urlscan.io logo urlscan.io
SecurityTrails logo

news.now.com Open in urlscan Pro
2600:9000:211e:9200:8:e4a9:2240:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2oIvDQR
Effective URL: https://news.now.com/home/finance/player?newsId=180275
Submission: On October 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 10 countries across 50 domains to perform 223 HTTP transactions. The main IP is 2600:9000:211e:9200:8:e4a9:2240:93a1, located in United States and belongs to AMAZON-02, US. The main domain is news.now.com. The Cisco Umbrella rank of the primary domain is 619899.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 20th 2023. Valid for: a year.
This is the only time news.now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 1 2600:9000:211... 16509 (AMAZON-02)
48 2600:9000:211... 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
20 219.76.112.42 4760 (HKTIMS-AP...)
9 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 65.9.66.104 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 6 37.252.171.52 29990 (ASN-APPNEX)
2 13.32.121.21 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 2a03:2880:f08... 32934 (FACEBOOK)
2 8 2a02:2638:3::c 44788 (ASN-CRITE...)
1 54.72.74.238 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2001:4860:480... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
3 44.206.40.57 14618 (AMAZON-AES)
2 151.101.65.55 54113 (FASTLY)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
8 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
3 108.138.1.25 16509 (AMAZON-02)
1 217.182.178.225 16276 (OVH)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 9 104.18.26.193 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 52.18.240.81 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 99.86.4.71 16509 (AMAZON-02)
1 52.222.239.116 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 95.101.148.20 16625 (AKAMAI-AS)
2 104.18.25.18 13335 (CLOUDFLAR...)
2 184.30.22.30 16625 (AKAMAI-AS)
2 2.19.244.232 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 69.173.144.139 26667 (RUBICONPR...)
6 8 216.58.206.34 15169 (GOOGLE)
3 3 18.208.6.155 14618 (AMAZON-AES)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 2600:1f18:ed:... ()
1 2 52.46.155.104 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
5 5 37.157.2.228 198622 (ADFORM)
2 2 151.101.130.49 54113 (FASTLY)
1 1 45.137.176.88 60350 (VP)
8 185.64.191.210 62713 (AS-PUBMATIC)
1 2 67.220.226.238 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 18.197.117.175 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
1 1 54.164.162.143 14618 (AMAZON-AES)
1 52.48.43.143 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.3.75.156 14618 (AMAZON-AES)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 52.223.40.198 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
1 198.47.127.20 ()
223 75
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    2600:9000:211e:2200:8:e4a9:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)
news.now.com
48    2600:9000:211e:9200:8:e4a9:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)
news.now.com
2    2600:9000:211e:9000:13:6c41:f5c0:21 (United States)

ASN16509 (AMAZON-02, US)
d7lz7jwg8uwgn.cloudfront.net
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
20    219.76.112.42 (Hong Kong)

ASN4760 (HKTIMS-AP HKT Limited, HK)
PTR: n219076112042.netvigator.com
images-news.now.com
9    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2250:5400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    2a03:2880:f083:6:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    54.72.74.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-74-238.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.insurads.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
3    44.206.40.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-40-57.compute-1.amazonaws.com
services.insurads.com
2    151.101.65.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
8    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
8    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    217.182.178.225 (France)

ASN16276 (OVH, FR)
PTR: ip225.ip-217-182-178.eu
prg-apac.smartadserver.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    52.18.240.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-240-81.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net
aax.amazon-adsystem.com
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2.19.244.232 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-232.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
8    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
3    18.208.6.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-6-155.compute-1.amazonaws.com
i.liadm.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550a:686a:b20f:8598:8ecc (None, )

