG2hw-dnK4_X8f_YkYmquHZ9A==

Redirect headers

date: Wed, 15 Nov 2023 14:58:38 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: P5ludbAQQRBisQ1s571sM0a4Q94GqxWmzyd6IWS6kBxempFkQqyrrQ==

GET
H2 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 35 KB
36 KB 71ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|PT+Sans:400,400i,700,700i|PT+Serif:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://commercialobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 02:00:37 GMT
x-content-type-options: nosniff
age: 478681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36344
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:05:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 02:00:37 GMT

GET
H2 200 BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 50 KB
50 KB 94ms
43ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|PT+Sans:400,400i,700,700i|PT+Serif:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://commercialobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:22:43 GMT
x-content-type-options: nosniff
age: 164155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51384
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:10:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 17:22:43 GMT

GET
H2 200 CO-07-28-2020-footer.jpg
commercialobserver.com/wp-content/uploads/sites/3/2020/08/ 13 KB
13 KB 21ms
21ms Image
image/webp 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/uploads/sites/3/2020/08/CO-07-28-2020-footer.jpg?quality=80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1f5f2b5cfe4043f21a80b2bc151b7369dd8476828fd9e4203245442f193a37bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 198 443
last-modified: Fri, 28 Jul 2023 09:47:21 GMT
server: nginx
etag: "24ebd78a58495178"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13260

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
260 B 86ms
42ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2455dc266dc17f31c455d082f89f2fb419f8cc26fb51966eb2d0450f5be5f530

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 94ms
22ms Image
image/gif 2600:9000:223f:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_276969
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:26:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 14819500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: QrhSut9u4EQTTEDMpAUMVnQI5GtCwhUMinAG8RNL-MsB-3OEtimjLA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C8EN6PLDZB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCGJ5DK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

901dd840aaf336a6724d4f4bbe8d6ad6bdfe29497d4f6b61b4c7c10dfc61d9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Nov 2023 14:58:38 GMT

GET
H2 200 hotjar-1099401.js Show response
static.hotjar.com/c/ 9 KB
4 KB 155ms
62ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1099401.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCGJ5DK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

c2d0102835e1660def4a480434e21915e008153470d2c46e964be8e4a2aca770

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 15 Nov 2023 14:58:38 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/dec16f0c8222873cea5736172f5a13c5
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dMPRy7RmTaJUd7sN9PWN1cyOzCLDTWocvCuYZqsEaCrxUigZZikRLQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 120ms
29ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCGJ5DK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 22 Nov 2023 14:58:38 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 135ms
37ms Script
application/javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCGJ5DK

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 09:07:27 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65336
accept-ranges: bytes
content-length: 3840

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 80ms
23ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Nov 2023 13:16:44 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6114
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 15 Nov 2023 15:16:44 GMT

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 2910
Redirect Chain

https://centro.pixel.ad/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

99ms
27ms

Document
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Wed, 15 Nov 2023 14:58:38 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 99ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Nov 2023 14:58:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vZHq0XZGxSuwn1M5spOYcRgNBTTxfggl8eHVYrI/zVGD3YetS96DbGoEN0jMNGAeP9z00V2KWY96YL0joViEZA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

8c6d45a6a28354fe
pixel.sitescout.com/iap/
Redirect Chain

https://centro.pixel.ad/iap/8c6d45a6a28354fe
https://pixel.sitescout.com/iap/8c6d45a6a28354fe

0
191 B

88ms
28ms

Image
text/plain

98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/8c6d45a6a28354fe
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/8c6d45a6a28354fe
content-length: 0

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
79 B 313ms
312ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:38 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H2 200 g.gif
pixel.wp.com/ 50 B
154 B 36ms
24ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=168797018&post=0&tz=-5&srv=commercialobserver.com&hp=vip&j=1%3A12.7.1&host=commercialobserver.com&ref=&fcp=983&rand=0.181623354569328
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:38 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
commercialobserver.com/wp-includes/js/ 18 KB
5 KB 25ms
25ms Script
application/javascript 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://commercialobserver.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 30 Oct 2023 14:57:07 GMT
server: nginx
x-rq: hhn1 96 185 443
etag: W/"653fc443-4904"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
255 B 46ms
45ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=89160&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&pv=1700060318512_fkgjkvdep&bl=en-us&cb=6697582&return=&ht=&d=&dc=&si=1700060318512_fkgjkvdep&cid=&s=1600x1200&rp=&v=2.5.3.51
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1510
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 dd6103a5-d710-4366-8b1f-2670496b5c48.json Show response
cdn.cookielaw.org/consent/dd6103a5-d710-4366-8b1f-2670496b5c48/ 3 KB
2 KB 87ms
45ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dd6103a5-d710-4366-8b1f-2670496b5c48/dd6103a5-d710-4366-8b1f-2670496b5c48.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9d806642a769c3c829b87d02a7fc9e2ab5e763f41df6f57761cda3bc3f7b061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2248
content-md5: kDoRMg9kNjWlmSRVcrn+nw==
content-length: 1195
x-ms-lease-status: unlocked
last-modified: Thu, 18 Feb 2021 19:19:25 GMT
server: cloudflare
etag: 0x8D8D4421AED8FCB
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 30fe02f4-101e-00ac-67e1-5af971000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82685a7f09f22bbe-FRA
expires: Thu, 16 Nov 2023 14:58:38 GMT

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 359ms
110ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://commercialobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://commercialobserver.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Wed, 15 Nov 2023 14:58:38 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 256 B
475 B 120ms
119ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=20170302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: cda941ecf76abe82d69886f2ee31a4814a117a0292a7b1ef501a6b6ae6066c7a

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer a5ea0ac8f0f77f7cd122c826057f84d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://commercialobserver.com/
x-referring-url: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 173
expires: -1

GET
H2 200 GettyImages-158089256.jpg
commercialobserver.com/wp-content/uploads/sites/3/2020/10/ 12 KB
12 KB 37ms
26ms Image
image/webp 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/uploads/sites/3/2020/10/GettyImages-158089256.jpg?resize=370,246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

886541cd7bb1354fe655294a27fed2c8b7e8a853d9e88b8d68fc85ae165e21be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 198 443
last-modified: Sat, 11 Nov 2023 03:53:01 GMT
server: nginx
etag: "d298ff48442f9e28"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12000

GET
H2 200 BP5cRosV.jpg
commercialobserver.com/wp-content/uploads/sites/3/2023/11/ 19 KB
19 KB 103ms
93ms Image
image/webp 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/uploads/sites/3/2023/11/BP5cRosV.jpg?resize=370,274

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bc8425519994bec1b58d33b27f84cc26ff9ce4bd9f4f107f7520e883fd700908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 195 443
last-modified: Wed, 15 Nov 2023 14:58:38 GMT
server: nginx
etag: "61f1c47dc0f76d5a"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18992

GET
H2 200 AA_FF_1_WEB.jpg
commercialobserver.com/wp-content/uploads/sites/3/2023/11/ 13 KB
13 KB 38ms
27ms Image
image/webp 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/uploads/sites/3/2023/11/AA_FF_1_WEB.jpg?resize=370,251

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6704844cba8154c0c8723d2c7c45ffd21dd2ecefc5ce9b3b5aa4d7234c4c7d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 14 Nov 2023 21:27:24 GMT
server: nginx
etag: "04519f13885174ab"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13072

GET
H2 200 1500-Walnut-Courtesy-of-CBRE.jpg
commercialobserver.com/wp-content/uploads/sites/3/2023/11/ 11 KB
12 KB 37ms
27ms Image
image/webp 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/uploads/sites/3/2023/11/1500-Walnut-Courtesy-of-CBRE.jpg?resize=370,247

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21fb5aa65e00e30fb4c73d216024096b2af459e4702e104f98a084d34e166a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 198 443
last-modified: Tue, 14 Nov 2023 21:23:48 GMT
server: nginx
etag: "750a4b797fbc4fb1"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11716

GET
H2 200 GettyImages-476029834.jpg
commercialobserver.com/wp-content/uploads/sites/3/2023/11/ 18 KB
18 KB 29ms
27ms Image
image/webp 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/uploads/sites/3/2023/11/GettyImages-476029834.jpg?resize=370,238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d887dd05d270c44de783084b38bacc831570e85b73c79e126f1d9b7dd02e0bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 139 443
last-modified: Tue, 14 Nov 2023 21:20:58 GMT
server: nginx
etag: "5cd9f8e888c487a5"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18114

GET
H2 200 555-fifth-avenue.jpg
commercialobserver.com/wp-content/uploads/sites/3/2019/11/ 14 KB
14 KB 23ms
22ms Image
image/webp 2a04:fa87:fffd::c000:422f
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://commercialobserver.com/wp-content/uploads/sites/3/2019/11/555-fifth-avenue.jpg?resize=200,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:422f , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1ba8c1f29962a432d55065360962a1be38847c0061bcab9083ca71e46c2ecd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn1 109 27 443
last-modified: Tue, 14 Nov 2023 21:20:58 GMT
server: nginx
etag: "ba4352144cb6aaa3"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14138

