d1nslcd7m2225b.cloudfront.net Open in urlscan Pro
2600:9000:225e:6000:1f:a060:57c0:21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://d1nslcd7m2225b.cloudfront.net/
Effective URL:
https://d1nslcd7m2225b.cloudfront.net/
Submission: On April 28 via api (April 28th 2024, 2:16:41 pm UTC) from US — Scanned from DE

Summary HTTP 138 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 20 domains to perform 138 HTTP transactions. The main IP is 2600:9000:225e:6000:1f:a060:57c0:21, located in United States and belongs to AMAZON-02, US. The main domain is d1nslcd7m2225b.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d1nslcd7m2225b.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2600:9000:225... 2600:9000:225e:6000:1f:a060:57c0:21	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	52.164.226.60 52.164.226.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	51.11.20.152 51.11.20.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
32	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
138	28

48 2600:9000:225e:6000:1f:a060:57c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1nslcd7m2225b.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.164.226.60 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

account.screendaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.20.152 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.alea6badb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

88c9506a2cf63a437aaffa33b8cb6c07.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	cloudfront.net d1nslcd7m2225b.cloudfront.net	1001 KB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 88c9506a2cf63a437aaffa33b8cb6c07.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	1 MB
9	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5630 geolocation.onetrust.com — Cisco Umbrella Rank: 535	118 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	466 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 region1.google-analytics.com — Cisco Umbrella Rank: 2404	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	443 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	79 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	141 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7278	126 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	126 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 737 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 825	1 KB
2	t.co t.co — Cisco Umbrella Rank: 678	580 B
2	gstatic.com fonts.gstatic.com	72 KB
1	alea6badb.com secure.alea6badb.com — Cisco Umbrella Rank: 292671	321 B
1	screendaily.com account.screendaily.com	576 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 795	15 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 289	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
138	20

	Domain	Requested by
48	d1nslcd7m2225b.cloudfront.net	d1nslcd7m2225b.cloudfront.net cdnjs.cloudflare.com
32	pagead2.googlesyndication.com	securepubads.g.doubleclick.net d1nslcd7m2225b.cloudfront.net pagead2.googlesyndication.com
8	cdn-ukwest.onetrust.com	d1nslcd7m2225b.cloudfront.net cdn-ukwest.onetrust.com
6	www.facebook.com	d1nslcd7m2225b.cloudfront.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagmanager.com	d1nslcd7m2225b.cloudfront.net www.googletagmanager.com
4	connect.facebook.net	d1nslcd7m2225b.cloudfront.net connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.de	d1nslcd7m2225b.cloudfront.net
2	www.google.com	d1nslcd7m2225b.cloudfront.net
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	analytics.twitter.com	d1nslcd7m2225b.cloudfront.net
2	t.co	d1nslcd7m2225b.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
1	script.hotjar.com	static.hotjar.com
1	88c9506a2cf63a437aaffa33b8cb6c07.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	secure.alea6badb.com	www.googletagmanager.com
1	static.hotjar.com	d1nslcd7m2225b.cloudfront.net
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	account.screendaily.com	d1nslcd7m2225b.cloudfront.net
1	static.ads-twitter.com	d1nslcd7m2225b.cloudfront.net
1	www.googletagservices.com	d1nslcd7m2225b.cloudfront.net
1	fonts.googleapis.com	d1nslcd7m2225b.cloudfront.net
1	cdnjs.cloudflare.com	d1nslcd7m2225b.cloudfront.net
138	26

This site contains links to these domains. Also see Links.

Domain
account.screendaily.com
www.screendaily.com
www.bigscreenawards.com
subs.screendaily.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-10-27` - `2024-10-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-05` - `2024-05-05`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
adfe5.abasoft.co.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-08-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-07-06`	7 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://d1nslcd7m2225b.cloudfront.net/
Frame ID: A366F2E812661E429A3DA3D33B571AF9
Requests: 109 HTTP requests in this frame

Frame: https://88c9506a2cf63a437aaffa33b8cb6c07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5FB05DAA0D6FC1EBEECC6CAA7E76229
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvD0Qmg0qMY_SDCmRgiYnTnO3W92WoleDXjNhpMv_WSRS9XPHMzuUjcuuBpbCvnewcBDa-memoBmVQZKdwXwA15F_k_2ch6NBR8RWldNXPu_pdEAAmtBa_NqbbVtvhKjCB-3BbbN_YwxgkPjhVK1cmhe0oiKWTcUSvDocJoFo1M-MIiS366V7Kw2syX5CTHtZgkE48EusddnhCaF_CktISs0NNnHb6BqsC1-91QEbLXi5SNVgPwVOsKEn24hwMBVGIQVcuM7SJLcaOZU3zXJX2fqyzqhoVBSOlZhLg5Y5utwe4r2tOEnIC1JSV5_iBhJUQQkdkoiI2V4KkxIjs5KNDKiM5dgBoUDIKS6sqVhZDRRw-CnziTphNYwQQxOA52QPV4nUQ&sig=Cg0ArKJSzEnh8LuNbyuKEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: B7CF3693346AFCAD6206976B72A282E8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu7PAZprNP7xyRatTwSO-ATcyEsR4bXu9r1PLshjO8-gWq7HYECjl2gB4U9UZSC7MOTSPoSlGIsBSkwZzJ4Z9zkvq4-ZIxcne1HCzuPJsot5P8zTgDsZlNT9nktFpHzclJa_x9yvL1M9RYVPe1NuxVYzQCZqJcELta2ykvSEsEZpYpoyErw30aPbz79oEswOWUodWeS_zqYUlU2vPx7IeCnoWzpOO1S6fzRF9OAnvUHGeKSCNAcTbGhKPDAKm_C9KPB8IpLZcArnCqFjrXdI8NwrXkc-9exQegFah9NKF4cn3Jh6dYHRbWYRrSqTfXdcQfuTR1RYzTcRiTkIWPjFA3hB3EdGyg3e7OTFadvd8IhfsJPAhnFtQR7Qaki_dLLlxT-OJrjc123&sig=Cg0ArKJSzGd5uWwzK7hbEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D80EFE096B03504189B2FD6D7DE7E5A8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvhp9akK0ahFCTtRwoJxjnAs5GyW_p6v_VD69h7j0OChDeby0Oyp-qUPk_ojbkMHCBRcvjplN6bHGXCxWuFVHrI9-QfDJSKsJJqT7Zdf5ImblN8J9lakIF1vL-H4tjv2107z0yEvJXpdUSp_njd45dVGKrmLv-lvSMoJoMTIaV-c1ZD0qcKkzcEVxCRKG6kCUPYLDkS60TuqlY8fPr9ZF_8APMMCnFqM9UdaF0r4uyzpu3atT3qsujYvJeUbCgq3_uUE_HYArA-4BZKv-Zeio8ph9IikZ5lqwiq-KMJH6g5wZboy7k5Op8q1Uvd640xvXWUXTbQiR6WoHLgFWR7IqDlSa-PGy7YHuMQslqDVGJFheq4CPx93IBtZ4FTf57PHu-ZmA&sig=Cg0ArKJSzEpEG193mrrQEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 463BD0FBC6F20A8EC7B3AAB69EA63194
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvWobX0lO0bw_ZHqCl5jBwQCJ--ZPr41OQyPZ3s23DveUwbpWykKdVXEcfYPn9OiDeuKMJ0RBIySh5qj67xGiV7MdIj6b4nGOazhQBwRHFB5sXak9FaiopOPlxafYJKDMHpCLzi1MqmZgvEIK5nkvBzbNFcCp4iAmjjo8gYzAvDgkZjzuSu1341t0UUEGMif6cEGUOIGdiiZhN1RUYXeh2eSBXMA-dlR0okZ7cRpfwK2EEFUIJFIGzSE7EGUwWXZcT67rOUlf93TR4vXZnb_1R8uBR-By9XQI-TA99nQhyXBQsDA7KaXpAJ3AAfhQjTTa78BuoUqRoBsxJz3pEr22KwWXsliKvcXd5_cYEBqs9MOaBdqeIwT_BbKliT7y8jN91BGiAptnru&sig=Cg0ArKJSzKTw6Nq9wx8BEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 5A11778875145EF393BD0A018CD7EDE1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4BEF07A49ACF8B92B9C310153EAB4BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Screen Daily | Film News, Film Reviews, Film Festivals and Awards

Page URL History Show full URLs

http://d1nslcd7m2225b.cloudfront.net/ HTTP 307
https://d1nslcd7m2225b.cloudfront.net/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

99 %
HTTPS

52 %
IPv6

20
Domains

26
Subdomains

28
IPs

6
Countries

3050 kB
Transfer

8001 kB
Size

15
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://account.screendaily.com/Register
Title: Register

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/sign-in
Title: Sign in

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/digital-editions/11578.subject
Title: Digital Editions

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/home/screen-network
Title: Screen Network

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/podcast/12264.subject
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/home/stars-of-tomorrow
Title: Stars Of Tomorrow

Search URL Search Domain Scan URL

URL: https://www.bigscreenawards.com/
Title: The Big Screen Awards

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/fyc-screenings
Title: FYC screenings

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/world-of-locations-may-october-2023-digital-edition/5181675.article
Title: World of Locations

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/uk-in-focus
Title: UK in focus

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/job-vacancies
Title: Job vacancies

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/production
Title: Production

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/distribution
Title: Distribution

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/funding
Title: Funding

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/streaming
Title: Streaming

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/exhibition
Title: Exhibition

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/sales
Title: Sales

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/11901.subject
Title: Staff moves

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/tv
Title: TV

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/box-office
Title: Box office

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/territories/uk-and-ireland
Title: UK & Ireland

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/territories/north-america
Title: North America

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/territories/europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/territories/asia-pacific
Title: Asia Pacific

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/territories/middle-east-and-africa
Title: Middle East & Africa

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews
Title: Reviews

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/territories/uk-and-ireland
Title: UK & Ireland

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/territories/north-america
Title: North America

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/territories/europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/territories/asia-pacific
Title: Asia Pacific

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/territories/middle-east-and-africa
Title: Middle East & Africa

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/festivals/cannes
Title: Cannes

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/festivals/berlin
Title: Berlin

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/festivals/sundance
Title: Sundance

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/festivals/toronto
Title: Toronto

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/festivals/venice
Title: Venice

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/reviews/festivals/more
Title: More

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/features
Title: Features

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/features/interviews
Title: Interviews

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/features/comment
Title: Comment

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/features/future-leaders-2019-programmers-and-curators-to-watch/5139440.article
Title: Future Leaders

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/45926.more
Title: TV

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/my-screen-life/12258.subject
Title: My Screen Life

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals
Title: Festivals

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/cannes
Title: Cannes

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/berlin
Title: Berlin

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/venice
Title: Venice

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/rotterdam
Title: Rotterdam

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/karlovy-vary
Title: Karlovy Vary

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/locarno
Title: Locarno

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/cphdox
Title: CPH:DOX

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/sarajevo
Title: Sarajevo

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/san-sebastian
Title: San Sebastian

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/europe/tallinn
Title: Tallinn

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/north-america/toronto
Title: Toronto

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/north-america/afm
Title: AFM

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/north-america/sundance
Title: Sundance

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/north-america/sxsw
Title: SXSW

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/north-america/tribeca
Title: Tribeca

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/uk/london
Title: London

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/uk/glasgow
Title: Glasgow

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/uk/edinburgh
Title: Edinburgh

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/uk/sheffield-doc/fest
Title: Sheffield Doc/Fest

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/asia-pacific/busan
Title: Busan

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/asia-pacific/tokyo
Title: Tokyo

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/asia-pacific/filmart
Title: Filmart

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/middle-east/jerusalem
Title: Jerusalem

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/middle-east/cairo
Title: Cairo

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/festivals/middle-east/red-sea
Title: Red Sea

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/box-office
Title: Box Office

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/box-office/box-office-reports/international
Title: International

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/box-office/box-office-reports/uk
Title: UK

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/box-office/box-office-reports/us
Title: US

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/box-office/analysis
Title: Analysis

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/awards
Title: Awards

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/awards/oscars
Title: Oscars