ASN- ()
i6.liadm.com
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a05:d018:cc3:fe05:add9:3669:29b3:4d0e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
5    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
8    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.93 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    18.197.117.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-117-175.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    54.164.162.143 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-162-143.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.3.75.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-75-156.compute-1.amazonaws.com
a.audrte.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a05:d018:d29:3601:c184:4582:9358:8e30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
69 now.com
news.now.com — Cisco Umbrella Rank: 619899
images-news.now.com — Cisco Umbrella Rank: 636698
3 MB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8000
csm.eu.criteo.net — Cisco Umbrella Rank: 7577
146 KB
17 googlesyndication.com
3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
494 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
184 KB
14 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
simage4.pubmatic.com
27 KB
14 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
mug.criteo.com — Cisco Umbrella Rank: 1822
ads.eu.criteo.com — Cisco Umbrella Rank: 7499
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14897
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8894
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
65 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
6 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
73 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
acdn.adnxs.com — Cisco Umbrella Rank: 960
21 KB
6 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 21614
services.insurads.com — Cisco Umbrella Rank: 17723
52 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 1067
i6.liadm.com
2 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
13 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 11
region1.analytics.google.com — Cisco Umbrella Rank: 2225
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
206 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144
897 B
3 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 76
www.facebook.com — Cisco Umbrella Rank: 109
626 B
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2190
google-bidout-d.openx.net — Cisco Umbrella Rank: 2191
694 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
92 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
551 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
894 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
646 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
cdn.indexww.com — Cisco Umbrella Rank: 2483
2 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net — Cisco Umbrella Rank: 1062
10 KB
2 anymind360.com
anymind360.com — Cisco Umbrella Rank: 15334
179 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 3974
515 B
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 668
17 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 239
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
149 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com — Cisco Umbrella Rank: 687
31 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
3 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720
imasdk.googleapis.com — Cisco Umbrella Rank: 657
155 KB
2 cloudfront.net
d7lz7jwg8uwgn.cloudfront.net
1 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
187 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
149 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
610 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
1 KB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 2038
213 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
591 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2756
281 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2238
181 B
1 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 7225
398 B
1 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10477
554 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724
3 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 2075
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2392
8 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6347
439 B
223 50
Domain Requested by
49 news.now.com 1 redirects news.now.com
ajax.googleapis.com
20 images-news.now.com news.now.com
9 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
anymind360.com
static.criteo.net
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
news.now.com
3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
anymind360.com
8 imageproxy.eu.criteo.net ads.eu.criteo.com
8 tpc.googlesyndication.com 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 cm.g.doubleclick.net 6 redirects
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 gum.criteo.com 2 redirects static.criteo.net
anymind360.com
6 ib.adnxs.com 2 redirects news.now.com
anymind360.com
acdn.adnxs.com
5 simage2.pubmatic.com ads.pubmatic.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 c1.adform.net 4 redirects
4 www.googletagservices.com news.now.com
securepubads.g.doubleclick.net
3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
3 image2.pubmatic.com ads.pubmatic.com
3 i.liadm.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 c.amazon-adsystem.com anymind360.com
c.amazon-adsystem.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 services.insurads.com cdn.insurads.com
3 cdn.insurads.com www.googletagmanager.com
services.insurads.com
3 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 connect.facebook.net news.now.com
connect.facebook.net
2 cr.frontend.weborama.fr 2 redirects
2 x.bidswitch.net 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 dis.criteo.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com anymind360.com
ads.pubmatic.com
2 eus.rubiconproject.com anymind360.com
eus.rubiconproject.com
2 anymind360.com news.now.com
anymind360.com
2 mug.criteo.com news.now.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google.de news.now.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 stats.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.facebook.com connect.facebook.net
2 oajs.openx.net 1 redirects news.now.com
2 ssl.google-analytics.com 1 redirects news.now.com
2 sb.scorecardresearch.com news.now.com
2 www.googletagmanager.com news.now.com
www.googletagmanager.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
anymind360.com
2 d7lz7jwg8uwgn.cloudfront.net news.now.com
ajax.googleapis.com
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 match.adsrvr.org ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 odr.mookie1.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 acdn.adnxs.com anymind360.com
1 js-sec.indexww.com anymind360.com
1 contextual.media.net anymind360.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 fastlane.rubiconproject.com anymind360.com
1 prebid.ad.smaato.net anymind360.com
1 bidder.criteo.com anymind360.com
1 htlb.casalemedia.com anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 prebid.media.net anymind360.com
1 prg-apac.smartadserver.com anymind360.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
1 ads.eu.criteo.com 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 graph.facebook.com ajax.googleapis.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 imasdk.googleapis.com news.now.com
1 ajax.googleapis.com news.now.com
1 bit.ly 1 redirects
223 91

This site contains links to these domains. Also see Links.

Domain
now.com
finance.now.com
sports.now.com
www.viu.com
moov.hk
nowtv.now.com
media.now.com
images-news.now.com
Subject Issuer Validity Valid
*.now.com
GlobalSign RSA OV SSL CA 2018		 2023-02-20 -
2024-03-23		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-04 -
2023-11-02		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2023-05-01 -
2024-06-01		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA		 2023-08-25 -
2024-08-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 26 frames:

Primary Page: https://news.now.com/home/finance/player?newsId=180275
Frame ID: 1CBD181F47AAF50737B08B1959002A86
Requests: 130 HTTP requests in this frame

Frame: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C54FFFCAFA7157536E58457AA927C24
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.now.com
Frame ID: 3A6F70E0DDA88CBF9DF713D0B9156AC7
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7451E80B4A7547C19DEEE5413CCF3362
Requests: 1 HTTP requests in this frame

Frame: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB365481BD58F9D432E4F8CE6EE83E67
Requests: 9 HTTP requests in this frame