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/0abc2255-63f4-4e47-8560-76edabeed38b/ 12 B
25 B 94ms
93ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/0abc2255-63f4-4e47-8560-76edabeed38b/audiences?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 88ms
25ms Script
application/x-javascript 2a02:26f0:7100:997::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 14:58:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 09:25:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6042
Expires: Wed, 15 Nov 2023 15:58:38 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 3 KB
2 KB 190ms
132ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=HMNCAvNFta

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

730d4ef5f168ca64b5aac74810361f4cdcfeb4e87efcbc3ef1c4652118340ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: mtcep1pbu8
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://commercialobserver.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 82685a802e9b4db9-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
296 B 125ms
68ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 82685a8038bc3804-FRA
access-control-allow-headers: Content-Type

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 29ms
28ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=182206635&t=pageview&_s=1&dl=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Commercial%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAEK~&jid=1835284114&gjid=1850146067&cid=1905145773.1700060319&tid=UA-1212249-15&_gid=774688106.1700060319&_r=1&_slc=1&gtm=45He3b81n81WCGJ5DKv76812049&cd15=false&cd16=false&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1647288744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://commercialobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 92ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C8EN6PLDZB&gtm=45je3b81v877098637z876812049&_p=1700060318108&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1905145773.1700060319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700060318&sct=1&seg=0&dl=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD&dt=Page%20not%20found%20%E2%80%93%20Commercial%20Observer&en=page_view&_fv=1&_ss=1&tfd=1388
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8EN6PLDZB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://commercialobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 91ms
27ms Ping
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C8EN6PLDZB&cid=1905145773.1700060319&gtm=45je3b81v877098637z876812049&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8EN6PLDZB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://commercialobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 102ms
46ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C8EN6PLDZB&cid=1905145773.1700060319&gtm=45je3b81v877098637z876812049&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1200465267

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-8e-8kU1qcT19Y.js Show response
rules.quantcount.com/ 3 B
457 B 86ms
21ms Script
application/javascript 2600:9000:223c:7400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8e-8kU1qcT19Y.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 06:33:14 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 30325
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:47 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Y50IDRXRBWWkEV0LRzyAVvtWOhhhFQ67aF63UHRMiUtbfEHt1teMyQ==

GET
H2 200 t Show response
jadserve.postrelease.com/ 268 B
603 B 150ms
49ms Script
text/javascript 54.154.35.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&ntv_mvi&ntv_kv=permutive*rts
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js?ver=20200731
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.35.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-35-51.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 190
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 1268777046788823 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 150ms
149ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1268777046788823?v=2.9.138&r=stable&domain=commercialobserver.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2dea1aa7b190e04883ed1727aefcc3e1592ff86851ba200febbd75800fe87b7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Nov 2023 14:58:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +fQkw9YnTJ+4hTsb1NQt5Otj87cEI7HyUkUKqbsdoOby/mvkg+asyGs6ei/R1GK5EYHZB0UWnp9Wg6ectm8gWA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 36ms
36ms Script
application/javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

84a33f0ee395abbee2ed85fe075f213a7836ff2023795ce8e4d4184fc6cbbd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 09:07:28 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65435
accept-ranges: bytes
content-length: 15605

GET
H2 200 modules.f9859f007fa31a6b8e2b.js Show response
script.hotjar.com/ 225 KB
56 KB 210ms
22ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f9859f007fa31a6b8e2b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1099401.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

34d58ee8dc6831f1cee0503cd43e30f6edad8ecb1317ffd9b9a9cf3f938846a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 11:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 12393
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56977
last-modified: Wed, 15 Nov 2023 11:31:43 GMT
etag: "f565829958ae806575cfc59590c1eb6e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: I_vHIU6n7w3jU_gkK4LAPdsFQanuBRinTRxzyHNElUFr3dYoJnPI0Q==

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 23ms
23ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=37161820&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1700060318879&ns_c=UTF-8&c7=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&c8=Page%20not%20found%20%E2%80%93%20Commercial%20Observer&c9=
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: rAUiySBZerzipTYuxvWaFJeHpuFSfyAS2LB_Idt_Ylyj0JUhk-ohfg==
x-cache: Miss from cloudfront

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 38ms
38ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 34267
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75725
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f63eef0a-601e-0090-5d2e-0d03ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82685a81088f914c-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 29ms
27ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1212249-15&cid=1905145773.1700060319&jid=1835284114&gjid=1850146067&_gid=774688106.1700060319&_u=aEDAAEAAAAAAACAEK~&z=1959484399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 Nov 2023 14:58:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://commercialobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 111 KB
36 KB 26ms
26ms Script
application/x-javascript 2a02:26f0:7100:997::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e2e0e5983c5f01baeea0383636ba0e9532ed4e62015b205ee969fa95a17a0b81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 14:58:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 12:19:58 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36895
Expires: Wed, 15 Nov 2023 15:58:38 GMT

GET
H2 200 pixel;r=2003340355;source=gtm;rf=0;a=p-8e-8kU1qcT19Y;url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%...
pixel.quantserve.com/ 35 B
373 B 52ms
38ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2003340355;source=gtm;rf=0;a=p-8e-8kU1qcT19Y;url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD;uht=2;fpan=1;fpa=P0-2057654220-1700060318800;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=commercialobserver.com;dst=1;et=1700060318900;tzo=-60;ogl=;ses=d80b6215-3305-4712-b507-02752bd9438b;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2066236%26time%3D1700060318922%26url%3Dhttps%253A%252F%252Fcommercialobserver.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD...

0
484 B

229ms
139ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&cookiesTest=true&liSync=true&e_ipv6=AQIhoKyxIDs1zwAAAYvTfc7v3CJTN0-UU4Uq5pu9rnYiJ2xc_kubrnLS3BxQGfF-QKK6iMfGJQgN
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:39 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7EC7503B7EAE4A19AE6C680DDF74F423 Ref B: DUS30EDGE0717 Ref C: 2023-11-15T14:58:39Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKMiNzqEFQ4KaBGBZc8Q==

Redirect headers

date: Wed, 15 Nov 2023 14:58:38 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 472C32830C904F13B00A887751D10BDC Ref B: FRAEDGE1118 Ref C: 2023-11-15T14:58:39Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2066236&time=1700060318922&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&cookiesTest=true&liSync=true&e_ipv6=AQIhoKyxIDs1zwAAAYvTfc7v3CJTN0-UU4Uq5pu9rnYiJ2xc_kubrnLS3BxQGfF-QKK6iMfGJQgN
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKMiNwOeErlRWOxnMD0w==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 95ms
45ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-15&cid=1905145773.1700060319&jid=1835284114&_u=aEDAAEAAAAAAACAEK~&z=183394337

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 46ms
45ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-15&cid=1905145773.1700060319&jid=1835284114&_u=aEDAAEAAAAAAACAEK~&z=183394337

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/dd6103a5-d710-4366-8b1f-2670496b5c48/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/ 73 KB
13 KB 42ms
42ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dd6103a5-d710-4366-8b1f-2670496b5c48/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d5ea0e4e485d2a6c7775f188bd52ad9e11470233d6099d08fc9b1591073ee23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Nov 2023 14:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 23664
content-md5: gE8/6w1Kw62LdhyoP2ocOg==
content-length: 12880
x-ms-lease-status: unlocked
last-modified: Thu, 18 Feb 2021 19:19:29 GMT
server: cloudflare
etag: 0x8D8D4421D710715
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fcd3e5ad-501e-0082-59e1-5a79b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82685a819cce2bbe-FRA
expires: Thu, 16 Nov 2023 14:58:38 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 2E71 672 B
747 B 24ms
24ms Document
text/html 2a02:26f0:7100:997::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer: https://commercialobserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 377
Content-Type: text/html
Date: Wed, 15 Nov 2023 14:58:39 GMT
Expires: Sat, 25 Nov 2023 14:58:39 GMT
Last-Modified: Wed, 02 Aug 2023 12:14:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H3 200 3bf4efb6dbd478a969de0e9764d463d30544ac9dd7acf2ce22e7 Show response
truculentrate.com/confirm/ 303 B
330 B 74ms
44ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/confirm/3bf4efb6dbd478a969de0e9764d463d30544ac9dd7acf2ce22e7

Requested by

Host: truculentrate.com
URL: https://truculentrate.com/static/e297772d/732a7f83476493aedc29d7ff8caa.index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