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/awards/baftas
Title: Baftas

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/awards/golden-globes
Title: Golden Globes

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/awards/emmys
Title: Emmys

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/awards/bifas
Title: Bifas

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/european-film-awards/12593.subject
Title: European Film Awards

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/berlin-jury-grid
Title: Berlin jury grid

Search URL Search Domain Scan URL

URL: https://subs.screendaily.com/subscriptions
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/laurent-cantet-palme-dor-winning-french-director-dies/5192771.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/features/neil-diamond-catherine-bainbridge-talk-2024-hot-docs-world-premiere-red-fever/5192805.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/train-wreck-health-wise-harvey-weinstein-admitted-to-manhattan-hospital/5192804.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/sony-pushes-karate-kid-into-2025-kraven-the-hunter-to-december/5192803.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/annecy-unveils-competition-line-up-plus-previews-including-the-wild-robot/5192787.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/cannes-adds-two-animations-first-cinema-de-la-plage-titles-valeria-golino-conversation/5192802.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/cecile-gaget-joins-european-indie-carrousel-studios-as-ceo/5192791.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/features/why-an-ip-focus-will-take-centre-stage-at-cannes-2024/5192754.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/2024-film-festivals-and-markets-calendar-latest-dates/5188083.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/uk-ireland-film-cinema-release-dates-latest-updates-for-2024/5188076.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/uk-ireland-box-office-preview-challengers-to-open-serve-in-more-than-700-cinemas/5192799.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/koreas-plus-m-to-launch-pavane-for-a-dead-princess-night-fever-at-cannes-market-exclusive/5192792.article

Search URL Search Domain Scan URL

URL: https://www.screendaily.com/news/the-shameless-first-trailer-for-un-certain-regard-indian-forbidden-romance-thriller-exclusive/5192767.article

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://d1nslcd7m2225b.cloudfront.net/ HTTP 307
https://d1nslcd7m2225b.cloudfront.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

138 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
d1nslcd7m2225b.cloudfront.net/
Redirect Chain

http://d1nslcd7m2225b.cloudfront.net/
https://d1nslcd7m2225b.cloudfront.net/

163 KB
38 KB

234ms
204ms

Document
text/html

2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9118a08a03f37256cd583248ac4b9893d965faab7d794e31bc1ca1a6127b0887

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss:; child-src https: blob:; object-src 'none'; frame-ancestors 'self' https://account.screendaily.com;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: eu-api.jotform.com
cache-control: private
content-encoding: gzip
content-length: 38492
content-security-policy: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss:; child-src https: blob:; object-src 'none'; frame-ancestors 'self' https://account.screendaily.com;
content-type: text/html; charset=utf-8
date: Sun, 28 Apr 2024 14:16:35 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-cf-id: pJZlQWMxNoPMFJy_1AF8HIzvD_v8fl-Yi6GfMSC02ZYAJNuD2r_Smg==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-server-name: LIVE-FAILOVER-1
x-ua-compatible: IE=edge,chrome=1
x-xss-protection: 1; mode=block

Redirect headers

Location: https://d1nslcd7m2225b.cloudfront.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 core.css
d1nslcd7m2225b.cloudfront.net/Magazine/ 852 KB
94 KB 13ms
11ms Stylesheet
text/css 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1nslcd7m2225b.cloudfront.net/Magazine/core.css?p=7319412482520226

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a55bb418379dca5ee0c34bfaf836c7905c42d5604f0339d13682068f6a453de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 22:07:23 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 317353
x-cache: Hit from cloudfront
content-length: 95980
x-ua-compatible: IE=edge,chrome=1
last-modified: Tue, 12 Mar 2024 13:00:48 GMT
etag: "080734d7d74da1:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
x-amz-cf-id: NvqTAZV_0-ZP1kWYcMw4bQT_pBmkQHeOikXFFE_vKGCdSmL4t38CrQ==

GET
H2 200 core.js Show response
d1nslcd7m2225b.cloudfront.net/Magazine/ 922 KB
203 KB 21ms
20ms Script
application/javascript 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

51a3e924db2616afa66b30d3100ab0a6add1f08d291002e1dc4978357ce9aab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 11:41:50 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 9285
x-cache: Hit from cloudfront
content-length: 207483
x-ua-compatible: IE=edge,chrome=1
last-modified: Tue, 12 Mar 2024 13:00:48 GMT
etag: "080734d7d74da1:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
x-amz-cf-id: vIymxHs-Z24dfGnDgJfOOkNaPRbv2ae-sadrAYMQbSLTs_zCiH4zfw==

GET
H2 200 1422312_redfever_688097.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/780x520/3/1/2/ 43 KB
44 KB 22ms
21ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/780x520/3/1/2/1422312_redfever_688097.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4a4d3fe80584ece162a032070ffc9539c8d1cf06b676382930f78fb3e6bc2d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Sat, 27 Apr 2024 21:47:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 59359
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 44394
x-amz-cf-id: sajqqd8Je7Cn8-K8TwOpQoFTwXqEpnrz2WA0Ce6_P2gKGaGdlvqoAA==
expires: Sun, 27 Apr 2025 21:47:17 GMT

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 95ms
36ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
age: 84940
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Tue, 23 Apr 2024 19:31:06 GMT
server: cloudflare
etag: 0x8DC63CBEB86381B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5dc48d0f-001e-0005-1b55-968528000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87b7abcb3b4168f7-FRA
expires: Mon, 29 Apr 2024 14:16:36 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 41ms
30ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://d1nslcd7m2225b.cloudfront.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 917100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dia4BgShrE1V%2BMh2l1dCAKr82V8NYeNsoauxD9EYNY5%2Bh0KYHcILvBJ8TjlVKdGBBxMrGIXAVYpO0RRZ3wltiksrGlbNBmE7XK5cqr9MJTyenlXO7dX%2BB5DEoFAHAp3prjmtsbPw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87b7abcaeb4d71be-FRA
expires: Fri, 18 Apr 2025 14:16:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 44ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:700|Open+Sans:400,700,800

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eab8c6529b772f70d27a53e51dd95151da4e43aa2d663e43455578d1f709eede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Apr 2024 14:16:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Apr 2024 14:16:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 95 KB
30 KB 87ms
49ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf97d4f8f5388d3e0fe0f77e49707d2a80fd7722e20402d2f3453f8f4fc4607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30272
x-xss-protection: 0
server: cafe
etag: 339 / 19841 / m202404230101 / config-hash: 8127643254797218485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 14:16:36 GMT

GET
H2 200 print_logo.png
d1nslcd7m2225b.cloudfront.net/magazine/dest/graphics/logo/ 2 KB
2 KB 11ms
10ms Image
image/png 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/magazine/dest/graphics/logo/print_logo.png

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fddf7655b4d578579a8f1d447a65ae9eaaf0beb514a1c7ec91b4b3b31ae5afc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 18:00:14 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 11:10:24 GMT
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 677781
etag: "3dd2eeb8ed6eda1:0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2059
x-amz-cf-id: KQP8UC7aQ3MZ1hiU7rUScAUeUHimIwPsFVLHasrD-e_lnPp2zX0yzA==
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 2021screenpackshot_967117.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/450xAny/P/web/j/b/m/ 28 KB
28 KB 10ms
9ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/450xAny/P/web/j/b/m/2021screenpackshot_967117.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

166161f759f8c14c0ce3fdeb0a220ddee0da8d3bc100fa3ab425d7712e033313

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Wed, 29 Nov 2023 20:04:04 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 13025552
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 28652
x-amz-cf-id: zsdr9P3ERP_7_xj9WT1ygrq2oxngN_CJBBOR4mT6QAJ3jLWe1P29Cw==
expires: Thu, 28 Nov 2024 20:04:04 GMT

GET
H2 200 screennetworksmall2_762856.jpg
d1nslcd7m2225b.cloudfront.net/pictures/web/m/q/h/ 37 KB
37 KB 172ms
172ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/pictures/web/m/q/h/screennetworksmall2_762856.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dc510773d63c3f7c348ecf95029106e6e93462313792e5b7f17997a005b425c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public
x-amz-cf-id: mZrSVzZgqDqXE3Iid7ZZ0AW66IjQKmvb6vc9co-kdXhS0gS2KQGuzg==
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 9135b9e3-8796-4495-a4a1-5fd2085b2b56.json Show response
cdn-ukwest.onetrust.com/consent/9135b9e3-8796-4495-a4a1-5fd2085b2b56/ 4 KB
2 KB 91ms
73ms XHR
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9135b9e3-8796-4495-a4a1-5fd2085b2b56/9135b9e3-8796-4495-a4a1-5fd2085b2b56.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b31b10761d331f12704db4b99b4d11c8db6c531717f0df424b9e7aed52f0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: qOG5tZ7ZZF6RUv65EyUItg==
content-length: 1640
x-ms-lease-status: unlocked
last-modified: Fri, 01 Dec 2023 10:12:11 GMT
server: cloudflare
etag: 0x8DBF255FBF2C6BA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b6707318-d01e-0016-14c4-8fa124000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87b7abcb9ff83633-FRA

GET
H2 200 print.css
d1nslcd7m2225b.cloudfront.net/Magazine/ 3 KB
2 KB 9ms
8ms Stylesheet
text/css 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1nslcd7m2225b.cloudfront.net/Magazine/print.css?p=7319412482520226

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

60f5c46cadab841891feda3cfa24fb6b745fbb722880a653a1598d1ce6b68124

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 18:00:15 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 677781
x-cache: Hit from cloudfront
content-length: 1243
x-ua-compatible: IE=edge,chrome=1
last-modified: Tue, 05 Mar 2024 11:35:46 GMT
etag: "0d58743f16eda1:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
x-amz-cf-id: 9T4OGySeB2Mw9qrqy7Qwu6jiLpP0ncs5aU2StXLT3lbIg7QZWcIFpg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 14:16:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: SO0dz12x11W7y3FoB41ill4TQfcHEsIanHxluyh3BqMh2ekYeX7JEcjIXaTzt8DIuvLwDOHiXxO7etrFiyYDhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 69ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220050-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
80 KB 63ms
41ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZF83CW

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9fa187db81b7927f3fb8826d1bb348e90d92c1e30c7cbc8b381fb59b83b0aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81301
x-xss-protection: 0
last-modified: Sun, 28 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Apr 2024 14:16:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
94 KB 62ms
40ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6JMCT

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f12be628c10a05594233b7f204847e189b7fc57df5692c16c7d23decd46cd4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95481
x-xss-protection: 0
last-modified: Sun, 28 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Apr 2024 14:16:36 GMT

GET
H/1.1 200
OK templatejs Show response
account.screendaily.com/ 0
576 B 149ms
42ms Script
text/javascript 52.164.226.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://account.screendaily.com/templatejs?partyId=0&cacheDate=1714255200000

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.164.226.60 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Served-By: ADCLOUDWEB1
Date: Sun, 28 Apr 2024 14:16:36 GMT
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
Server: Microsoft-IIS/10.0
X-Server-Name: ADCLOUDWEB1
Content-Type: text/javascript
Cache-Control: private
Content-Length: 0
X-UA-Compatible: IE=edge,chrome=1

GET
H2 200 sprite.css-62050f43.svg
d1nslcd7m2225b.cloudfront.net/magazine/dest/graphics/output/ 78 KB
16 KB 9ms
9ms Image
image/svg+xml 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/magazine/dest/graphics/output/sprite.css-62050f43.svg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.css?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

33ac7592731d5255d04c861bc8a890ef4b3d1618bc1eb0dc29ba3ad427ca99b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.css?p=7319412482520226
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 18:00:14 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 677781
x-cache: Hit from cloudfront
content-length: 16240
x-ua-compatible: IE=edge,chrome=1
last-modified: Tue, 05 Mar 2024 11:10:26 GMT
etag: "03d8ab9ed6eda1:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=864000
accept-ranges: bytes
x-amz-cf-id: r5YMlQLDZ3ZY0GcubDoCKM-jG5S2OM-6ACLr0kTbOoik6PcyZqzHmA==