Frame: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2D0C82630A69308FF25F2CA8E8F20D32
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd4lY1FnOAAiy64RkDrr_Szr5AMTt5XnYt5WHRqz5hIRCosquAc1C2o4W7ZeycPmrruzzA0VFgNTcqMKzmdDMi355LHbOrKKgjZxtEehYtk85jtccAWuxe7QKrsXeLW-U-jQMkAbhTtHDS_nMyc_Vqs7Y4cMWDEgH9-XF6AUUQte-wodgU_tlDnl2fxbThEcoZh6zQMnzCrTTdWJhczTAHLWLVTMSHKW8mIkgxlRDGXXkDy0ZpgbmBIAjJrI_Z6LxVT9e1pR9Zc6eYrlPvV_xjmLk090sZa66ynt9tsgfmuTdSwqsnfaW5-2D16RMW9_VmwbSla8gqKQ&sai=AMfl-YTT5WWZ3Cq5hFJISOviMyAQsNXlcskcs56sPdWC_--0tQ90HiRgaWoiEEvU1JfdeWy4T5ZO5skDRCkCe_y-dNrmc0MmaSpI0UXnTpDgQ3xVM0vybCOgT0ZDuzWCmtSaiV9SaM8wNyc4FLGVU5Y&sig=Cg0ArKJSzADSpfjPk8JdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0D19D972F3520729E0A1DAA8CEB59154
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Frame ID: 2AE3A10238FA932474F118B41C6383B3
Requests: 20 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1546&requests=[{%22eaUp%22:%22/94348418/nownews_web_fin_LR01%22,%22eoId%22:3012214987,%22eolId%22:6032896793,%22advId%22:223740178,%22ecId%22:138451356465,%22w%22:300,%22h%22:250,%22eId%22:%22main_nownews_web_fin_lr01_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_SB%22,%22eoId%22:488130058,%22advId%22:176757058,%22w%22:728,%22h%22:90,%22eId%22:%22main_nownews_web_fin_sb_0%22}]&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&ts=1698335961622
Frame ID: 565AB36460A5C8032DA33BD92962454C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C2099%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3B43F0C42A98850EA37C2DF57285C26F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 827A56DC6D068A1F6EF4F49D95A873F8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3A0CF1350697D9BEF676F92526A08F1D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: ADD8C59F50CB4E0A716AA16B3FCFE025
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F22B81195456FBB3A43D6E6B00CFE66E
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 00ACD31FE1BB0B41690FFDC6991C4A2A
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 650F95572BB1D1E648DDB5CB3400E993
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 0D2379E79FD0444164C219362A955388
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0
Frame ID: 15F1F8175CDABED8BC342459852B4487
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5935648017172192030&gdpr=0&gdpr_consent=
Frame ID: 42C096F4A01146B6AE161033092E8BA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294297431593121944&gdpr=0&gdpr_consent=
Frame ID: D99FA475D63FDFE3FF0CCB5E2E825A16
Requests: 1 HTTP requests in this frame

Frame: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=384f4ec5-b636-4d1f-bde4-a84fd0b51349&ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 44A25652974B0F7D90F52D413DD61C52
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NUImJQfmVYxctzWJWXktSdly2hw&gdpr=0&gdpr_consent=
Frame ID: B3C97F6FA7A7D1892F2EF977C5A96F39
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/comments.php?app_id=515076798590105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2377504bb1aff8%26domain%3Dnews.now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnews.now.com%252Ff2cb66a237b3f08%26relation%3Dparent.parent&color_scheme=light&container_width=520&height=100&href=http%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&locale=zh_HK&numposts=5&sdk=joey&version=v2.9&width=
Frame ID: 8D889850345C2B107DA3D0CC06344BDD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.now.com
Frame ID: B640130A0D9746E5EE8D17FABF3E767E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4798549D708DDF082BD7CC7826F395D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AFC1459CBB65361D6EDBFE8003F789C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zalora:期間限定店無助銷售 | Now 新聞

Page URL History Show full URLs

  1. http://bit.ly/2oIvDQR HTTP 301
    http://news.now.com/home/finance/player?newsId=180275 HTTP 301
    https://news.now.com/home/finance/player?newsId=180275 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