79d5783837f3e2fde63a1eefabdaac85a123caf354241c885c45e22f97659330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Wed, 15 Nov 2023 14:58:39 GMT
via: 1.1 google
x-buildnumber: 1052555292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://commercialobserver.com
x-hostname: fen-hoothoot-europe-west1-spot-3zkl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Wed, 15 Nov 2023 14:58:38 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 13 KB
4 KB 32ms
31ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Nov 2023 14:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
age: 24277
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3343
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D721792550E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cbf3104d-301e-00a2-62a5-0b039a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82685a820d532bbe-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 62 KB
15 KB 33ms
32ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Nov 2023 14:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ue/MTNcIjSCNWtleQfbrzg==
age: 24277
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14986
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D7217E98574
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a84979e3-301e-0034-5885-f00a4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82685a820d542bbe-FRA

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 2E71 111 KB
36 KB 27ms
26ms Script
application/x-javascript 2a02:26f0:7100:997::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:997::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a7c4054d6dc639edc5095ad35bb8037bd3dc13472b1a9cb77b8b60e093bafeb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 14:58:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 12:19:58 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36895
Expires: Wed, 15 Nov 2023 15:58:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 83ms
29ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1268777046788823&ev=PageView&dl=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&rl=&if=false&ts=1700060319064&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700060319062.862811209&ler=empty&it=1700060318867&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 Nov 2023 14:58:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 43ms
43ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 01bed3e737df999f8fd32b2388bd6527077c7f79b87ebfce73ef388dbe4c05d4

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 2E71 46 B
636 B 87ms
22ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 2ffb4a0a66f5f7aa7f2889337f2861e869d2aec80c3fc21b3e3eb5caadd86202

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:39 GMT
last-modified: Mon, 15 May 2023 14:58:39 GMT
server: Jetty(9.4.28.v20200408)
etag: 31bzqcuvkwnp6tuw1kog3qekz
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 46
expires: Fri, 15 Nov 2024 14:58:39 GMT

POST
H3 200 7e30141fb45a0bbbfcb345929b74c86264d96e55b2915a4ce59d Show response
truculentrate.com/ 3 B
29 B 34ms
33ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/7e30141fb45a0bbbfcb345929b74c86264d96e55b2915a4ce59d

Requested by

Host: truculentrate.com
URL: https://truculentrate.com/static/e297772d/732a7f83476493aedc29d7ff8caa.index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Wed, 15 Nov 2023 14:58:39 GMT
via: 1.1 google
x-buildnumber: 1052555292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://commercialobserver.com
x-hostname: fen-hoothoot-europe-west1-spot-3zkl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Wed, 15 Nov 2023 14:58:38 GMT

GET
H2 200 htlbid.js Show response
htlbid.com/build/051db713-fc37-4ce9-8df9-119fc7b405f3/ 432 KB
109 KB 2140ms
2139ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/build/051db713-fc37-4ce9-8df9-119fc7b405f3/htlbid.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/commercialobserver.com/htlbid.js?ver=3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe51909950b8051b44b058899ed9d0d695444732c74d5c461c179e3633da4883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 21:02:23 GMT
content-encoding: br
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2023 21:41:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 496577
x-amz-server-side-encryption: AES256
etag: W/"8b769eb076ade7c79c156eb9d522b85a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: RtPtorKJpkmKw2RkPn6O72fYFHltgz3G-K4Mqv_mLJgWRb7vkR9_AQ==

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 2E71 43 B
469 B 84ms
24ms Image
image/gif 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.37&typ=pgv&rnd=lozw0p8dvs06d0cx&sid=1138596495834131570&loc=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&new=1&arf=0&ltm=1700060318954&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lozw0phqcoy9i5v1&ckp=lozw0p8dhnai13q6&glb=&cp_userState=anon&cst=31bzqcuvkwnp6tuw1kog3qekz
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Wed, 15 Nov 2023 14:58:39 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 103 B
676 B 74ms
25ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lozw0p8dhnai13q6%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2231bzqcuvkwnp6tuw1kog3qekz%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2231bzqcuvkwnp6tuw1kog3qekz%22%7D%5D%2C%22siteId%22%3A%221138596495834131570%22%2C%22location%22%3A%22https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0037.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

a2f972c1dd38a080fae78b421f3dcf63daec257cde42d3db701f021edd0ff23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:39 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 103
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 110ms
110ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
200 B 133ms
133ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Nov 2023 14:58:38 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1751A9DE922F4CA6993E1739292A31D9 Ref B: FRAEDGE1118 Ref C: 2023-11-15T14:58:39Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: https://commercialobserver.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYKMiN1oqPknn5nEsFSmA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 141ms
92ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/build/051db713-fc37-4ce9-8df9-119fc7b405f3/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a255b52ee7e2aa8fa1c0348aac24f547c9f99697e99ca257ee74183003d7742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31352
x-xss-protection: 0
server: cafe
etag: 559 / 19676 / m202311090101 / config-hash: 10310684812506182893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Nov 2023 14:58:41 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 85ms
24ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/051db713-fc37-4ce9-8df9-119fc7b405f3/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:43:19 GMT
content-encoding: gzip
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 923
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: lG1tmONtuntu6B7elvtlzjQhqFrQHmc1xkn-qGSQcX28uXBqmgImSw==

GET
H2 200 3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/ 367 KB
104 KB 111ms
46ms Script
application/javascript 2606:4700:4400::ac40:9256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/051db713-fc37-4ce9-8df9-119fc7b405f3/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f9383dcba29f06b85b891a331477953f9f27e6e087eac53bd3d6c9352ff9daf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d
age: 0
x-guploader-uploadid: ABPtcPqqyGwBYMG7_-YDSetyUTKTOI4tHJg1NaXh_a5MFXZF6D5Vw7DaqWPW8leOzEUKUEeC2HXKjkpoNzTAP_D7CGkxsg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 30 Oct 2023 17:36:21 GMT
server: cloudflare
etag: W/"b04894b5e9ef189b07d9875e84211a68"
vary: Accept-Encoding
x-goog-generation: 1698687381209078
content-type: application/javascript
x-goog-hash: crc32c=s+lsRQ==, md5=sEiUtenvGJsH2YdehCEaaA==
cache-control: public, max-age=900
x-goog-stored-content-length: 107367
timing-allow-origin: *
cf-ray: 82685a915b607188-FRA
expires: Wed, 15 Nov 2023 15:13:41 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 66ms
22ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
date: Wed, 15 Nov 2023 07:41:42 GMT
x-amz-cf-pop: FRA56-P6
age: 26220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ddS0kztXHBHhZ7ouYODryHYiV3jJ6pd-1zSKrsqFcqy5KdL1BFzhKQ==

GET
BLOB 200
OK 83eb166d-35cc-4a56-a2c7-1a0d929b6b56
https://commercialobserver.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://commercialobserver.com/83eb166d-35cc-4a56-a2c7-1a0d929b6b56
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57551608decb8a08da9e26e7bd3e3defc3f3fcae90d035fda714edd329616b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 77538
Content-Type

GET
BLOB 200
OK 5959f86d-28ab-4657-ada4-c4b7dc098391
https://commercialobserver.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://commercialobserver.com/5959f86d-28ab-4657-ada4-c4b7dc098391
Requested by: Host: commercialobserver.com
URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57551608decb8a08da9e26e7bd3e3defc3f3fcae90d035fda714edd329616b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 77538
Content-Type

POST
H3 200 watson Show response
api.permutive.com/v2.0/ 2 B
39 B 37ms
36ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/0abc2255-63f4-4e47-8560-76edabeed38b/ 12 B
25 B 85ms
84ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/0abc2255-63f4-4e47-8560-76edabeed38b/audiences?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 13:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7083
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 14 Nov 2024 13:00:38 GMT

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 14 B
28 B 41ms
41ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:41 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H2 200 30787d05-7895-471e-9cdf-d931d7b5ea5d Show response
config.aps.amazon-adsystem.com/configs/ 537 B
803 B 89ms
20ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: a7b4051ce3c03d83059984dfd302a18b7e0bb49f3a188b6db2f5ef53b1970a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:15:34 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2587
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: W5d0_ePf-_1IAEL50aLL2MZyEiETrWr_CP5Xm-iDL8JRVXkWQCmWUA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 486 B
848 B 22ms
22ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcommercialobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: d8234a5854ab9176a7bdc57c6dc183540c614c50dcb02296f94913e7031b0272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 12:37:03 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 8497
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://commercialobserver.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 486
x-amz-cf-id: Y7XOIWCcTCvMOxgdvGJ6o-E4xBmrtzSyRXAKYQcusAYLPAPpFWRn8Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 122ms
70ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&pid=vkJYUoTDvcVSO&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fcommercialobserver_leaderboard_atf%22%7D%5D&schain=1.0%2C1!hashtag-labs.com%2C1011%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 1CANSFZH2S6QAN9KSA9V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XRDa9xOy7dmn7hm8bQVY9Sh0xazzIMZwN0deslLAy-xHeCu_8jsP5Q==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 146 KB
31 KB 89ms
34ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:47:12 GMT
server: cloudflare
x-amz-request-id: C31941K77CZ8DC1M
age: 2925
etag: W/"6fff3300e0f1877d9a9539bf74fe5483"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82685a935e6a038e-FRA
x-amz-id-2: RmDYi/Ndwzcalv6C9pkNoc2DfggTyrbELLbNVBNFq6cHUuXVg8r76zbPY59KEMH3bf8QjSGJYhZ4I9gzI45Uow==