GET
H2 200 sprite.css-3c7a68de.svg
d1nslcd7m2225b.cloudfront.net/css/dest/graphics/output/ 115 KB
24 KB 117ms
117ms Image
image/svg+xml 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/css/dest/graphics/output/sprite.css-3c7a68de.svg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.css?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

04d31f09a9361207f2bb3532c19e856bca8fcab480de7df6341714cb7766462e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.css?p=7319412482520226
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-length: 23904
x-ua-compatible: IE=edge,chrome=1
last-modified: Tue, 05 Mar 2024 10:47:39 GMT
etag: "8097be8aea6eda1:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=864000
accept-ranges: bytes
x-amz-cf-id: JLXVZtEsT2tfbxNSrw4rU_J2IH1EuxB8xs57-t93mrkI-BsX6nBkZw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 40ms
17ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:700|Open+Sans:400,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://d1nslcd7m2225b.cloudfront.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 142240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 22:45:56 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
25 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:700|Open+Sans:400,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://d1nslcd7m2225b.cloudfront.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 18:16:07 GMT
x-content-type-options: nosniff
age: 158429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 18:16:07 GMT

GET
H2 200 1422311_harveyweinstein_872323.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/780x520/3/1/1/ 50 KB
51 KB 11ms
8ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/780x520/3/1/1/1422311_harveyweinstein_872323.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

809b009ce1e2b78cd42b4f9549bebbefe73f31cb8bb3bc115c0904e512ff0ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Sat, 27 Apr 2024 02:29:00 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 128856
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 51441
x-amz-cf-id: 3lze8J7-D-Z5XPsr6CdMYZiMt-EW8Xso3gIoTmuhEdJPsYZJBKJWdw==
expires: Sun, 27 Apr 2025 02:29:00 GMT

GET
H2 200 1422309_rendezvous_785985.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/3/0/9/ 24 KB
24 KB 13ms
10ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/3/0/9/1422309_rendezvous_785985.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

220a481983d75bd6898a964f8fe3e0d614b32282c908d3ef5bcd6dc390c22e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 15:08:28 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 169687
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 24641
x-amz-cf-id: NyDC-_pWss5VdDbQIFHnLESPDSjj6ffZ4WMntEo1_9-YgDjeNFadVw==
expires: Sat, 26 Apr 2025 15:08:29 GMT

GET
H2 200 1422280_cecilegaget_261410_crop.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/2/8/0/ 19 KB
19 KB 14ms
11ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/2/8/0/1422280_cecilegaget_261410_crop.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

856901592dd94b511241ef75485b864cf33949039014990795f580730c81b77b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 14:04:55 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 173500
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 19005
x-amz-cf-id: fPyuIHV0Aod8UILIzgSkc0snBvwYvtCM3yJ-6rX45aiPLzc5lhV-7g==
expires: Sat, 26 Apr 2025 14:04:55 GMT

GET
H2 200 1422222_beatingheartscedricbertrandcopy_438174.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/2/2/2/ 13 KB
14 KB 14ms
12ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/2/2/2/1422222_beatingheartscedricbertrandcopy_438174.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e900515f8f116503d392cd6eaa598dd51371d7b6245abb920affc8459f1671ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Thu, 25 Apr 2024 14:27:24 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 258551
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 13548
x-amz-cf-id: ATdF1MzVJqEl37ZWspHbhT8SZCg9NQOcQP3HM_qShgE3-rn0P8pSew==
expires: Fri, 25 Apr 2025 14:27:25 GMT

GET
H2 200 1411116_filmfests2024_697048.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/1/1/6/ 3 KB
3 KB 15ms
13ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/1/1/6/1411116_filmfests2024_697048.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2a9390ef3e21a29fcb46e7bb2560ed3c5b4e033e7867632769edd286691829df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 01 Jan 2024 00:46:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 10243818
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 2591
x-amz-cf-id: 2M4_mXyyQA8xZPJVKdyK03ChXL1UcsWnQoGuM-kgmZ5HiLnGqe8yng==
expires: Tue, 31 Dec 2024 00:46:17 GMT

GET
H2 200 1418412_2024releases_323220.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/4/1/2/ 3 KB
4 KB 16ms
14ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/4/1/2/1418412_2024releases_323220.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cada5ce93f7f643889db8d2bda5d9ae3784a1b42d5be355b2405bda3b10145b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Wed, 28 Feb 2024 17:38:15 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 5171901
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 3281
x-amz-cf-id: 43AeQ1PMAyqFv2EUdixG3p09XutYS5na7cW9iSTuOsKqWonbBaNobw==
expires: Thu, 27 Feb 2025 17:38:15 GMT

GET
H2 200 1422297_challengers_595102.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/9/7/ 3 KB
3 KB 16ms
14ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/9/7/1422297_challengers_595102.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5ceb6417be57b85e66479221046e3abdf2be53bdc4a55929bd8dc0058c70f94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 13:49:17 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 174438
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 3081
x-amz-cf-id: RcmFxp4n1QJnm0YcwghmK7bOm7i_bP60h3lMjzq-_gK44C5lLDh2KA==
expires: Sat, 26 Apr 2025 13:49:18 GMT

GET
H2 200 1422279_nightfeverc_910467.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/7/9/ 2 KB
3 KB 17ms
14ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/7/9/1422279_nightfeverc_910467.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f39dce06866024f7e594e10dfa07599d560f76da3c25d1ceefac02ca0e24498a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 11:18:40 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 183475
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 2362
x-amz-cf-id: 8YHp7PZoQqlmUS7kvGDe10U8ZxqHKwINJ1URc205pxzDvMdsf6kC9g==
expires: Sat, 26 Apr 2025 11:18:41 GMT

GET
H2 200 1422239_theshamelessscreen_333143.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/3/9/ 3 KB
3 KB 17ms
15ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/3/9/1422239_theshamelessscreen_333143.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a77f2d414521bc6016f5a8a5ac5e75d29d710152ef6532e0a1cddd7785d39b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 08:37:49 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 193126
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 2586
x-amz-cf-id: aKHa2MTqCQSYE81qr5vWIdnMmvRHCiq8m5pimTETIcOqPTkrGL13rw==
expires: Sat, 26 Apr 2025 08:37:50 GMT

GET
H2 200 1422267_alishahasan_357633_crop.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/6/7/ 2 KB
2 KB 18ms
15ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/2/6/7/1422267_alishahasan_357633_crop.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1a820bbfb365eff52c61b27d5e126a850eb6743c0bd8a914ef77f0c1230e6b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 09:24:12 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 190343
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 1889
x-amz-cf-id: MKa_HeZp1-9Kcj0sqkuC-Q3c9OKaLITRmuUNqqtpQ02F9SWBh6j4tA==
expires: Sat, 26 Apr 2025 09:24:13 GMT

GET
H2 200 1421951_lemans552_187884.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/5/1/ 22 KB
22 KB 19ms
16ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/5/1/1421951_lemans552_187884.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a08a40d3b1009d8fca188c288a2cb6f3ec1f152b056cbcdc17b7d60c6b85d5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Sun, 28 Apr 2024 02:21:55 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 42880
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 22205
x-amz-cf-id: XhmYKE-5OITbaNBoysuqhsZuf5pW6D8J-nx93rLZm22QsWfSvlWAiQ==
expires: Mon, 28 Apr 2025 02:21:56 GMT

GET
H2 200 1421923_neverlookaway_880020.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/2/3/ 17 KB
17 KB 19ms
17ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/2/3/1421923_neverlookaway_880020.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

efcbf14c542a73c14bfb515bd90440bd74dcd651bf82fc7bb3e572d077dbc53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Thu, 25 Apr 2024 08:15:06 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 280890
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 17063
x-amz-cf-id: b9luabCHQxbxz7CTSQVcuJgaXkHnmoGYm9eyngFZOXZqoqsUvTppkA==
expires: Fri, 25 Apr 2025 08:15:06 GMT

GET
H2 200 1421957_ahouseonfire_742621.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/5/7/ 24 KB
24 KB 20ms
18ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/5/7/1421957_ahouseonfire_742621.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

01fa10df12047414d20a60816707426f588ba99f8c4d1b04424db51274dc290b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 22 Apr 2024 15:18:49 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 514666
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 24404
x-amz-cf-id: JgflUwkEZUnarwKZK_qgxPnmEqSZVrpxX5lYsEmhUy32tMgR3uzrUw==
expires: Tue, 22 Apr 2025 15:18:50 GMT

GET
H2 200 1421903_thelandscapeandthefury_961159.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/0/3/ 23 KB
23 KB 21ms
19ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/9/0/3/1421903_thelandscapeandthefury_961159.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

041d22664a0f7c5b2c5e6a76c970589bdeddbc838f9a38783fb9c72dec20272c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 19 Apr 2024 20:27:20 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 755355
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 23265
x-amz-cf-id: r_3B5msBqvhMMkO05j1AXJ6on6vLOh5pkJi3sfkEX3TTzDoe_pSDTg==
expires: Sat, 19 Apr 2025 20:27:21 GMT

GET
H2 200 1421888_risingupatnight_338305.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/8/8/8/ 11 KB
11 KB 22ms
19ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/8/8/8/1421888_risingupatnight_338305.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3c2050b7411f2f9471dee7e8f22ff6f5c4c259e78f79775286e7e3a4fa7b8967

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 19 Apr 2024 20:27:21 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 755355
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 10996
x-amz-cf-id: z3um5oxgy0oLG3pZ7McJtflXK-FSaZiyFsi1l-FiGx9bFBWkkVLRWQ==
expires: Sat, 19 Apr 2025 20:27:21 GMT

GET
H2 200 1421749_abigail_118949.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/7/4/9/ 15 KB
16 KB 22ms
20ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/7/4/9/1421749_abigail_118949.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b29cda94190585a5bc5843e98dfc87a208a1d1d05283671e0309edd0ae39981f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Thu, 18 Apr 2024 09:44:50 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 880305
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 15781
x-amz-cf-id: f-1RR-c6wBXf0Q50SHjAilPJ16ME83XQrbrCHqDr-Vm-RvVtVeWfeQ==
expires: Fri, 18 Apr 2025 09:44:51 GMT

GET
H2 200 1422247_drewsimon_courtesyofinfraredpictures_991340.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/2/4/7/ 10 KB
10 KB 23ms
21ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/2/4/7/1422247_drewsimon_courtesyofinfraredpictures_991340.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4b75b988f9bcbf65bc72ff35e53369c9a00f6fe832d9ee6cdc6cb9c51a57256e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Thu, 25 Apr 2024 23:36:28 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 225608
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 9767
x-amz-cf-id: LfWeOkiTinG_HOUWCK8WjOWe6uGsPCOLO95VwUBfIl_9VYA6rQ-roQ==
expires: Fri, 25 Apr 2025 23:36:28 GMT

GET
H2 200 1422021_waynefitzjohnsimonswartcshannonrobertscharlemagneolivier_237936.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/0/2/1/ 11 KB
12 KB 24ms
22ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/0/2/1/1422021_waynefitzjohnsimonswartcshannonrobertscharlemagneolivier_237936.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f213e90e86533a5a1d52c943e5d367c59bf5d9c63f26e7c94e8904c63d303dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Thu, 25 Apr 2024 08:42:01 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 279274
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 11536
x-amz-cf-id: XKOtRcPXkQX5ke0PFmi-0y2auO85kPlrph36Ner7KUa_SxF5jLTjkg==
expires: Fri, 25 Apr 2025 08:42:02 GMT

GET
H2 200 1421839_20daysinmariupol_652968_crop.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/415x277/8/3/9/ 14 KB
15 KB 24ms
23ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/415x277/8/3/9/1421839_20daysinmariupol_652968_crop.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1d9fad92e56ea94b39e201b415f8f0b9ae65fc36ce3070c5ff48d91179246c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 19 Apr 2024 12:16:20 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 784815
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 14528
x-amz-cf-id: _539ubzJtQWIEysQ2DfvjfVgR7nXPYFY0Sa9y9SDbGQOIdAkaWtzZw==
expires: Sat, 19 Apr 2025 12:16:21 GMT