GET
H2 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 279 B
522 B 195ms
140ms XHR
application/json 2606:4700::6812:a07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=HMNCAvNFta

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3413eaa1b8b5818367b0246a0d4e3b2ad8e707c390a7cb584b2388c85a5675e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mtx664sGPkP
wn: prod-dash-10-0-141-122
last-modified: Wed, 15 Nov 2023 08:13:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.005
cache-control: public, max-age=14400
cf-ray: 82685a937abe2c79-FRA
expires: Wed, 15 Nov 2023 18:58:41 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 206ms
205ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1209660358849125&correlator=760480161547564&eid=31079233%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=22133348250%2Ccommercialobserver_skin%2Ccommercialobserver_leaderboard_atf&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%2C728x90%7C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700060321897&lmt=1700060321&adxs=-500%2C436&adys=50%2C45&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&vis=1&psz=0x-1%7C728x-1&msz=0x-1%7C728x-1&fws=516%2C516&ohw=1600%2C1600&ga_vid=1905145773.1700060319&ga_sid=1700060322&ga_hid=182206635&ga_fc=true&dlt=1700060318037&idt=3668&cust_params=permutive%3Drts%26prmtvsdk%3Dweb%26htlbidid%3D19416%26puid%3D0abc2255-63f4-4e47-8560-76edabeed38b%26ptime%3D1700060321716%26is_testing%3Dno%26is_home%3Dno%26url%3D%26tag%3D%26sponsored%3D%26articleID%3D%26author%3D%26section%3D%26channels%3D%26pagetype%3D%26market%3D%26section_front%3D%26brandsafe%3Dyes%26pageDepth%3D1&adks=2219578088%2C2146540426&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af24e6d077ca43535987a732c1f358a6286b673c3312059880299f3c6a8743fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15195
x-xss-protection: 0
google-lineitem-id: -2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commercialobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
13 KB 133ms
71ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c014b34902bdafaaaccec15df3c2d75eb1b4e1f2380109f73de5551a11df87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12545
x-xss-protection: 0

GET
H2 200 container.html Show response
cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 704F 6 KB
3 KB 140ms
55ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commercialobserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 14:58:42 GMT
expires: Thu, 14 Nov 2024 14:58:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=182206635&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Commercial%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=aGDAAEABAAAAACAEK~&jid=&gjid=&cid=1905145773.1700060319&tid=UA-1212249-15&_gid=774688106.1700060319&gtm=45He3b81n81WCGJ5DKv76812049&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1365303532

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:54:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61452
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=182206635&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Commercial%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=40%25&_u=aGDAAEABAAAAACAEK~&jid=&gjid=&cid=1905145773.1700060319&tid=UA-1212249-15&_gid=774688106.1700060319&gtm=45He3b81n81WCGJ5DKv76812049&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2098825184

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:54:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61452
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
25ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=182206635&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Commercial%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&_u=aGDAAEABAAAAACAEK~&jid=&gjid=&cid=1905145773.1700060319&tid=UA-1212249-15&_gid=774688106.1700060319&gtm=45He3b81n81WCGJ5DKv76812049&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1202791840

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 21:54:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61452
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
22ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Nov 2023 13:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4140
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 15 Nov 2023 15:49:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
29ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=182206635&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Commercial%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=aODAAEABAAAAACAEK~&jid=454302139&gjid=491202034&cid=1905145773.1700060319&tid=UA-1212249-15&_gid=774688106.1700060319&_r=1&z=1873130358

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://commercialobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1212249-15&cid=1905145773.1700060319&jid=454302139&gjid=491202034&_gid=774688106.1700060319&_u=aODAAEABAAAAACAEK~&z=1475880355

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 Nov 2023 14:58:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://commercialobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-15&cid=1905145773.1700060319&jid=454302139&_u=aODAAEABAAAAACAEK~&z=2101742703

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
45ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-15&cid=1905145773.1700060319&jid=454302139&_u=aODAAEABAAAAACAEK~&z=2101742703

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 154ms
105ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 14:58:42 GMT

GET
H2 200 container.html Show response
cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E63 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commercialobserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 14:58:42 GMT
expires: Thu, 14 Nov 2024 14:58:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D36D 215 KB
61 KB 200ms
125ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVTcoQAOgK0K4FrXAAiE4wap6Nbi6oULwSgMYw&u=%7C8ovDl1KbnhJbYiiFV%2BNBHXTGifWk7ReCgaS8EF3pNig%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98DffT9TjnS6bFrtB8u-fyI9gCuBzWQig91ndBlsXnbLdtcOF-rHkcG_D3X-Iv-eH0TqoTm-EcR_Me8ndUV7keimeaL2U7SMfUXey_YrxJN6lEd9XIVT-VPOlEKLZ3-ltyxwtiF075Jp6bfuCJ29Bf_veNeNodElviBdvn2LpSFqxNFN5IRCpuLYy3_r8ZJdGqpVOhsU6llLC1OVRoB2woH0SeHSEycBNFeAGl1chUVyGQIeZyixdFhC8TkgacY6hQHBgml8UM3gnni4olGh2sfzBTrl-vTqCzPfgnavrsMrHYxnoBfoLhbnNtrFsxKirOBZJS-E-JMWtqQG17WOGFNnz3NdH1ZDHb7ngqY6-l1Ek7CtMl9S9UGmYs29Lvb7tePuy7YfkQ1jVbnr4cBJ6R5xEIBYAtwOYLLLcRVzGVPNpjMCyn9gx6n2vb96b3lOk-etxZXfVQJYxPfSa1TjtnZRe5laJ81LytOpN9GrHzuhztgJCXWBpooLIXvv3_DoRY0MsdTwAiwEQeNJzmzpz9KGYZmdYOkfuqHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSimnodxUZa2BOte1gQfjiaKoBMme0rFc1Z2R93DAjbcBEAEgAGCVuv2BlAeCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCTPfOg6A3sj7gAgCoAwHIAwKqBOADT9C44SNAHTHYMuEXwy-tmZlN-FFEiW2KdMVxRlZRQ8SrbaTs05_qldedboDt79EttOjgghYULpWrRNlyB-E7GW8k13lOZ97C5QUMkDPekRvIvXkkrnC_LRjRuAnE1B1RGi2n21QRSZA6LhdMPqURc-fpK6eUaBPnVIzhVWMnl8BfODamH_YfBb35Y95t1u-tvscw2JyISYSb9-hnztXsP9yhbkTnzcz2I4d27PSUkL-Wvf7CKFrPADz7Fy4kEd1OZ3mvhbQJXqspteTiytJlRN5f6gqfzQhE7TDl25A-7BJOOohdppdly2BMUmHBKCiPx4uqskff4qx6dmta6Ai7sOumqMXshTO5FXA8qGLGdyZPleCpUu76-cS5lCFzBaQy6QQ-DfaHjMZcaw58XGrdyrJbSxv3HGxPTkBBBHFMV14zGvoRjNOtDh_ob1xHJPxai2afSjRi6TB4NR5PNvvBSaR8jBZpAq_iapMhwQUfc85JLeyilu653IvkDVs_a3PAsEk6CpL2U1peOzJmU-39_4fE1zglqWJ4d2PGLmcvXVppvxvHnEFAZfzryC2gS41KinmGGzDHifn40GJiYsoggrqBavDl9jvAlyQ-UVKDTpcGlqU40YaU7atzzzU4zF-D4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIltvXnKLGggMV11rgCh3jhAhF0BUBgBcB%26num%3D1%26sig%3DAOD64_1nVlUarHdLT8kf9Q0nM19sszrL9A%26client%3Dca-pub-3998824402121602%26adurl%3D

Requested by

Host: cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ed58146b099c7f56c2743cef24acf31e0fb0047889c535da92936b75fc291d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 14:58:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rDpBoMgm-cte8_ZuR5aF2cPiHAQ4uSHqSs1hAeKiE5mB5eyg26aEE85-ZaEBvaCjmArXFDBuCrjuH5gZ4m77RVKqnzO5zrfiaObVFbZzFSJAq6FxmHZ84J-0k6bwbtZo9euWYqxoxXOkejbGQkXCEnrAYxZKAy5t0UXQ4zSEMvjFhUu-MpK8ZXfQPOg1rqBKW6LxgN2B30jnHnxoryj6gKVPFUNHJiZm1yMvXhY3WmIUjCOe4klKXeGroamVOHwoBOuhrA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 73599552
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8E63 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8E63 20 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:29 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8E63 24 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E63 199 KB
64 KB 113ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 14:58:42 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 33ms
33ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 5f641b1e764a6981cdaee83e511c409a30287de90570717493e6eeea73dc7cab

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A83 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commercialobserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 14:36:17 GMT
expires: Thu, 14 Nov 2024 14:36:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EEFC 829 B
561 B 34ms
32ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e38900588df34bbe1297eb7b819183bca99653919eedc006227b4c234fb3b28

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_xBIRCRHDLK3OOBtxF3EFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://commercialobserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_xBIRCRHDLK3OOBtxF3EFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 14:58:42 GMT
expires: Wed, 15 Nov 2023 14:58:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 8E63 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c68aa49a860d1587092a2f009688b981013094c6400f367fe3f159c96de4c41b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A83 39 KB
15 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 10:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 10:54:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EEFC 0
0 84ms
54ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1209660358849125&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D36D 2 KB
1 KB 114ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVTcoQAOgK0K4FrXAAiE4wap6Nbi6oULwSgMYw&u=%7C8ovDl1KbnhJbYiiFV%2BNBHXTGifWk7ReCgaS8EF3pNig%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98DffT9TjnS6bFrtB8u-fyI9gCuBzWQig91ndBlsXnbLdtcOF-rHkcG_D3X-Iv-eH0TqoTm-EcR_Me8ndUV7keimeaL2U7SMfUXey_YrxJN6lEd9XIVT-VPOlEKLZ3-ltyxwtiF075Jp6bfuCJ29Bf_veNeNodElviBdvn2LpSFqxNFN5IRCpuLYy3_r8ZJdGqpVOhsU6llLC1OVRoB2woH0SeHSEycBNFeAGl1chUVyGQIeZyixdFhC8TkgacY6hQHBgml8UM3gnni4olGh2sfzBTrl-vTqCzPfgnavrsMrHYxnoBfoLhbnNtrFsxKirOBZJS-E-JMWtqQG17WOGFNnz3NdH1ZDHb7ngqY6-l1Ek7CtMl9S9UGmYs29Lvb7tePuy7YfkQ1jVbnr4cBJ6R5xEIBYAtwOYLLLcRVzGVPNpjMCyn9gx6n2vb96b3lOk-etxZXfVQJYxPfSa1TjtnZRe5laJ81LytOpN9GrHzuhztgJCXWBpooLIXvv3_DoRY0MsdTwAiwEQeNJzmzpz9KGYZmdYOkfuqHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSimnodxUZa2BOte1gQfjiaKoBMme0rFc1Z2R93DAjbcBEAEgAGCVuv2BlAeCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCTPfOg6A3sj7gAgCoAwHIAwKqBOADT9C44SNAHTHYMuEXwy-tmZlN-FFEiW2KdMVxRlZRQ8SrbaTs05_qldedboDt79EttOjgghYULpWrRNlyB-E7GW8k13lOZ97C5QUMkDPekRvIvXkkrnC_LRjRuAnE1B1RGi2n21QRSZA6LhdMPqURc-fpK6eUaBPnVIzhVWMnl8BfODamH_YfBb35Y95t1u-tvscw2JyISYSb9-hnztXsP9yhbkTnzcz2I4d27PSUkL-Wvf7CKFrPADz7Fy4kEd1OZ3mvhbQJXqspteTiytJlRN5f6gqfzQhE7TDl25A-7BJOOohdppdly2BMUmHBKCiPx4uqskff4qx6dmta6Ai7sOumqMXshTO5FXA8qGLGdyZPleCpUu76-cS5lCFzBaQy6QQ-DfaHjMZcaw58XGrdyrJbSxv3HGxPTkBBBHFMV14zGvoRjNOtDh_ob1xHJPxai2afSjRi6TB4NR5PNvvBSaR8jBZpAq_iapMhwQUfc85JLeyilu653IvkDVs_a3PAsEk6CpL2U1peOzJmU-39_4fE1zglqWJ4d2PGLmcvXVppvxvHnEFAZfzryC2gS41KinmGGzDHifn40GJiYsoggrqBavDl9jvAlyQ-UVKDTpcGlqU40YaU7atzzzU4zF-D4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHiDRMIltvXnKLGggMV11rgCh3jhAhF0BUBgBcB%26num%3D1%26sig%3DAOD64_1nVlUarHdLT8kf9Q0nM19sszrL9A%26client%3Dca-pub-3998824402121602%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:58:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D36D 2 KB
1 KB 115ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:58:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D36D 308 B
636 B 98ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 09 Nov 2024 14:58:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D36D 293 B
621 B 98ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 09 Nov 2024 14:58:42 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame D36D 43 B
348 B 93ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ia38eNfSifpzYXIviZf5jEE1iiNyGg5cEvHGovWqObTW13LWDFuK4giL8sZW0HQfQ3Kaly7nKrlCRPnoBvRJcyVG88zlTS0PDNI1TX2k_MMxQOcEDp41ifnPs-vuOj7061Vau83M99l0glKkHscqAOaTzBCjrVvDdv3p5yew3Wlwb_PTbR7ofuftxO1bPr0duYinV3YO2o6juZQdmk07U4Y26XfolNxcQ7n3ubV37LSUgf_A0cTKSsYsaH6b1aDcRpwzxtoe5bWah_W8DHkkSjyhdSJxPw9y7mKWak-xWnY2GZ0-51HzQzRWEMDRjyFJKkxjXGrEfWlL_eWY7HgEVlpzpxvrwwRLohr4z1p2ffv9vK7rEXW-SWtgR25IYtef4SkRi77VKDk5FQ8XPOsP4oK3KhlD_lKJcjXoW7o47tMYr_c_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1535387
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
460 B 372ms
124ms Image
image/png 3.5.10.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=3b45979a13a6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.10.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 14:58:43 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 9DJYWMW48SY6CP6P
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: 5h0BPrvgXXn3Yb3hancQi4QvN9Lv1xgU7C69IH5zyZNvvqG4DbHrItAd0V2ku4czBj7wx518JFlywIiEuj5VFQ==