GET
H2 200 1417573_thebottleyardtby2solarroof_242347.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/374x249/5/7/3/ 26 KB
26 KB 25ms
23ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/374x249/5/7/3/1417573_thebottleyardtby2solarroof_242347.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d81e5637c31f00d8f2ad52a3d5ac4da79112d938a457e3883ebadc7888a63058

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Wed, 21 Feb 2024 10:39:45 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 5801811
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 26229
x-amz-cf-id: ldMPXpZw5rLIkhBpXa5mVHB-LfkTLEr9c5ys_rQ-IdPwI9McbyRT2A==
expires: Thu, 20 Feb 2025 10:39:45 GMT

GET
H2 200 1422239_theshamelessscreen_333143.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/270x180/2/3/9/ 10 KB
10 KB 10ms
9ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/270x180/2/3/9/1422239_theshamelessscreen_333143.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b316b65cc67b6cf69ea0b6626498978d808bac4b50dbce5b04975c4a5db220cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 08:37:50 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 193125
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 9772
x-amz-cf-id: sOKndA8GsEPOq2-wL76cD8QQHm3elqiaKBNjyZZKeox677q4V6fI4Q==
expires: Sat, 26 Apr 2025 08:37:51 GMT

GET
H2 200 1418424_1phantomsofthesierramadrecupnorthfilm_937667.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/270x180/4/2/4/ 11 KB
11 KB 11ms
10ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/270x180/4/2/4/1418424_1phantomsofthesierramadrecupnorthfilm_937667.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

44140611d491bb6ac1398ab41cee77620eeb0971e214954307f6e55e188f20f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 01 Mar 2024 09:18:29 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 5029087
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 10897
x-amz-cf-id: Q-X92N0odJ3uISPh--NyPbOlvPkin1EkTYHq4hPhxeb8M0raYwd_aA==
expires: Sat, 01 Mar 2025 09:18:29 GMT

GET
H2 200 1418230_johatsu_flyer_stills11024x576_518707_crop.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/270x180/2/3/0/ 9 KB
10 KB 12ms
11ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/270x180/2/3/0/1418230_johatsu_flyer_stills11024x576_518707_crop.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9463d505f58f5bc86bc95949f14a8170e58e28651aa1edffbcb815757a09e90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Tue, 27 Feb 2024 09:32:40 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 5287435
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 9436
x-amz-cf-id: pYiK4NaAZfhrF9XJ4JGoxqtWWufkqjFBo2EKQ1tQk4rwzAKSZdKIIg==
expires: Wed, 26 Feb 2025 09:32:41 GMT

GET
H2 200 1417624_202408746_1_rwd_1380_766827.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/270x180/6/2/4/ 13 KB
13 KB 12ms
12ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/270x180/6/2/4/1417624_202408746_1_rwd_1380_766827.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

91432c2c993af786be27b156bcceb90523225e554e958e01447682f05b3b6bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 19 Feb 2024 09:09:33 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 5980022
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 12983
x-amz-cf-id: rKpnx1Xi7ignMvxMbNMw9cmAHgtTk49msj98LFMqMZ5lxJoBBUgUHg==
expires: Tue, 18 Feb 2025 09:09:34 GMT

GET
H2 200 1417166_foxandhare_386693.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/270x180/1/6/6/ 11 KB
11 KB 13ms
13ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/270x180/1/6/6/1417166_foxandhare_386693.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0911ad1ad30a6a31eb9e4b6e8f631d7513f0b2caf0b9d76d7afd15cf3f5ff0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Wed, 14 Feb 2024 11:03:46 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 6405170
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 10812
x-amz-cf-id: xsUlL0bsC5XNovR7UzSM4jNVx8WO-7KtSCLUpgSraBwcs5v-5E6jPg==
expires: Thu, 13 Feb 2025 11:03:46 GMT

GET
H2 200 1416467_legrandphuket_251613.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/270x180/4/6/7/ 11 KB
11 KB 14ms
13ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/270x180/4/6/7/1416467_legrandphuket_251613.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

050448cb475249d393213778eeb70acbe275de35c74ba5b84e55cb25a6b81847

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Wed, 07 Feb 2024 14:29:50 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 6997606
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 11288
x-amz-cf-id: Qlub-7vjEVYKphlQ0q-UIT--qs9SjghDGG_uvHmeTDukj5BF_VxCVw==
expires: Thu, 06 Feb 2025 14:29:50 GMT

GET
H2 200 most Show response
d1nslcd7m2225b.cloudfront.net/ajax/ 5 KB
2 KB 45ms
45ms XHR
text/html 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1nslcd7m2225b.cloudfront.net/ajax/most?wid=2&_=1714313796404

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d304a510ac1dd0a1b945943318cb7e70e8f48d7e438500f7f4492e15f3022fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://d1nslcd7m2225b.cloudfront.net/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: private
x-amz-cf-id: NRBvFJgHv4llyFiKZNXKybcdhBt6zgOeOJX-XTdjq9R_-UxbiMPROA==
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 newslettersignup Show response
d1nslcd7m2225b.cloudfront.net/ 2 KB
1 KB 123ms
123ms XHR
text/html 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1nslcd7m2225b.cloudfront.net/newslettersignup?wid=4&navcode=5747&_=1714313796405

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0a27f0c7db70f732a245abfee559fdae32bfb91569092a2a1e53a33722e21bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://d1nslcd7m2225b.cloudfront.net/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
cache-control: private
x-amz-cf-id: J9Xb_JxNJECuKZHv3vrG-i8pFTJX2Yt6Fdzrm2ID-OdvBXzK2B6LUg==
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
216 B 40ms
30ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 87b7abcca9463633-FRA
access-control-allow-headers: Content-Type

GET
H2 200 1787080818148630 Show response
connect.facebook.net/signals/config/ 65 KB
14 KB 240ms
239ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1787080818148630?v=2.9.154&r=stable&domain=d1nslcd7m2225b.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59b5c3884b9e43e5ac0146f174150b341928d89caf859fc5e09cff3ce30ec682

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 14:16:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1294, tbw=63194, tp=-1, tpl=-1, uplat=232, ullat=0
pragma: public
x-fb-debug: 6sFcaazd4HO37l187Mm8Td/VXtJxD5ewSbbz78yefAlPe49TE6w7tM/xGxH/Litt0biXtLXqRpvFsuCb27RQeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
375 B 137ms
116ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0dd8101d-0986-452a-abcf-831fc012345d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f642e01-a958-471a-aca2-64fa493e9143&tw_document_href=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&tw_iframe_status=0&txn_id=oew8i&type=javascript&version=2.3.30

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 109
date: Sun, 28 Apr 2024 14:16:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b447d5e9b711b248
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 20731be23cff2ed6f91ea6e416c8727fd94757ba23082b61626e5f603a2d3965
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 213ms
187ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0dd8101d-0986-452a-abcf-831fc012345d&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f642e01-a958-471a-aca2-64fa493e9143&tw_document_href=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&tw_iframe_status=0&txn_id=oew8i&type=javascript&version=2.3.30

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 180
date: Sun, 28 Apr 2024 14:16:36 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: eaf8800953466bdb
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 61ce12cc5cb95c3448cea87dac343b0cdcce97333dc8fe029b8ad2580fec36be
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
205 B 201ms
181ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=05e5a6b8-de5b-4a7a-aafe-d505c3c07678&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f642e01-a958-471a-aca2-64fa493e9143&tw_document_href=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&tw_iframe_status=0&txn_id=odu1r&type=javascript&version=2.3.30

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 174
date: Sun, 28 Apr 2024 14:16:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0a491f0b6cbe8a84
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 20731be23cff2ed6f91ea6e416c8727fd94757ba23082b61626e5f603a2d3965
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
546 B 217ms
190ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=05e5a6b8-de5b-4a7a-aafe-d505c3c07678&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f642e01-a958-471a-aca2-64fa493e9143&tw_document_href=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&tw_iframe_status=0&txn_id=odu1r&type=javascript&version=2.3.30

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 183
date: Sun, 28 Apr 2024 14:16:36 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a0179af02e91d1de
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 61ce12cc5cb95c3448cea87dac343b0cdcce97333dc8fe029b8ad2580fec36be
content-length: 43

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/ 448 KB
140 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e838bb8caf249027ff1236bb9a02e382e21fe497273c1ba28edc4188b1e22873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17988
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142995
x-xss-protection: 0
server: cafe
etag: 2748456399490205869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 28 Apr 2025 09:16:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
97 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SWCENS45CR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6JMCT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15aef3863c4ce32e72027b1ce6067fb8940fea4b2646eb2242b7e5bdd173185e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Apr 2024 14:16:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6JMCT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Apr 2024 13:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1708
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 28 Apr 2024 15:48:08 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-881340325&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6JMCT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fa295b318ad0512dbc58f856723bcc77725bef91155f79ba8e0a4e00cf1f57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77968
x-xss-protection: 0
last-modified: Sun, 28 Apr 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Apr 2024 14:16:36 GMT

GET
H2 200 hotjar-136299.js Show response
static.hotjar.com/c/ 9 KB
4 KB 80ms
35ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-136299.js?sv=5

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

3e6925fca371430fb5f5b58bcde8f88a5fcb450d89d3340434a791750b76d4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c7334ca6fe1d761f9d203652b0fd4548
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 36gLrvhTlkNrd9c8_dbFvNnB0HLtumfoiiGY1N94zrQUqa0QC3Rohg==

GET
H/1.1 200
OK 161072.js Show response
secure.alea6badb.com/js/ 16 B
321 B 125ms
22ms Script
text/javascript 51.11.20.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.alea6badb.com/js/161072.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6JMCT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.11.20.152 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 16365dcef441ea8bdb15841951390b673ca2acb305ddd83df0a075570ece22d7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 28 Apr 2024 14:16:36 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=86400
Connection: keep-alive
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
97 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1XQNN4CBP7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZF83CW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f57a2ca091c0b58f0794b42e891d1ff0bf60ddb2162cf5af38d7d4b665bee77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99127
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Apr 2024 14:16:36 GMT

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/ 318 KB
76 KB 32ms
32ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: wv3c0qnkBhaWE//T4i2BGA==
age: 84798
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 77456
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:56 GMT
server: cloudflare
etag: 0x8D98DB717A4B865
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d1ef67d9-301e-006a-02d4-7a7830000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87b7abcd0cd468f7-FRA
expires: Mon, 29 Apr 2024 14:16:36 GMT

GET
H2 200 1421996_thursdaymurder_364083.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/9/6/ 3 KB
3 KB 9ms
8ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/9/6/1421996_thursdaymurder_364083.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9baf167f512d252230c05c4f689b5b26d211800084829f2a0c366ffa884870cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Tue, 23 Apr 2024 11:33:25 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 441791
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 3121
x-amz-cf-id: W7HQtlKn5wWMZYLi67q3-A_WOEssMWHiCWV3zpHZgWT9U8-P6deFWg==
expires: Wed, 23 Apr 2025 11:33:25 GMT

GET
H2 200 1421959_spectateursccgcinema_250579_crop.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/5/9/ 2 KB
3 KB 10ms
9ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/5/9/1421959_spectateursccgcinema_250579_crop.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e60b3dccc332500247f2755d50e306643cb056b480de84a1c89529d3d4b556dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 22 Apr 2024 15:35:40 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 513656
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 2273
x-amz-cf-id: cy3VialJGWDZ3scEpj7BXRHwACVpFYjuhvjS1GJY3RAbBlok-SNwCw==
expires: Tue, 22 Apr 2025 15:35:40 GMT

GET
H2 200 1422073_screenshot20240423at11.31.40_825864_crop.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/0/7/3/ 3 KB
3 KB 11ms
10ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/0/7/3/1422073_screenshot20240423at11.31.40_825864_crop.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3e2f7a016901e30bd6318025059004e96a610be19f856a3ae321fc0a7d5d9e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Wed, 24 Apr 2024 09:26:53 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 362983
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 2715
x-amz-cf-id: 3DVKmwTJf9q5K6cAmuF34AHmue0E3WwNZ2M_5NvgiJWo3x0KcgXr5Q==
expires: Thu, 24 Apr 2025 09:26:53 GMT

GET
H2 200 1421964_oscarsgeneric_505994.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/6/4/ 2 KB
2 KB 12ms
11ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/6/4/1421964_oscarsgeneric_505994.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2470b3989f7305d3522d143e2ee7c4a96623a994c3888bce7f5ee18c8d7afd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 22 Apr 2024 18:16:45 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 503990
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 1955
x-amz-cf-id: psQd5LkvEyaBzRpX-uBMQwcYIrVT42I4bgv55bOfa925iJJGWpo91A==
expires: Tue, 22 Apr 2025 18:16:46 GMT

GET
H2 200 1421974_sasquatchsunset_exclusive_jesseeisenbergandchristophezajacdenekinsasquatchsunsetcourtesybleeckerstreetcopy_215926.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/7/4/ 3 KB
3 KB 13ms
12ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/7/4/1421974_sasquatchsunset_exclusive_jesseeisenbergandchristophezajacdenekinsasquatchsunsetcourtesybleeckerstreetcopy_215926.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ad12e63caf09c98913b61b214545c94ad8810a95de7d3b89c698de7a54367a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Tue, 23 Apr 2024 09:21:36 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 449699
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 2591
x-amz-cf-id: XsGN2gNj_ogpqVjja77hYUwwYQwOzBw9ENH1lm2Js4vVF_sWNYRUcA==
expires: Wed, 23 Apr 2025 09:21:37 GMT

GET
H2 200 1421953_blackcivilabigail_619983.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/5/3/ 3 KB
3 KB 14ms
13ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/100x67/9/5/3/1421953_blackcivilabigail_619983.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49d97b3466745d2b0588865c6d2d04f803cfd2e4456ac9b003a471d61d82b594

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 22 Apr 2024 12:23:44 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 525172
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 2681
x-amz-cf-id: LTZY5xQC5Rmy5dW4SpHDSjGcA6MPeNzLvcd76g8t2PDpl9XRghb6lg==
expires: Tue, 22 Apr 2025 12:23:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
218 B 15ms
15ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1995943172&t=pageview&_s=1&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&ul=de-de&de=UTF-8&dt=Screen%20Daily%20%7C%20Film%20News%2C%20Film%20Reviews%2C%20Film%20Festivals%20and%20Awards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1575530806&gjid=1183954395&cid=1309366361.1714313797&tid=UA-37114222-3&_gid=985507374.1714313797&_r=1&_slc=1&gtm=45He44o0n71T6JMCTv71803721za200&cd1=NONE&cd5=null&cd7=5233&cd13=Granted&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=893316774

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 14ms
14ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1995943172&t=pageview&_s=1&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&ul=de-de&de=UTF-8&dt=Screen%20Daily%20%7C%20Film%20News%2C%20Film%20Reviews%2C%20Film%20Festivals%20and%20Awards&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1720329739&gjid=2045201452&cid=1309366361.1714313797&tid=UA-77918893-18&_gid=985507374.1714313797&_r=1&_slc=1&gtm=45He44o0n81NZF83CWv76956489za200&cd3=null&cd5=5233&cd6=False&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=730550300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 316 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dc8ca10ee920defa39ddb9c216c596ce0f5f7bdf581b93c01527b123852dbb4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ 386 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 050c6ffb96c6204489130d9d233c18cdf57ef1c8626af805754cbd29d14bd072

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 508 B
248 B 60ms
43ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1823467652545083&correlator=3478392304105324&eid=31079956%2C31081517%2C31083109%2C95331444&output=ldjh&gdfp_req=1&vrg=202404230101&ptt=17&impl=fif&ltd_cs=1&iu_parts=21612928716%2CScreen%2CWallpaper&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&sc=1&abxe=1&dt=1714313796719&lmt=1714313796&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&dlt=1714313796292&idt=402&prev_scp=url%3D%252F&cust_params=loggedin%3DFalse%26navcode%3D5233%26storycat%3Dnull%26categories2%3Dul%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D&adks=1586091931&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

86fd98bcfed3d6efaa1c0515bcdecac3282d8bfa6c47dca4ef5a4a3821ac1025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 408 B
169 B 82ms
65ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1823467652545083&correlator=3478392304105324&eid=31079956%2C31081517%2C31083109%2C95331444&output=ldjh&gdfp_req=1&vrg=202404230101&ptt=17&impl=fif&ltd_cs=1&iu_parts=21612928716%2CScreen%2COverlay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&sc=1&abxe=1&dt=1714313796724&lmt=1714313796&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&vis=1&psz=1600x0&msz=1600x-1&fws=0&ohw=0&dlt=1714313796292&idt=402&cust_params=loggedin%3DFalse%26navcode%3D5233%26storycat%3Dnull%26categories2%3Dul%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D&adks=3237111805&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

cc65963efd63126a5c90be746dad04d9c20d1fe03ab3f7668779c363c226b207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 65 KB
23 KB 71ms
54ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1823467652545083&correlator=3478392304105324&eid=31079956%2C31081517%2C31083109%2C95331444&output=ldjh&gdfp_req=1&vrg=202404230101&ptt=17&impl=fif&ltd_cs=1&iu_parts=21612928716%2CScreen%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x250%7C970x250%7C728x90&ifi=3&sfv=1-0-40&sc=1&abxe=1&dt=1714313796725&lmt=1714313796&adxs=288&adys=233&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&vis=1&psz=1024x250&msz=1024x0&fws=0&ohw=0&dlt=1714313796292&idt=402&prev_scp=allow_expandable%3Dtrue&cust_params=loggedin%3DFalse%26navcode%3D5233%26storycat%3Dnull%26categories2%3Dul%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D&adks=2621739385&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

739ce1e266ac90396651048e2661bcf53aab5e0682cc347723c4c3e42cfd014d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23987
x-xss-protection: 0
google-lineitem-id: 6713780762
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138473637055
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 65 KB
23 KB 76ms
59ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1823467652545083&correlator=3478392304105324&eid=31079956%2C31081517%2C31083109%2C95331444&output=ldjh&gdfp_req=1&vrg=202404230101&ptt=17&impl=fif&ltd_cs=1&iu_parts=21612928716%2CScreen%2CSectionDivide&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90&ifi=4&sfv=1-0-40&sc=1&abxe=1&dt=1714313796726&lmt=1714313796&adxs=308&adys=1526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&vis=1&psz=984x0&msz=984x0&fws=0&ohw=0&dlt=1714313796292&idt=402&cust_params=loggedin%3DFalse%26navcode%3D5233%26storycat%3Dnull%26categories2%3Dul%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D&adks=51935869&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4adf7afa1d8d16eb62d4090a1c2518ecb7d4ee3fa949473d83fdcdf1139768f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23985
x-xss-protection: 0
google-lineitem-id: 6701097557
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138470469953
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 65 KB
23 KB 82ms
66ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1823467652545083&correlator=3478392304105324&eid=31079956%2C31081517%2C31083109%2C95331444&output=ldjh&gdfp_req=1&vrg=202404230101&ptt=17&impl=fif&ltd_cs=1&iu_parts=21612928716%2CScreen%2CLargeMPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=5&sfv=1-0-40&sc=1&abxe=1&dt=1714313796727&lmt=1714313796&adxs=986&adys=3386&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&dlt=1714313796292&idt=402&cust_params=loggedin%3DFalse%26navcode%3D5233%26storycat%3Dnull%26categories2%3Dul%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D&adks=3358487432&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1e149725982499d82b0102fc3cb7df53a506ae9f2290badc4a29652472971c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24006
x-xss-protection: 0
google-lineitem-id: 6713782754
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138472916601
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 65 KB
24 KB 87ms
71ms Fetch
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1823467652545083&correlator=3478392304105324&eid=31079956%2C31081517%2C31083109%2C95331444&output=ldjh&gdfp_req=1&vrg=202404230101&ptt=17&impl=fif&ltd_cs=1&iu_parts=21612928716%2CScreen%2CSectionDivide&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90&ifi=6&sfv=1-0-40&sc=1&abxe=1&dt=1714313796728&lmt=1714313796&adxs=308&adys=7490&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&vis=1&psz=984x0&msz=984x0&fws=0&ohw=0&dlt=1714313796292&idt=402&cust_params=loggedin%3DFalse%26navcode%3D5233%26storycat%3Dnull%26categories2%3Dul%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D&adks=2174245843&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b0f49328fefb11238fd899bb0b2d04bbd11b63f551c4c32d91e045826a649fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24037
x-xss-protection: 0
google-lineitem-id: 6470193070
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138471489648
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
88c9506a2cf63a437aaffa33b8cb6c07.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F5FB 0
0 69ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://88c9506a2cf63a437aaffa33b8cb6c07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://d1nslcd7m2225b.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Apr 2024 14:16:36 GMT
expires: Mon, 28 Apr 2025 14:16:36 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.json Show response
cdn-ukwest.onetrust.com/consent/9135b9e3-8796-4495-a4a1-5fd2085b2b56/5e82207d-b9bc-41e3-8559-383235cc57ba/ 39 KB
12 KB 133ms
132ms Fetch
application/x-javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/9135b9e3-8796-4495-a4a1-5fd2085b2b56/5e82207d-b9bc-41e3-8559-383235cc57ba/en.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba17ced8f207a0878610b754eb582d36e9346ea2f280d5856644ec8a0bd174d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:36 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: GelnX60rdLtyYEgnMfCOtQ==
content-length: 12035
x-ms-lease-status: unlocked
last-modified: Fri, 01 Dec 2023 10:12:15 GMT
server: cloudflare
etag: 0x8DBF255FE5E62BA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e663d005-b01e-0010-5bcc-93929b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87b7abcdaa8c3633-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37114222-3&cid=1309366361.1714313797&jid=1575530806&gjid=1183954395&_gid=985507374.1714313797&npa=1&_u=YEBAAAAAAAAAAC~&z=803002985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
358 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-77918893-18&cid=1309366361.1714313797&jid=1720329739&gjid=2045201452&_gid=985507374.1714313797&npa=1&_u=YEDAAAABAAAAAC~&z=376635410

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SWCENS45CR&gtm=45je44o0v9103653083z871803721za200&_p=1714313796407&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1309366361.1714313797&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714313796&sct=1&seg=0&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&dt=Screen%20Daily%20%7C%20Film%20News%2C%20Film%20Reviews%2C%20Film%20Festivals%20and%20Awards&en=page_view&_fv=1&_ss=1&ep.story_categories=null&ep.nav_code=5233&ep.content_access_status=Granted&tfd=718
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SWCENS45CR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.25f289cf2c430c5f1dfb.js Show response
script.hotjar.com/ 221 KB
55 KB 34ms
8ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.25f289cf2c430c5f1dfb.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-136299.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

bcce269fe4e329e6aac07bda59f9f10948f0ff09a492146306f16bfc24a99e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 13:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 263790
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55734
last-modified: Thu, 25 Apr 2024 12:59:19 GMT
etag: "3ff5bf469e0b33aaa48641e0415af35f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gTSLBUxfJrAgZAWroEAh1Rnb2XmqxhQlfKaDPMHOvsApaVrDqXI81Q==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1XQNN4CBP7&gtm=45je44o0v9101666660z876956489za200&_p=1714313796407&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1309366361.1714313797&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714313796&sct=1&seg=0&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&dt=Screen%20Daily%20%7C%20Film%20News%2C%20Film%20Reviews%2C%20Film%20Festivals%20and%20Awards&en=page_view&_fv=1&_ss=1&ep.FullNavPath=%7C1%7C5233%7C&ep.NavCode=5233&ep.StoryCategories=null&ep.UserStateLoggedIn=False&tfd=773
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1XQNN4CBP7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1nslcd7m2225b.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
30ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77918893-18&cid=1309366361.1714313797&jid=1720329739&npa=1&_u=YEDAAAABAAAAAC~&z=241251524

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
34ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77918893-18&cid=1309366361.1714313797&jid=1720329739&npa=1&_u=YEDAAAABAAAAAC~&z=241251524

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
31ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37114222-3&cid=1309366361.1714313797&jid=1575530806&npa=1&_u=YEBAAAAAAAAAAC~&z=232294601

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
34ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37114222-3&cid=1309366361.1714313797&jid=1575530806&npa=1&_u=YEBAAAAAAAAAAC~&z=232294601