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D36D 12 KB
6 KB 79ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:58:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 4 KB
4 KB 224ms
147ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048790%2F411021e816b7434f8f71ebb18eb8e2f3_kare-spassamwohnen-2020-clean-rgb.jpg&v=3&w=256&rid=4&s=4P8Lr2Olvavx3v2H3OGyeV2p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3686
expires: Fri, 18 Oct 2024 12:23:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 23 KB
23 KB 146ms
69ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048790%2F4a9cda8f8b50497085a203e9ab9dea44_2023-09-native-ads-puppet-players-640x360px.jpg&v=3&w=1200&rid=4&s=0njbUnyeGdsUk7u6u2hXHnEE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9f17206c06c3f260ff0a492af2db6b94597a4912e269039691e403402f96b256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 23404
expires: Fri, 18 Oct 2024 12:23:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 84 KB
85 KB 168ms
92ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F28cdec48592007aeb1404086d89e84e9b0628439.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=CP5g8G4FpyX1ixNSkfHWei_K&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6b2d9cdcfdf0ca4d3a16b10497131ec1dd50acf075386cc576d3c690394f4363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 86518
expires: Sat, 02 Nov 2024 09:15:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 89 KB
89 KB 229ms
152ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F2924b88260a8a04ba5033702854734e54e450076.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=GvKbLtJRKTsac0CCqc63CLC9&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f94889f70475955a7e6eceda16ef4ad33870a5b968fb90f6a2bdd1debf7249d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 90996
expires: Sat, 02 Nov 2024 14:48:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 99 KB
100 KB 234ms
157ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fa130c5d7fa8dffc72f7c6bbde2420064b2e3cac0.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=VO22FyaSScdICJIk5gRsyj-K&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b7554cdbb96fd76ab5e8c40547dd05f31d0f20a6c13d396b2a78fcc69d1d95ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 101640
expires: Sat, 02 Nov 2024 07:12:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 52 KB
53 KB 222ms
146ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F1a88657e919dafcd8e838424230b47d8243b2b75.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=--DTMipxSfhDejxRahFgad0E&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e0c6e378fdc57d9df4fa200184104b9ac5db98b0c6e34ded1256ba6de48b0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 53500
expires: Mon, 04 Nov 2024 07:42:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 43 KB
43 KB 164ms
163ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fbfce4499af1485f66a2b62a5f54d671055255eed.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=e3rfaplLwfQGacDF-7YaZxpz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42ea6d306ebff884ce8600e62c8315767b1cb2efe7c21980fcd3173178f5ff18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 43522
expires: Sun, 03 Nov 2024 13:18:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D36D 10 KB
10 KB 171ms
170ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fb4dc99ce35be9ab553b83733f69dd63b98e27eb2.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=CPnuYGr-y9Zw-WSYhqHNvkGF&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5859de66be1fc989c59aae1663ae698c1eb4ceb2793d0452a8c93603ecc725f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10286
expires: Fri, 04 Oct 2024 10:17:45 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D36D 0
128 B 111ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=rDpBoMgm-cte8_ZuR5aF2cPiHAQ4uSHqSs1hAeKiE5mB5eyg26aEE85-ZaEBvaCjmArXFDBuCrjuH5gZ4m77RVKqnzO5zrfiaObVFbZzFSJAq6FxmHZ84J-0k6bwbtZo9euWYqxoxXOkejbGQkXCEnrAYxZKAy5t0UXQ4zSEMvjFhUu-MpK8ZXfQPOg1rqBKW6LxgN2B30jnHnxoryj6gKVPFUNHJiZm1yMvXhY3WmIUjCOe4klKXeGroamVOHwoBOuhrA&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D36D 2 KB
1 KB 59ms
57ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:58:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D36D 2 KB
1 KB 59ms
57ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:58:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A83 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MFhhdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8E63 0
0 63ms
62ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSFcpodxUZa2BOte1gQfjiaKoBMme0rFc1Z2R93DAjbcBEAEgAGCVuv2BlAeCARdjYS1wdWItMzk5ODgyNDQwMjEyMTYwMsgBCakCTPfOg6A3sj7gAgCoAwHIAwKqBN0DT9C44SNAHTHYMuEXwy-tmZlN-FFEiW2KdMVxRlZRQ8SrbaTs05_qldedboDt79EttOjgghYULpWrRNlyB-E7GW8k13lOZ97C5QUMkDPekRvIvXkkrnC_LRjRuAnE1B1RGi2n21QRSZA6LhdMPqURc-fpK6eUaBPnVIzhVWMnl8BfODamH_YfBb35Y95t1u-tvscw2JyISYSb9-hnztXsP9yhbkTnzcz2I4d27PSUkL-Wvf7CKFrPADz7Fy4kEd1OZ3mvhbQJXqspteTiytJlRN5f6gqfzQhE7TDl25A-7BJOOohdppdly2BMUmHBKCiPx4uqskff4qx6dmta6Ai7sOumqMXshTO5FXA8qGLGdyZPleCpUu76-cS5lCFzBaQy6QQ-DfaHjMZcaw58XGrdyrJbSxv3HGxPTkBBBHFMV14zGvoRjNOtDh_ob1xHJPxai2afSjRi6TB4NR5PNvvBSaR8jBZpAq_iapMhwQUfc85JLeyilu653IvkDVs_a3PAsEk6CpL2U1peOzJmU-39_4fE1zglqWJ4d2PGLmcvXVppvxvHnEFAZfzryC2gS41KinmGGzDHibv68fDi8RodJGqmsHzFH5_OsC6IW3ybzCPOqwPKbpi49TO5WxXR4AQBgAa2ypLfn6janpYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHiDRMIltvXnKLGggMV11rgCh3jhAhF0BUBgBcBshccChoSFHB1Yi0zOTk4ODI0NDAyMTIxNjAyGM7-dg&sigh=MbwiC-qzmXo&uach_m=[UACH]&cid=CAQSTgDICaaNtHCgFqMAE4NwGuOi55SS5KMcuqa9_Ujg1XsrIlEPeRdbraaTRe4uskCQ8WjAjZpAANHtXKC-cFzfUbz0ZbHtDEqBBDSU_A6P6BgB&cbvp=2&vis=1
Requested by: Host: cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 8E63 0
126 B 131ms
38ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k8HZGOjMCcoHWp2DYgICAAAAa4hj0XrH_5RbwmNKCTmO2xCi3FRl6WE2cNnKQxa8wAAAEgAACgpBUVVEQVFFQkFR&wp=ZVTcoQAOgK0K4FrXAAiE4wap6Nbi6oULwSgMYw&cbvp=2

Requested by

Host: cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 14:58:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 145443
server: Kestrel
content-length: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
282 B 99ms
24ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

09d4ea644b44031e7e2ec6af0b6e8cada65fb8d762409316e94d9d4d8f17b4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://commercialobserver.com
date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
607 B 82ms
22ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

1cb2963a3dd0f3de866472b670ca8b038b47b1931bce65dc147e7fb1dc632015

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://commercialobserver.com
date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1209660358849125&bg=!xMelx4jNAAZxrfrxUa07ADQBe5WfOFTDT48PKkbafHDprf96Ci-1QjLx-wxyJ1zXBSMzVh9G-fHy_3MMaqwQ70D9GN7eAgAAAO5SAAAAA2gBB5kCydUOb9W5SOr8YzjEB9tuUNni9UE0sdEon1tvVc_i5fCCQXroRzwSNJXPlP3G0W2LiBy4XJilsTTIc8vWH31_6WyqluYDPX8YYKFk0wcKZCstzJwGVPRtg9nmybtSKzIStmtxVg7lOgaglcpkp5mpTZ7QorrOhtNRLXQ7CMtJV1Zri-6JkQpjS2nBLKDBzw-dFDqI6yvjp6cz6JipC-9dp86-1qAEbp2iAGirUeM8cuTk4xeS4HFQ4_N9cwvZu6LrkKb6P3Jc-0_jTpp02W0cZyqA_enHO36FZ0T0QKL3YnRlUCYd2AmMWZCktoZQUaMtMSEwyP6JSoK5Oj2D5JNhs7xYmZ_QP34RnsCEInZNAdL4AO8i8SLMMcGpwhsP6St-jxBBtWrgLc07mDloBi0OfOb-fCP7P4c-kA3ielQpFwG8hXiNiefP7gU_ATDEnPUfQWieucLXAaAEOCxvgNlkXtZ6Vn5MltBVtjPZ9wJ-rSJXvZj3cbMnyo6_ssjdM5Cs_4JwgPMaqJjJf1GAIgMV-6ayssTh8WhGh_VGLTX-kirxxSdxRX1ifxEHap3WGQeyP8sjYSfZExM6rNenDgmcjOG4RvL6UqnaBH3VRTPcUe9K5pQjUp48n6qvbnl64CGMIj449AyA6h7UW07apl42WZtxyTJCnZmYy5yIzGKVyYMsOhlYag6GYb554P5eVnld1p28Rc6qE0n4aWxEXD1RCu-il0m4ARvBqM5EC4GILp-QdJo-Gzei6iExpGUZBOBxi7qT0mNWyQ6-1HjvfEiB8RzCNVxukGI3VWXvqrUjzreWgKRQasjkBlJsGlDu6blorGVKDLL6yNrtoJ1Rl_IihkLtlvLOw0v0mtYL0o-UMuLgxHh3EEfegnga6KsrOkHjQRzAZrCxhk6I6mv0UwihceG9vDAPRdXfIzVlKWRCHNKDpXVM72lykcBG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://commercialobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E63 42 B
175 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssixDfPqD7A_RrUQXXZUiBn1w1DmWAxTrCrfRnBNuiFKvv9QAe_8-BTFyD8r8dNK9lU7ITRy44ILVTctdGWOGwToelVdxoqyuLBEO98KAf3pKIQGrgx&sig=Cg0ArKJSzP-QF0d6qXxfEAE&id=lidar2&mcvt=1000&p=0,315,90,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2146540426&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700060322137&rpt=259&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Nov 2023 14:58:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 metrics Show response
api.permutive.com/v2.0/internal/ 2 B
37 B 32ms
32ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/internal/metrics?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:43 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

POST
H2 200 all
csm.eu.criteo.net/ Frame D36D 0
127 B 37ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Nov 2023 14:58:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
159 B 31ms
31ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 72f5305709d3ba27ea9567bc57cdfd93ece8cfe2ffb24e94211058269b727195

Request headers

Referer: https://commercialobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 15 Nov 2023 14:58:44 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://commercialobserver.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
commercialobserver.com/	1970-01-21 01:50:20	Name: hcpermutive_uuid Value: 4c549037-6d5b-4feb-8866-68e3e2533808
.commercialobserver.com/	1970-01-20 20:36:21	Name: permutive-id Value: 0abc2255-63f4-4e47-8560-76edabeed38b
.3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/	1970-01-20 18:26:49	Name: pxid Value: ad0d8619-d2c7-4e4b-b0cc-ff50d4d71424
commercialobserver.com/	1970-01-20 16:14:22	Name: sailthru_pageviews Value: 1
.commercialobserver.com/	1970-01-21 01:43:08	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmADgFYAnADYALIP69uonh34B2AAwgAvkA
.commercialobserver.com/	1970-01-21 01:43:08	Name: _pcid Value: %7B%22browserId%22%3A%22lozw0p8dhnai13q6%22%7D
.commercialobserver.com/	1970-01-21 01:43:08	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.commercialobserver.com/	1970-01-20 16:15:46	Name: _gid Value: GA1.2.774688106.1700060319
.commercialobserver.com/	1970-01-20 16:14:20	Name: _gat_UA-1212249-15 Value: 1
.commercialobserver.com/	1970-01-21 01:50:20	Name: _ga_C8EN6PLDZB Value: GS1.1.1700060318.1.0.1700060318.60.0.0
commercialobserver.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}
.piano.io/	1970-01-20 16:14:22	Name: __cf_bm Value: 04iGs3SR9_takJGc9wAoSUzaAl1blrsbqB4wLv0qBtA-1700060318-0-Ad+H42yBkUHIZNMgz6HJ3CwtP4lRwNsXL0MOwwT1BwyaO6Cm1xVUoNL2hCl2U4wfvn49QTPpm4N9ztBzIpFzXBY=
.commercialobserver.com/	1970-01-21 01:50:20	Name: __tbc Value: %7Bkpex%7DoZCyHcpEe-BQpls8xaC0887Z22gvsRR0Rd8-UTUd0cqe0MxCjZ2uvwNrfjewmFc9
.commercialobserver.com/	1970-01-20 16:57:32	Name: __pat Value: -18000000
.commercialobserver.com/	1970-01-20 16:15:46	Name: __pvi Value: eyJpZCI6InYtbG96dzBwOHVzaDgzZjUzMCIsImRvbWFpbiI6Ii5jb21tZXJjaWFsb2JzZXJ2ZXIuY29tIiwidGltZSI6MTcwMDA2MDMxODg5MX0%3D
.commercialobserver.com/	1970-01-21 01:50:20	Name: xbc Value: %7Bkpex%7DXQt2u-lGKNRvEsTTBMTGAAwLg69a1yfoPLW-CiH1hRgbX5lKp2EtdjPsiwMHg6GSA8OHc5dtqWXCoDydT5cmdKH51R0lXxwtSI33ZdExJb0fq-juhz6FToN6erkkBPCtuIRgJu-aVinoBVBtRbf9iMmxBl0Ei4PTnfpjkXu20QkMrbMdxIhoidfw1PE8d6Gb4Q-thBLl5tzg0ZgHHpvUuylodbr73-vpJk6sbEmb4mqBln0AiByNjX7_fCBtiEHsgundrxrVJAs9_DLFUMHgZDLOA9dRvp4lGEVp3GJdzTi0uUnn0aRzc1KNeGKJlXx1
commercialobserver.com/	1970-01-20 16:14:20	Name: __adblocker Value: false
.quantserve.com/	1970-01-21 01:44:34	Name: mc Value: 6554dc9e-e34c8-4c957-05867
.commercialobserver.com/	1970-01-21 01:38:49	Name: __qca Value: P0-2057654220-1700060318800
.postrelease.com/	1970-01-21 00:59:56	Name: opt_out Value: 1
.commercialobserver.com/	1970-01-21 01:43:08	Name: cX_P Value: lozw0p8dhnai13q6
.commercialobserver.com/	1970-01-20 18:23:56	Name: _fbp Value: fb.1.1700060319062.862811209
commercialobserver.com/	1970-01-21 00:59:56	Name: sailthru_visitor Value: c9ed1613-14d1-4244-b08f-4f062cab5d58
.commercialobserver.com/	1970-01-21 00:59:56	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Nov+15+2023+15%3A58%3A39+GMT%2B0100+(Central+European+Standard+Time)&version=6.9.0&hosts=&landingPath=https%3A%2F%2Fcommercialobserver.com%2Fadvertise%250F%25EF%25BF%25BD%25DF%25AF%251F%25EF%25BF%25BDf%25EF%25BF%25BD%25EF%25BF%25BD%25EF%25BF%25BDu%25EF%25BF%25BD%25EF%25BF%25BD7%25EF%25BF%25BD%25EF%25BF%25BD%251A%25EF%25BF%25BDN%25EF%25BF%25BDk%25EF%25BF%25BD%251D%25D3%258D%25EF%25BF%25BD&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1
.linkedin.com/	1970-01-20 18:23:56	Name: li_sugr Value: 65b906ad-f320-40a3-8027-cd97265feeb1
.linkedin.com/	1970-01-21 00:59:56	Name: bcookie Value: "v=2&603b7fc0-5aa2-4427-8bc0-17172289575f"
.linkedin.com/	1970-01-20 16:15:46	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2711:u=1:x=1:i=1700060319:t=1700146719:v=2:sig=AQEpL9Z85BZ7f91F-MF-KeZU9KWLDPlK"
.commercialobserver.com/	1970-01-21 01:43:08	Name: _awl Value: 2.1700060319.5-803fe08bab85ff64351d0604fd03482e-6763652d6575726f70652d7765737431-0
.commercialobserver.com/	1970-01-21 00:59:56	Name: _hjSessionUser_1099401 Value: eyJpZCI6ImU1MTExNjRhLTg2YTYtNTdlMy1hOWM2LTc3ZDcwNzQzZWJlYiIsImNyZWF0ZWQiOjE3MDAwNjAzMTkyMDAsImV4aXN0aW5nIjpmYWxzZX0=
.commercialobserver.com/	1970-01-20 16:14:22	Name: _hjFirstSeen Value: 1
.commercialobserver.com/	1970-01-20 16:14:22	Name: _hjIncludedInSessionSample_1099401 Value: 0
.commercialobserver.com/	1970-01-20 16:14:22	Name: _hjSession_1099401 Value: eyJpZCI6ImQ5MTRlM2EwLTMwNmItNDNmZi04ZTBiLTM0OTgwYWZiZWZmYyIsImNyZWF0ZWQiOjE3MDAwNjAzMTkyMDQsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.commercialobserver.com/	1970-01-20 16:14:22	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 16:57:32	Name: UserMatchHistory Value: AQJt0iiWkCFA1gAAAYvTfc3eZITM02IGrMXsnBcqzlsOOuWJzTbTW3jrHwwCQ4Egwi7Y5x8Sy3J1JA
.linkedin.com/	1970-01-20 16:57:32	Name: AnalyticsSyncHistory Value: AQJ7wnUHUIPnWgAAAYvTfc3ejhkj0yiWQOZrvKb3I8ps42xhG1jIzEfd6OOqG1rRskIeqWJV2YuOJxLZwMpIEw
.commercialobserver.com/	1970-01-21 01:43:08	Name: cX_G Value: cx%3A1fdlsnfzauczz1019ht2idbze6%3A36w1f6r1i7w8h
.cxense.com/	1970-01-21 00:59:56	Name: gckp Value: cx:1fdlsnfzauczz1019ht2idbze6:36w1f6r1i7w8h
.www.linkedin.com/	1970-01-21 00:59:56	Name: bscookie Value: "v=1&202311151458391045a514-4c98-4706-8ae0-632d1f7a8325AQGIE2m9I8dYa9gBykDaSDnkSKIau3mz"
.linkedin.com/	1970-01-20 20:33:32	Name: li_gc Value: MTswOzE3MDAwNjAzMTk7MjswMjGvDxc3ZYKYtiTPCP8Sc9AG9exvyMyEEzFm18CB4lJUJg==
.commercialobserver.com/	1970-01-21 01:50:20	Name: _ga Value: GA1.2.1905145773.1700060319
.commercialobserver.com/	1970-01-20 16:14:20	Name: _gat_pianoTracker Value: 1
.commercialobserver.com/	1970-01-21 01:35:56	Name: __gads Value: ID=19f3885dff100424:T=1700060321:RT=1700060321:S=ALNI_Mb7ssFS7heRGAmTTzglyi7RyVdfHA
.commercialobserver.com/	1970-01-21 01:35:56	Name: __gpi Value: UID=00000cc81a70e9fc:T=1700060321:RT=1700060321:S=ALNI_MZxfBFLhi8bnRo1OT3M1PPPfCq9Rw
.doubleclick.net/	1970-01-21 01:35:56	Name: IDE Value: AHWqTUnbWTycZiqtMjJkKbB-TstJQSqqD0Qaa5k5kUOjfJHU74H0xvxHRE6Gh2QTNsE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://commercialobserver.com/advertise%0F%EF%BF%BD%DF%AF%1F%EF%BF%BDf%EF%BF%BD%EF%BF%BD%EF%BF%BDu%EF%BF%BD%EF%BF%BD7%EF%BF%BD%EF%BF%BD%1A%EF%BF%BDN%EF%BF%BDk%EF%BF%BD%1D%D3%8D%EF%BF%BD Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.edge.permutive.app
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co
aax.amazon-adsystem.com
ads.eu.criteo.com
ak.sail-horizon.com
ams-pageview-public.s3.amazonaws.com
api.permutive.com
api.sail-personalize.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cat.nl3.eu.criteo.com
cb9a448b89cab13386cf23259acf882a.safeframe.googlesyndication.com
cdn.cookielaw.org
cdn.cxense.com
cdn.id5-sync.com
cdn.jwplayer.com
cdn.permutive.com
cdn.tinypass.com
centro.pixel.ad
comcluster.cxense.com
commercialobserver.com
config.aps.amazon-adsystem.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
htlbid.com
ib.adnxs.com
id.cxense.com
id5-sync.com
imageproxy.eu.criteo.net
jadserve.postrelease.com
lb.eu-1-id5-sync.com
ml314.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.sitescout.com
pixel.wp.com
public.profitwell.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rtb.nl3.eu.criteo.com
rules.quantcount.com
s.ntv.io
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
truculentrate.com
www.commercialobserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.npttech.com