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame B7CF 0
0 57ms
42ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvD0Qmg0qMY_SDCmRgiYnTnO3W92WoleDXjNhpMv_WSRS9XPHMzuUjcuuBpbCvnewcBDa-memoBmVQZKdwXwA15F_k_2ch6NBR8RWldNXPu_pdEAAmtBa_NqbbVtvhKjCB-3BbbN_YwxgkPjhVK1cmhe0oiKWTcUSvDocJoFo1M-MIiS366V7Kw2syX5CTHtZgkE48EusddnhCaF_CktISs0NNnHb6BqsC1-91QEbLXi5SNVgPwVOsKEn24hwMBVGIQVcuM7SJLcaOZU3zXJX2fqyzqhoVBSOlZhLg5Y5utwe4r2tOEnIC1JSV5_iBhJUQQkdkoiI2V4KkxIjs5KNDKiM5dgBoUDIKS6sqVhZDRRw-CnziTphNYwQQxOA52QPV4nUQ&sig=Cg0ArKJSzEnh8LuNbyuKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/ Frame B7CF 23 KB
9 KB 32ms
18ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/ Frame B7CF 3 KB
1 KB 33ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B7CF 214 KB
65 KB 20ms
7ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b47638e2b3e5a0f28ac238700ecd6a54d333bd521a54b20bb873a565fec58687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 13:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66271
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 14:16:50 GMT

GET
H2 200 2020551830225354233
tpc.googlesyndication.com/simgad/ Frame B7CF 320 KB
320 KB 63ms
26ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2020551830225354233

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7464e7b6b078427ba0e451df3a4df0dccfb26107d94a6e41e13b7fc747bdc0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 26 Apr 2025 17:05:20 GMT
date: Fri, 26 Apr 2024 17:05:20 GMT
x-content-type-options: nosniff
age: 162676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327499
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 15:32:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D80E 0
0 45ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu7PAZprNP7xyRatTwSO-ATcyEsR4bXu9r1PLshjO8-gWq7HYECjl2gB4U9UZSC7MOTSPoSlGIsBSkwZzJ4Z9zkvq4-ZIxcne1HCzuPJsot5P8zTgDsZlNT9nktFpHzclJa_x9yvL1M9RYVPe1NuxVYzQCZqJcELta2ykvSEsEZpYpoyErw30aPbz79oEswOWUodWeS_zqYUlU2vPx7IeCnoWzpOO1S6fzRF9OAnvUHGeKSCNAcTbGhKPDAKm_C9KPB8IpLZcArnCqFjrXdI8NwrXkc-9exQegFah9NKF4cn3Jh6dYHRbWYRrSqTfXdcQfuTR1RYzTcRiTkIWPjFA3hB3EdGyg3e7OTFadvd8IhfsJPAhnFtQR7Qaki_dLLlxT-OJrjc123&sig=Cg0ArKJSzGd5uWwzK7hbEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/ Frame D80E 23 KB
0 22ms
22ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/ Frame D80E 3 KB
0 23ms
23ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D80E 214 KB
0 10ms
10ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b47638e2b3e5a0f28ac238700ecd6a54d333bd521a54b20bb873a565fec58687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 13:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66271
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 14:16:50 GMT

GET
H2 200 10808494084379819965
tpc.googlesyndication.com/simgad/ Frame D80E 222 KB
223 KB 59ms
33ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10808494084379819965

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147a18296dd73d61cc64ceb932c668b204f645ac35b42ad5dd6ea90a3632202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 24 Apr 2025 11:41:36 GMT
date: Wed, 24 Apr 2024 11:41:36 GMT
x-content-type-options: nosniff
age: 354900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227694
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 16:19:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame B7CF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3382f85aa3c93cafe0c34cbbb1c41c7ed15fb739c5af53f3de3a760052ce1758

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D80E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d850888d49e3f4860b0b6f687beff6d2fbb933d0e683d860951a1042f529c5d5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 463B 0
0 43ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvhp9akK0ahFCTtRwoJxjnAs5GyW_p6v_VD69h7j0OChDeby0Oyp-qUPk_ojbkMHCBRcvjplN6bHGXCxWuFVHrI9-QfDJSKsJJqT7Zdf5ImblN8J9lakIF1vL-H4tjv2107z0yEvJXpdUSp_njd45dVGKrmLv-lvSMoJoMTIaV-c1ZD0qcKkzcEVxCRKG6kCUPYLDkS60TuqlY8fPr9ZF_8APMMCnFqM9UdaF0r4uyzpu3atT3qsujYvJeUbCgq3_uUE_HYArA-4BZKv-Zeio8ph9IikZ5lqwiq-KMJH6g5wZboy7k5Op8q1Uvd640xvXWUXTbQiR6WoHLgFWR7IqDlSa-PGy7YHuMQslqDVGJFheq4CPx93IBtZ4FTf57PHu-ZmA&sig=Cg0ArKJSzEpEG193mrrQEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/ Frame 463B 23 KB
0 7ms
7ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/ Frame 463B 3 KB
0 8ms
8ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 463B 214 KB
0 2ms
2ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b47638e2b3e5a0f28ac238700ecd6a54d333bd521a54b20bb873a565fec58687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 13:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66271
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 14:16:50 GMT

GET
H2 200 8827922871982861005
tpc.googlesyndication.com/simgad/ Frame 463B 122 KB
123 KB 18ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8827922871982861005

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb813e3cad062dc65c95e43b18d394cd341e57700570232801a777e84679864d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 25 Apr 2025 15:52:04 GMT
date: Thu, 25 Apr 2024 15:52:04 GMT
x-content-type-options: nosniff
age: 253472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124972
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 15:34:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5A11 0
0 41ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvWobX0lO0bw_ZHqCl5jBwQCJ--ZPr41OQyPZ3s23DveUwbpWykKdVXEcfYPn9OiDeuKMJ0RBIySh5qj67xGiV7MdIj6b4nGOazhQBwRHFB5sXak9FaiopOPlxafYJKDMHpCLzi1MqmZgvEIK5nkvBzbNFcCp4iAmjjo8gYzAvDgkZjzuSu1341t0UUEGMif6cEGUOIGdiiZhN1RUYXeh2eSBXMA-dlR0okZ7cRpfwK2EEFUIJFIGzSE7EGUwWXZcT67rOUlf93TR4vXZnb_1R8uBR-By9XQI-TA99nQhyXBQsDA7KaXpAJ3AAfhQjTTa78BuoUqRoBsxJz3pEr22KwWXsliKvcXd5_cYEBqs9MOaBdqeIwT_BbKliT7y8jN91BGiAptnru&sig=Cg0ArKJSzKTw6Nq9wx8BEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/ Frame 5A11 23 KB
0 0ms
0ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/ Frame 5A11 3 KB
0 1ms
1ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240424/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 09:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 May 2024 09:16:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5A11 214 KB
0 1ms
1ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b47638e2b3e5a0f28ac238700ecd6a54d333bd521a54b20bb873a565fec58687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 13:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66271
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Apr 2024 14:16:50 GMT

GET
H2 200 10338862573206940960
tpc.googlesyndication.com/simgad/ Frame 5A11 183 KB
183 KB 41ms
40ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10338862573206940960

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b43c0f2ad2c5e8ced81c2058c607a2eeea4819eda28f0062628cfa87e9100e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 26 Apr 2025 15:46:48 GMT
date: Fri, 26 Apr 2024 15:46:48 GMT
x-content-type-options: nosniff
age: 167388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 187057
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 14:33:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 463B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf85c8e0961a19e4026f2142fb4da58f3f6cdeed77b23b076c9aa9d74390110e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5A11 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 170bfd146da133588478c01004dbc5df51cbc1a06addc4dec20827e322353892

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3254793074533493 Show response
connect.facebook.net/signals/config/ 26 KB
3 KB 225ms
225ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3254793074533493?v=2.9.154&r=stable&domain=d1nslcd7m2225b.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

4a4d5ac38ea2b4ea82cd90b52576bdb1d0dc56ca7e5c609411154b7c33ba77b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 14:16:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4602, tp=11, tpl=0, uplat=217, ullat=0
pragma: public
x-fb-debug: 3MHMwX0nKYA/DkgdNBSeRg1X71/ZRslaSTQzGjBlDmCsoJmyI9VG6mCPH1VA7nhjAB4pg8b2k0JOT/ZjeqFbaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 28ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1787080818148630&ev=PageView&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&rl=&if=false&ts=1714313796950&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.2.1714313796948.2036118792&cs_est=true&ler=empty&cdl=API_unavailable&it=1714313796600&coo=false&rqm=GET

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2760, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 14:16:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 otCenterRounded.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 9 KB
3 KB 51ms
50ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCenterRounded.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:37 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: GusGKeZw4BFJM/nj45byyg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:46 GMT
server: cloudflare
etag: 0x8D98DB711EF37BF
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ec394e39-501e-0055-5c61-994778000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87b7abcefbfd3633-FRA
expires: Mon, 29 Apr 2024 14:16:37 GMT

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/v2/ 47 KB
11 KB 115ms
115ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/v2/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:37 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 9E3lVDuBS011aFtnS8Lptg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11581
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:47 GMT
server: cloudflare
etag: 0x8D98DB7124E10A5
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6fa2355e-a01e-008a-6c61-990c42000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87b7abcf0c003633-FRA
expires: Mon, 29 Apr 2024 14:16:37 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 5 KB
2 KB 94ms
94ms Fetch
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:37 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: faMrXPz5JqfF3CH105XLtA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2144
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:45 GMT
server: cloudflare
etag: 0x8D98DB710DEBDEA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3934ea03-301e-0031-2661-99b6e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87b7abcf0c023633-FRA
expires: Mon, 29 Apr 2024 14:16:37 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 20 KB
4 KB 114ms
114ms Fetch
text/css 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCommonStyles.css

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 28 Apr 2024 14:16:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:33:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c843123f-001e-0077-1261-998267000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87b7abcf0c033633-FRA
expires: Mon, 29 Apr 2024 14:16:37 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame B7CF 0
0 40ms
40ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst24v739WfJ9kRKGlsGBjvRZHL7BHzajp5HyPitL_gD9-Dsitokb5S6Yj102aD8abize3cMZSdAYMHU0H0StacN6i2AwDOyySKQJ7QcaTuJ18He0kX2oon_LBPxmWqIJHxniwlkmEc1jNzLs3tmBdM6FE43pdH_d0SdE64z9nH2LXoJLLNQdMW_TuvDPS9d5a0aN4-IbzfVLC4GnOa8P_fcA_otBvGNbNQ8nxYonykFcaf2YOGySsrwwE__vSOJ_O8sp4bo9uBFJZUvGyaaPPRlc7nhZvmVI15jFKtjnpeOfKokldC23oIVK2rm75fuBpKDOK3zt3YQBAa6tTBf0_7DZA1j-x-3pdi3kn0-_psqM7Ug9s9-dV4UdeWNMD9X8McIdDgIog&sig=Cg0ArKJSzIN4V3FeeDvGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CF 0
0 38ms
38ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D80E 0
0 41ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstMVVRynvlwuxQwAfeqTNqazyOEaxmmGQ575FlLV2kK9aHzeVMogDc3j96fPmAwhvZw7aqSXFZZJTlOIHBTMRjVqBtItejJXT_Bkuct1BaQsrriDEv6aeiRJ-VzrKv-deGZNBnqLHoL87fod54doFoiDY23qG4F2jIiFNvdjRXEjUK_UI2-JHg_qW62UpHbh8keeD8I4iCVld_s3h3342hjCN6DkqGxXa5EB6kZyLniTfiK0J_Uo2kDuslgiw3UM6e0ZtS2KSm_t3fRVkusgIomwbDZ8o3ws5acP1QUoIMiezVF7KCERDw7GcRVBegHklczHgLX1kxFvRSUlZk7SNg6akToZiBppAMMEEdjLvga3a4RSC9kBAUhXZAGtd1C5ADFgdEt0H3oZVY&sig=Cg0ArKJSzHsAqJPCqbWvEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D80E 0
0 61ms
37ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 463B 0
0 41ms
41ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsufYCSu95zPIw7U7J8_Tq0D-9fv9qvvfraWEiejIxr8jmUOlnqLjcLQiIGsVtelSXIEcyLs_aUNU7Zsc96Paj7h6IzdTMNsj89UJoyVu9EWl4X2WAY3LHUZTyZ5kehqqKS9I0iUgrb9lur3kNkIWvS7NR6DTjcR4D1MFhWs8nDmof1tTKmJ1lRWmiCMmQBxbNoh85McX--cKu02TsF5T6rWLIGGuAKcZRo7z3zxS91vGrCqyjpzhxydA3uflZ1T_OI2jmSw9xDmQGBy8-Bm0-QokEntzVFIrTj-EODe8Lpvlx2lBXPg2-EoxKk43T7YS3o-tVW4BsNd0wdcF1aX8QK80r83GVqhc2Z6rQtwqax3ukfAcbDV-9bXwXA4SdbN5QtiwAoR&sig=Cg0ArKJSzOT2FsUjkEniEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 463B 0
0 84ms
39ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 5A11 0
0 44ms
44ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv6wnkSTyo8RDpUoRnqsky3mt04_qTTRjN-0FVf4IYV-JLg6hkqQIsPiu-5as0ch-ArMW8Qxz0lZ6tov02qm_LWUedWlaQE824WvjBMnoOWGyuaU9flWl_h0e3ycdKpnmF7O9Bm00K0_iGS9ZmSipXxTAKxYmJHOHZ6CqRGD-HKMfyuCsVIagzzT5rYnOJkg6osptOEU4dcYUlPu3pgEfGc1GkJQwCM6bM9VWiaX7p4wOaSIwqZRJTk5GYEHALzdULSUj7vnjEs4cbQ83yApbabX2fdfPqeavFsEjqlMYfYOoE0ovskfqenDCFpYTpShwHqWyBRDR6Bh2F2g0Pq-SAufSqJn2fDb50UVlDAaXgHCvKiLqGzWPtgxRlG8qbdZW8ObAw9l9xrt-Q&sig=Cg0ArKJSzKCXapREnH2QEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A11 0
0 103ms
39ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 292225604573767 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 186ms
186ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292225604573767?v=2.9.154&r=stable&domain=d1nslcd7m2225b.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