108.138.1.25
13.107.42.14
13.224.132.59
13.32.27.107
13.32.27.39
13.32.99.23
141.95.98.65
162.19.138.116
167.235.124.59
178.250.1.6
18.66.112.45
18.66.97.49
185.89.211.12
192.0.76.3
2001:4860:4802:32::178
2001:4860:4802:32::36
207.198.113.205
23.192.241.163
2600:1901:0:7416::1
2600:9000:223c:7400:6:44e3:f8c0:93a1
2600:9000:223f:c200:8:48e:53c0:93a1
2600:9000:225e:ea00:1:a3fa:7cc0:93a1
2606:4700:10::ac43:266a
2606:4700:4400::6812:2089
2606:4700:4400::ac40:9256
2606:4700::6811:7711
2606:4700::6811:c276
2606:4700::6812:83ec
2606:4700::6812:a07e
2606:4700::6812:b07e
2606:4700:e0::ac40:6003
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c03::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:26f0:7100:997::268b
2a02:26f0:780::210:a423
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:fa87:fffd::c000:422f
3.5.10.16
34.107.254.252
34.117.77.79
35.241.9.51
52.222.209.4
54.154.35.51
98.98.134.242
99.83.154.140
99.86.4.128
01bed3e737df999f8fd32b2388bd6527077c7f79b87ebfce73ef388dbe4c05d4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d4ea644b44031e7e2ec6af0b6e8cada65fb8d762409316e94d9d4d8f17b4eb
0cf3027d95c0787660bd6bc1069f0466e396769483c221a61802e28db578d4d5
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1ba8c1f29962a432d55065360962a1be38847c0061bcab9083ca71e46c2ecd33
1cb2963a3dd0f3de866472b670ca8b038b47b1931bce65dc147e7fb1dc632015
1de3cb479ec7d378426a70941ff15f64d1bfb6144587b8451cbdf7aec51e0f81
1ed3b959c36bb549f92d58c8d0a7569bb552e2a37958114c946eb214b21d9ff5
1f5f2b5cfe4043f21a80b2bc151b7369dd8476828fd9e4203245442f193a37bd
1f9383dcba29f06b85b891a331477953f9f27e6e087eac53bd3d6c9352ff9daf
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21fb5aa65e00e30fb4c73d216024096b2af459e4702e104f98a084d34e166a57
2455dc266dc17f31c455d082f89f2fb419f8cc26fb51966eb2d0450f5be5f530
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2ffb4a0a66f5f7aa7f2889337f2861e869d2aec80c3fc21b3e3eb5caadd86202
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34d58ee8dc6831f1cee0503cd43e30f6edad8ecb1317ffd9b9a9cf3f938846a8
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d2c10cf69410c10177fc6e56937d05151b182841fa6aee36f651d587d91fbb8
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42ea6d306ebff884ce8600e62c8315767b1cb2efe7c21980fcd3173178f5ff18
4312306ac375436d1f3247806e92b9501cb2677ecdc5e0b6a55a9230c3a49f32
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57551608decb8a08da9e26e7bd3e3defc3f3fcae90d035fda714edd329616b8a
5859de66be1fc989c59aae1663ae698c1eb4ceb2793d0452a8c93603ecc725f6
59eb2597946aa8c95434f9ae866a18d834a05d0a1ee096c5a649f59ab1de81e6
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a255b52ee7e2aa8fa1c0348aac24f547c9f99697e99ca257ee74183003d7742
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5f641b1e764a6981cdaee83e511c409a30287de90570717493e6eeea73dc7cab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6704844cba8154c0c8723d2c7c45ffd21dd2ecefc5ce9b3b5aa4d7234c4c7d03
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6b2d9cdcfdf0ca4d3a16b10497131ec1dd50acf075386cc576d3c690394f4363
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
72f5305709d3ba27ea9567bc57cdfd93ece8cfe2ffb24e94211058269b727195
730d4ef5f168ca64b5aac74810361f4cdcfeb4e87efcbc3ef1c4652118340ac6
7310351863aa624e94d4aaebd857c1e0541959071f6146812d5bce91de5009ae
7310e401efd5214d7c4baf2a6df94becd6d945da0682fbc3a93274eadc68e8c2
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79d5783837f3e2fde63a1eefabdaac85a123caf354241c885c45e22f97659330
7a051286c0c2cee14405a493192a1927669a2ed3882b637c3cda0c0885bb364c
7ae993db12bc71217259a2201b9e2d012d3aa51c05a6790abc1dbd45cc1042b8
7e0c6e378fdc57d9df4fa200184104b9ac5db98b0c6e34ded1256ba6de48b0ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a33f0ee395abbee2ed85fe075f213a7836ff2023795ce8e4d4184fc6cbbd7f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
886541cd7bb1354fe655294a27fed2c8b7e8a853d9e88b8d68fc85ae165e21be
8cc5129d612156f5dacee17d960307aec642c2f5913d3cfc7decc6de3651b490
8e38900588df34bbe1297eb7b819183bca99653919eedc006227b4c234fb3b28
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
901dd840aaf336a6724d4f4bbe8d6ad6bdfe29497d4f6b61b4c7c10dfc61d9b1
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
9c014b34902bdafaaaccec15df3c2d75eb1b4e1f2380109f73de5551a11df87e
9d5ea0e4e485d2a6c7775f188bd52ad9e11470233d6099d08fc9b1591073ee23
9f17206c06c3f260ff0a492af2db6b94597a4912e269039691e403402f96b256
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2f972c1dd38a080fae78b421f3dcf63daec257cde42d3db701f021edd0ff23d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7b4051ce3c03d83059984dfd302a18b7e0bb49f3a188b6db2f5ef53b1970a5f
a7c4054d6dc639edc5095ad35bb8037bd3dc13472b1a9cb77b8b60e093bafeb3
a9d806642a769c3c829b87d02a7fc9e2ab5e763f41df6f57761cda3bc3f7b061
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af24e6d077ca43535987a732c1f358a6286b673c3312059880299f3c6a8743fb
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b3413eaa1b8b5818367b0246a0d4e3b2ad8e707c390a7cb584b2388c85a5675e
b42d5e743d9a26a972dc660ee5144bb0da9d768906a1c3aa7b21ffe6e047f916
b7554cdbb96fd76ab5e8c40547dd05f31d0f20a6c13d396b2a78fcc69d1d95ec
b8668ce395cdd0bc767d9255e86b5840c699a9ec267799477927b80b25fd0176
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bc8425519994bec1b58d33b27f84cc26ff9ce4bd9f4f107f7520e883fd700908
c2d0102835e1660def4a480434e21915e008153470d2c46e964be8e4a2aca770
c68aa49a860d1587092a2f009688b981013094c6400f367fe3f159c96de4c41b
c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cda941ecf76abe82d69886f2ee31a4814a117a0292a7b1ef501a6b6ae6066c7a
ce5ada2f6e53446886e5c992c50ce94bfab48663e66f69ff1fbb07988ddf92fb
cf13275d0fcd8567d40d37f20d2c75f8c2384cf50fe40529037950f8f27a9fdc
d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2
d8234a5854ab9176a7bdc57c6dc183540c614c50dcb02296f94913e7031b0272
d887dd05d270c44de783084b38bacc831570e85b73c79e126f1d9b7dd02e0bd4
da6374c9a2081446ee989dd64ecb74c2286bdef1e60d1e087472718421b8ef2b
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db3939f74a7feb1b9df6a453fc14c0cd1da6e969acdfba2783b4ea9049be1b0c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2e0e5983c5f01baeea0383636ba0e9532ed4e62015b205ee969fa95a17a0b81
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed58146b099c7f56c2743cef24acf31e0fb0047889c535da92936b75fc291d61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67
f2dea1aa7b190e04883ed1727aefcc3e1592ff86851ba200febbd75800fe87b7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b8b0ffb62153fce532bd01e49623a39f770f344caf695ca3b8c856e1a93a17
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f
f94889f70475955a7e6eceda16ef4ad33870a5b968fb90f6a2bdd1debf7249d9
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2
fe51909950b8051b44b058899ed9d0d695444732c74d5c461c179e3633da4883

commercialobserver.com Open in urlscan Pro 2a04:fa87:fffd::c000:422f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

95 %HTTPS

60 %IPv6

47 Domains

69 Subdomains

63 IPs

5 Countries

2593 kBTransfer

7897 kBSize

44 Cookies

6 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

commercialobserver.com Open in urlscan Pro
2a04:fa87:fffd::c000:422f Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

95 %
HTTPS

60 %
IPv6

47
Domains

69
Subdomains

63
IPs

5
Countries

2593 kB
Transfer

7897 kB
Size

44
Cookies

162 HTTP transactions
3 data transactions