8dfce3aa666615cfb5a1942661a2e0ac0c28bee2b4f0df7d9c6fec60301838a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Apr 2024 14:16:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=28, mss=1232, tbw=10330, tp=17, tpl=0, uplat=178, ullat=0
pragma: public
x-fb-debug: H68fPLdHZStbPexssAP0HxGJV1Jnhr0knuEJNBrG8hH63BIydwH9bOxcGhgtzpuAQPUNFcou3Q4oj18jVvsq5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
126 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3254793074533493&ev=PageView&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&rl=&if=false&ts=1714313797181&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.2.1714313796948.2036118792&cs_est=true&ler=empty&cdl=API_unavailable&it=1714313796600&coo=false&rqm=GET

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1294, tbw=3112, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 14:16:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 9ms
8ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292225604573767&ev=PageView&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&rl=&if=false&ts=1714313797372&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.2.1714313796948.2036118792&cs_est=true&ler=empty&cdl=API_unavailable&it=1714313796600&coo=false&rqm=GET

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4749, tp=14, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 14:16:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 9ms
9ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1787080818148630&ev=ViewContent&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&rl=&if=false&ts=1714313797373&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.2.1714313796948.2036118792&ler=empty&cdl=API_unavailable&it=1714313796600&coo=false&rqm=GET

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=5021, tp=15, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 14:16:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 9ms
9ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3254793074533493&ev=ViewContent&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&rl=&if=false&ts=1714313797373&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.2.1714313796948.2036118792&ler=empty&cdl=API_unavailable&it=1714313796600&coo=false&rqm=GET

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=5165, tp=16, tpl=0, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 14:16:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 10ms
9ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292225604573767&ev=ViewContent&dl=https%3A%2F%2Fd1nslcd7m2225b.cloudfront.net%2F&rl=&if=false&ts=1714313797374&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.2.1714313796948.2036118792&ler=empty&cdl=API_unavailable&it=1714313796600&coo=false&rqm=GET

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=5309, tp=17, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Apr 2024 14:16:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 1422245_laurentcantet_646177645_credittaniavolobuevashutterstock_533059.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/780x520/2/4/5/ 35 KB
35 KB 9ms
8ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/780x520/2/4/5/1422245_laurentcantet_646177645_credittaniavolobuevashutterstock_533059.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5ceae09aaf88546a28815ec97c48f046c8c42e1ded074bcd37072dde4cfa8744

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Thu, 25 Apr 2024 16:35:36 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-MAIN
x-amz-cf-pop: FRA60-P4
age: 250860
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 35813
x-amz-cf-id: eapWEjca_0asPBsoiK1ZkTPKjY2TV6lS8lf7ZlwWUE2KOhIyYL_G0A==
expires: Fri, 25 Apr 2025 16:35:37 GMT

GET
H2 200 1422310_kraventhehunter_921624.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/780x520/3/1/0/ 35 KB
35 KB 12ms
11ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/780x520/3/1/0/1422310_kraventhehunter_921624.jpg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ed41b9dad3df6041af90a4caed26205d4f635b1f0af6904cf6b11b4501012acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Sat, 27 Apr 2024 01:10:13 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-2
x-amz-cf-pop: FRA60-P4
age: 133583
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 35675
x-amz-cf-id: 2Zb-NkPK36PSIvrLa_UEne6XnXo9q7cCmbsMrZJddIBFqVxD0eYchw==
expires: Sun, 27 Apr 2025 01:10:14 GMT

GET
H2 200 1422272_thewildrobotcuniversal_638708_crop.jpeg
d1nslcd7m2225b.cloudfront.net/Pictures/780x520/2/7/2/ 52 KB
52 KB 10ms
10ms Image
image/jpeg 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1nslcd7m2225b.cloudfront.net/Pictures/780x520/2/7/2/1422272_thewildrobotcuniversal_638708_crop.jpeg

Requested by

Host: d1nslcd7m2225b.cloudfront.net
URL: https://d1nslcd7m2225b.cloudfront.net/Magazine/core.js?p=7319412482520226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fa31b4e3cdf078b0b17dfc076db6d1be8cb08323907d235ea19963d4da43bcb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Fri, 26 Apr 2024 10:12:25 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
age: 187452
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 53286
x-amz-cf-id: u6WqKMI3zXcYNuYsI4E48rMW41sfRu5XihrnBAXW-4ErRqo3ZhApwg==
expires: Sat, 26 Apr 2025 10:12:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
54ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

950001f949bd0c2f4fef1ead6b4c84bc58c56e34bd91e6c56c9318381bc20597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12229
x-xss-protection: 0

GET
H2 200 favicon-32x32.png
d1nslcd7m2225b.cloudfront.net/magazine/dest/graphics/favicons/ 1 KB
2 KB 86ms
86ms Other
image/png 2600:9000:225e:6000:1f:a060:57c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1nslcd7m2225b.cloudfront.net/magazine/dest/graphics/favicons/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:6000:1f:a060:57c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

86b89b4f01f9a44b4419c1773acad42b28ef655d7b828011b5e04e363e08b6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:37 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 11:10:24 GMT
x-server-name: LIVE-FAILOVER-1
x-amz-cf-pop: FRA60-P4
etag: "1adeab8ed6eda1:0"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1124
x-amz-cf-id: UBysJsnqZzLq8412N6FwmOROXNXjvTLqsh6nozi4f74g7RCPzRdxTQ==
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 14:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 14:16:37 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4BE 0
0 26ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://d1nslcd7m2225b.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 17946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Apr 2024 09:17:31 GMT
expires: Mon, 28 Apr 2025 09:17:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B7CF 42 B
64 B 42ms
42ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4eabXynfaIPsWxgRJpW_CUkXe147sIZptExPlixjl3zcTCLSQJb0wPqu0dbTh5oDk8KNKOiZXVDDaF5XzNhQkoYM_O7TZg11njUqa6uEHy8MO3ZNwYcexDmz2fyoPQauWTig7XEzcwYwKCr_A3ok5pLEVcAejT4HkWhTxz2Mf9Rc&sig=Cg0ArKJSzIYeskNhcbvKEAE&id=lidar2&mcvt=1000&p=233,315,483,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240424&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2621739385&rs=4&la=1&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ%3D%3D&vs=4&r=v&co=1024659600&rst=1714313796837&rpt=141&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://d1nslcd7m2225b.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 28 Apr 2024 14:16:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404230101&jk=1823467652545083&bg=!kJOlk9zNAAYBeExMIXg7ADQBe5WfOGF8jG28NH9DiVTryXJDq2H0VAJ1ZHvMM923cXmnIIedVFUCudcRBJB1dQCJCkL5AgAAACRSAAAAAWgBB34ANXvox-rVf3fRpqCgblN4y9HLhB3gGQEGpWyUmHXqwMoP62o2WBLUYziFdKgScQ4eSgm4qvEFCgASbX2b_KXwC7c6z9TXXKJLdDFQmQKnorUaGxrXUZFX3x_nJPsgTHXsItztPrI68DLmSdpOQoNNYRVHGZ88VlcSMRA7dIjm7mpOZBgAWw3iGI0oTwv2BXVVg3aWbphgeZi4oXz6Hw2Oj4rDqKOYAoqaIDiFQQ7yhd30XG83wgsgo7VJ40dLvuEZLNSQSlUzNXbLbFwq8xRsbUB91HBQajykPPvrSVEGwYjsqkPtCl7M7tI8U__qU_NUTdmWHa4bn0trsEmXzX1QwjXxVKUmULgb0Ew8U7vF0sbdgkiRPrIfCR492p7a140vqnfv5v_-z6CshoUsV6TSufjol2Ja2C0_OAirzcq66B8KHp0raHos9pravP4mDJfTKSKEDKObaZ8Wnl0NBjn0PmnaVBVPk7Y6BFOWf3eKHCOSAK24o3qiNdHJfNuF52I0aZ0MyCdIEyOS3cBtnUhACqGYmD1IO15GXAD5iOkoyQoCh5FrqdOtbq5Dx-DbiIy7G0QMjNlkszASI1iC0twenjfISFOr6VDG3hf3JkiQQx7qpMOT6G5W6O8GUW_tLMVDyAjKHfVYwioXLRb-0kosTVr5sa3T2UmfRQ-5un2l9CO4I5Vg11Sflf16AwaEbuQ1BmImQffpjI04fvFKuOzHDfZUm7tzQRPe-5X83y0AOiCojGOWjrZY9ypW2mJBpYPiwci9Oh3YilLgcmGvERe3EJCUwyPguS17Xet2AkTSEm3ZtvjszsKjFS2ouOC-aLvQhoIb6yeK_WfO73sYxzRCZfoHjG6n9SpGsO7dOwXF7s_ZdCDAcaTjhT9jfXaeE63wtZKveHCwIIHX3y-4WWOt8VBg0n4mwsAvWSNoWBT3DA1Pv4f9YN0Q9FFHHi-BTohj2ZjijNizvr4Badrhdlg0g44ZHpKOdA1-rgTta4OGQQ1ulv8R1g

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
d1nslcd7m2225b.cloudfront.net/	1969-12-31 23:59:59	Name: _js Value: 1
.d1nslcd7m2225b.cloudfront.net/	1970-01-20 20:13:20	Name: _gid Value: GA1.3.985507374.1714313797
.d1nslcd7m2225b.cloudfront.net/	1970-01-20 20:11:53	Name: _gat_UA-37114222-3 Value: 1
.d1nslcd7m2225b.cloudfront.net/	1970-01-20 20:11:53	Name: _gat_UA-77918893-18 Value: 1
.d1nslcd7m2225b.cloudfront.net/	1970-01-21 05:47:53	Name: _ga_SWCENS45CR Value: GS1.1.1714313796.1.0.1714313796.0.0.0
.d1nslcd7m2225b.cloudfront.net/	1970-01-21 05:47:53	Name: _ga Value: GA1.1.1309366361.1714313797
.t.co/	1970-01-21 05:47:53	Name: muc_ads Value: 1067bc5f-6493-44f1-9895-0e5367302ba3
.d1nslcd7m2225b.cloudfront.net/	1970-01-21 05:47:53	Name: _ga_1XQNN4CBP7 Value: GS1.1.1714313796.1.0.1714313796.0.0.0
.twitter.com/	1970-01-21 05:47:53	Name: guest_id_marketing Value: v1%3A171431379669569302
.twitter.com/	1970-01-21 05:47:53	Name: guest_id_ads Value: v1%3A171431379669569302
.twitter.com/	1970-01-21 05:47:53	Name: personalization_id Value: "v1_ZiQWiaAvrI7FOQhw/VPLpQ=="
.twitter.com/	1970-01-21 05:47:53	Name: guest_id Value: v1%3A171431379669569302
.d1nslcd7m2225b.cloudfront.net/	1970-01-21 04:57:29	Name: _hjSessionUser_136299 Value: eyJpZCI6IjE4Y2NlN2Q3LTA5NDMtNTc2Yi05MTc4LWM0MmMwZjliYzE4YyIsImNyZWF0ZWQiOjE3MTQzMTM3OTY5MjMsImV4aXN0aW5nIjpmYWxzZX0=
.d1nslcd7m2225b.cloudfront.net/	1970-01-20 20:11:55	Name: _hjSession_136299 Value: eyJpZCI6ImQ2NjRkNmQxLTY2MTctNDgzYy04ZjJjLTk0OTViYzNiOTU1MCIsImMiOjE3MTQzMTM3OTY5MjQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.d1nslcd7m2225b.cloudfront.net/	1970-01-20 22:21:29	Name: _fbp Value: fb.2.1714313796948.2036118792

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/(Line 1696) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://d1nslcd7m2225b.cloudfront.net/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1787080818148630?v=2.9.154&r=stable&domain=d1nslcd7m2225b.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss:; child-src https: blob:; object-src 'none'; frame-ancestors 'self' https://account.screendaily.com;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88c9506a2cf63a437aaffa33b8cb6c07.safeframe.googlesyndication.com
account.screendaily.com
analytics.twitter.com
cdn-ukwest.onetrust.com
cdnjs.cloudflare.com
connect.facebook.net
d1nslcd7m2225b.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
pagead2.googlesyndication.com
region1.google-analytics.com
script.hotjar.com
secure.alea6badb.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
104.17.25.14
104.244.42.67
104.244.42.69
13.32.27.54
142.250.185.196
142.250.185.98
142.250.186.35
146.75.120.157
157.240.252.13
157.240.252.35
18.66.102.53
2001:4860:4802:34::36
2600:9000:225e:6000:1f:a060:57c0:21
2606:4700:4400::ac40:9b77
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:81d::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
51.11.20.152
52.164.226.60
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
01fa10df12047414d20a60816707426f588ba99f8c4d1b04424db51274dc290b
041d22664a0f7c5b2c5e6a76c970589bdeddbc838f9a38783fb9c72dec20272c
04d31f09a9361207f2bb3532c19e856bca8fcab480de7df6341714cb7766462e
050448cb475249d393213778eeb70acbe275de35c74ba5b84e55cb25a6b81847
050c6ffb96c6204489130d9d233c18cdf57ef1c8626af805754cbd29d14bd072
0911ad1ad30a6a31eb9e4b6e8f631d7513f0b2caf0b9d76d7afd15cf3f5ff0f8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a27f0c7db70f732a245abfee559fdae32bfb91569092a2a1e53a33722e21bc3
0cf97d4f8f5388d3e0fe0f77e49707d2a80fd7722e20402d2f3453f8f4fc4607
147a18296dd73d61cc64ceb932c668b204f645ac35b42ad5dd6ea90a3632202e
15aef3863c4ce32e72027b1ce6067fb8940fea4b2646eb2242b7e5bdd173185e
16365dcef441ea8bdb15841951390b673ca2acb305ddd83df0a075570ece22d7
166161f759f8c14c0ce3fdeb0a220ddee0da8d3bc100fa3ab425d7712e033313
170bfd146da133588478c01004dbc5df51cbc1a06addc4dec20827e322353892
1a820bbfb365eff52c61b27d5e126a850eb6743c0bd8a914ef77f0c1230e6b96
1d9fad92e56ea94b39e201b415f8f0b9ae65fc36ce3070c5ff48d91179246c65
1e149725982499d82b0102fc3cb7df53a506ae9f2290badc4a29652472971c61
220a481983d75bd6898a964f8fe3e0d614b32282c908d3ef5bcd6dc390c22e3f
2470b3989f7305d3522d143e2ee7c4a96623a994c3888bce7f5ee18c8d7afd6c
2a9390ef3e21a29fcb46e7bb2560ed3c5b4e033e7867632769edd286691829df
2b43c0f2ad2c5e8ced81c2058c607a2eeea4819eda28f0062628cfa87e9100e7
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3382f85aa3c93cafe0c34cbbb1c41c7ed15fb739c5af53f3de3a760052ce1758
33ac7592731d5255d04c861bc8a890ef4b3d1618bc1eb0dc29ba3ad427ca99b8
3c2050b7411f2f9471dee7e8f22ff6f5c4c259e78f79775286e7e3a4fa7b8967
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e2f7a016901e30bd6318025059004e96a610be19f856a3ae321fc0a7d5d9e28
3e6925fca371430fb5f5b58bcde8f88a5fcb450d89d3340434a791750b76d4df
44140611d491bb6ac1398ab41cee77620eeb0971e214954307f6e55e188f20f0
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
49d97b3466745d2b0588865c6d2d04f803cfd2e4456ac9b003a471d61d82b594
4a4d3fe80584ece162a032070ffc9539c8d1cf06b676382930f78fb3e6bc2d99
4a4d5ac38ea2b4ea82cd90b52576bdb1d0dc56ca7e5c609411154b7c33ba77b3
4adf7afa1d8d16eb62d4090a1c2518ecb7d4ee3fa949473d83fdcdf1139768f8
4b75b988f9bcbf65bc72ff35e53369c9a00f6fe832d9ee6cdc6cb9c51a57256e
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
51a3e924db2616afa66b30d3100ab0a6add1f08d291002e1dc4978357ce9aab4
59b5c3884b9e43e5ac0146f174150b341928d89caf859fc5e09cff3ce30ec682
5ceae09aaf88546a28815ec97c48f046c8c42e1ded074bcd37072dde4cfa8744
5ceb6417be57b85e66479221046e3abdf2be53bdc4a55929bd8dc0058c70f94a
5fa295b318ad0512dbc58f856723bcc77725bef91155f79ba8e0a4e00cf1f57c
60f5c46cadab841891feda3cfa24fb6b745fbb722880a653a1598d1ce6b68124
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
739ce1e266ac90396651048e2661bcf53aab5e0682cc347723c4c3e42cfd014d
7464e7b6b078427ba0e451df3a4df0dccfb26107d94a6e41e13b7fc747bdc0c1
809b009ce1e2b78cd42b4f9549bebbefe73f31cb8bb3bc115c0904e512ff0ed2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856901592dd94b511241ef75485b864cf33949039014990795f580730c81b77b
86b89b4f01f9a44b4419c1773acad42b28ef655d7b828011b5e04e363e08b6ce
86fd98bcfed3d6efaa1c0515bcdecac3282d8bfa6c47dca4ef5a4a3821ac1025
8dfce3aa666615cfb5a1942661a2e0ac0c28bee2b4f0df7d9c6fec60301838a0
9118a08a03f37256cd583248ac4b9893d965faab7d794e31bc1ca1a6127b0887
91432c2c993af786be27b156bcceb90523225e554e958e01447682f05b3b6bc5
9463d505f58f5bc86bc95949f14a8170e58e28651aa1edffbcb815757a09e90c
950001f949bd0c2f4fef1ead6b4c84bc58c56e34bd91e6c56c9318381bc20597
9baf167f512d252230c05c4f689b5b26d211800084829f2a0c366ffa884870cb
9dc8ca10ee920defa39ddb9c216c596ce0f5f7bdf581b93c01527b123852dbb4
a08a40d3b1009d8fca188c288a2cb6f3ec1f152b056cbcdc17b7d60c6b85d5d0
a55bb418379dca5ee0c34bfaf836c7905c42d5604f0339d13682068f6a453de7
a77f2d414521bc6016f5a8a5ac5e75d29d710152ef6532e0a1cddd7785d39b46
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad12e63caf09c98913b61b214545c94ad8810a95de7d3b89c698de7a54367a21
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0f49328fefb11238fd899bb0b2d04bbd11b63f551c4c32d91e045826a649fb9
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b29cda94190585a5bc5843e98dfc87a208a1d1d05283671e0309edd0ae39981f
b316b65cc67b6cf69ea0b6626498978d808bac4b50dbce5b04975c4a5db220cd
b47638e2b3e5a0f28ac238700ecd6a54d333bd521a54b20bb873a565fec58687
ba17ced8f207a0878610b754eb582d36e9346ea2f280d5856644ec8a0bd174d6
bb813e3cad062dc65c95e43b18d394cd341e57700570232801a777e84679864d
bcce269fe4e329e6aac07bda59f9f10948f0ff09a492146306f16bfc24a99e35
c9fa187db81b7927f3fb8826d1bb348e90d92c1e30c7cbc8b381fb59b83b0aa4
cada5ce93f7f643889db8d2bda5d9ae3784a1b42d5be355b2405bda3b10145b9
cc65963efd63126a5c90be746dad04d9c20d1fe03ab3f7668779c363c226b207
cf85c8e0961a19e4026f2142fb4da58f3f6cdeed77b23b076c9aa9d74390110e
d304a510ac1dd0a1b945943318cb7e70e8f48d7e438500f7f4492e15f3022fca
d81e5637c31f00d8f2ad52a3d5ac4da79112d938a457e3883ebadc7888a63058
d850888d49e3f4860b0b6f687beff6d2fbb933d0e683d860951a1042f529c5d5
dc510773d63c3f7c348ecf95029106e6e93462313792e5b7f17997a005b425c2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00
e60b3dccc332500247f2755d50e306643cb056b480de84a1c89529d3d4b556dc
e838bb8caf249027ff1236bb9a02e382e21fe497273c1ba28edc4188b1e22873
e900515f8f116503d392cd6eaa598dd51371d7b6245abb920affc8459f1671ed
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
eab8c6529b772f70d27a53e51dd95151da4e43aa2d663e43455578d1f709eede
ed41b9dad3df6041af90a4caed26205d4f635b1f0af6904cf6b11b4501012acd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcbf14c542a73c14bfb515bd90440bd74dcd651bf82fc7bb3e572d077dbc53d
f12be628c10a05594233b7f204847e189b7fc57df5692c16c7d23decd46cd4bc
f213e90e86533a5a1d52c943e5d367c59bf5d9c63f26e7c94e8904c63d303dfc
f39dce06866024f7e594e10dfa07599d560f76da3c25d1ceefac02ca0e24498a
f57a2ca091c0b58f0794b42e891d1ff0bf60ddb2162cf5af38d7d4b665bee77c
f5b31b10761d331f12704db4b99b4d11c8db6c531717f0df424b9e7aed52f0c2
fa31b4e3cdf078b0b17dfc076db6d1be8cb08323907d235ea19963d4da43bcb3
fddf7655b4d578579a8f1d447a65ae9eaaf0beb514a1c7ec91b4b3b31ae5afc1
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065

d1nslcd7m2225b.cloudfront.net Open in urlscan Pro 2600:9000:225e:6000:1f:a060:57c0:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

52 %IPv6

20 Domains

26 Subdomains

28 IPs

6 Countries

3050 kBTransfer

8001 kBSize

15 Cookies

100 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

d1nslcd7m2225b.cloudfront.net Open in urlscan Pro
2600:9000:225e:6000:1f:a060:57c0:21 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

52 %
IPv6

20
Domains

26
Subdomains

28
IPs

6
Countries

3050 kB
Transfer

8001 kB
Size

15
Cookies

138 HTTP transactions
6 data transactions