223
Requests

91 %
HTTPS

41 %
IPv6

50
Domains

91
Subdomains

75
IPs

10
Countries

4769 kB
Transfer

8546 kB
Size

70
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/2oIvDQR HTTP 301
    http://news.now.com/home/finance/player?newsId=180275 HTTP 301
    https://news.now.com/home/finance/player?newsId=180275 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
Request Chain 96
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1599765896&utmhn=news.now.com&utme=8(deviceType*newsTitle)9(desktop*%23180275%20Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE)11(1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&utmhid=1943207193&utmr=-&utmp=%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&utmht=1698335958560&utmac=UA-34166611-1&utmcc=__utma%3D262549139.146162259.1698335958.1698335958.1698335958.1%3B%2B__utmz%3D262549139.1698335959.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=932879961&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896&slf_rd=1&random=4217507432
Request Chain 103
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=now.com&sn=ChromeSyncframe&so=0&topUrl=news.now.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=fFg3YnxvR1k1dExiUmt0VWJrbWJKWmQycWNHbGh0MjR4SFhBdXVLQ3NtYWp2Z0xTTk5wa2gxcDMxMDhZc2JBQ2w5WEhZNHdWL0JRWnFFOVVMaUY1L0dsekhlaURxaDZJWWZncG5xWDQ4dWJjZEo3VzdOd015U1ZZVkZRa2hnUU5icnVtTWJNNEdDQm9obFJUNFBEWlRPN3BVa1hPQVVlakptVlFSUFdLam50VXR3QXNlN2VyYjR2bTB1anZZbHdXZU8yWEMwTmEyc2xzNU5qU3NsZ1FhTmJqMFVEQnZrNmVGbWw3cFRDa1R2eG1OQ2s3L1Nmb0RDcmxJVjdBQ2puTmRBWVUrWWZjWGkyeFExZk1tR2pBdWRBeWk1dz09fA&cppv=2
Request Chain 180
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 181
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 184
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTqM3Z2PDyT9tLRlu9k5TAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENSajX8mlBXzimSNMQZvFJs&google_cver=1
Request Chain 185
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTqM3Z2PDyT9tLRlu9k5TAAA%263314&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTqM3Z2PDyT9tLRlu9k5TAAA%263314&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=ff66069a63094752a1599535ac1f2365 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-TNoYXaRX43ERv_I1SSuvUDqWG-1K4MqthL2x7A HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-TNoYXaRX43ERv_I1SSuvUDqWG-1K4MqthL2x7A
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELJULQ1PQ_uNL3UuuOIxQ4s&google_cver=1
Request Chain 187
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 189
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2051001822236575055&expiration=1699545566
Request Chain 190
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZTqM3gAXgckWgABV HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTqM3gAXgckWgABV&_test=ZTqM3gAXgckWgABV
Request Chain 191
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 193
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 194
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 195
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0
Request Chain 196
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5935648017172192030&gdpr=0&gdpr_consent=
Request Chain 197
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294297431593121944&gdpr=0&gdpr_consent=
Request Chain 198
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=384f4ec5-b636-4d1f-bde4-a84fd0b51349&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 199
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NUImJQfmVYxctzWJWXktSdly2hw&gdpr=0&gdpr_consent=
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cwev4P2VTySDUtQEz8czIA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 202
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=768971453 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7307AFE0-FD95-4F24-8352-D404CFC73320
Request Chain 203
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7307AFE0-FD95-4F24-8352-D404CFC73320 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDEyeUlaNlRMYlRRdUM5YUNQNkY3Qk4zZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6607338330339205149&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzMwN0FGRTAtRkQ5NS00RjI0LTgzNTItRDQwNENGQzczMzIw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMSW6Wr7p6YFSET1-aPFDng&google_cver=1
Request Chain 207
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6607338330339205149
Request Chain 217
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=now.com&sn=ChromeSyncframe&so=3&topUrl=news.now.com&bundle=fWO3P19nY2M0OGlqQVRscjklMkJ6c0Z0YzByMUNRJTJCVGhFVW5uTzA5TEVXTkZoNGd1JTJGNTBIJTJGeCUyRnFHbExiMzRST0FKMWF5cm9GdUJOUDE1WmJCYzh4NGRFSWpVNjdmdzJzYjZLNEJJUXNlU3B3OWpnUXlXZlphOCUyQkVFRVlDalJUaiUyRmVWbm9aUW1WQ254MEp0Nlphb1JHcDJUMGh4dyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=76Gq3XxEMkZSZFQ2S1NJZmN4Z3VuWGI2eGVEK29hYWJtdDZ5RENIRTBSRzZYREtVMWYra28zM2VpTzNQcDZkTlpvMzBpUXR5MmtRbjJmOEZicHJvYS82MjdpL3FNeXNXWEZoSDI1VHFPaC9QTUZTbE00TzEyN1VCTVAvN3BxM0V1SENVSy90Y0xoUGFkZ2RGc01jY24rZGNlUkFTYmdGbEZRbEh0aW8ySGp4VXdRbklVdG1samwwd1ZBMjV1ajQvVlNCemlzYkxqSjFjeTJhZnNac2lhV3JLbUFTSjViZFFyR1JsYmNjL0tKMGMvNXVTU0JlR3BvQXY0K3d5SkIwaHFEcjdVbnczcStQQkRJbTFUeGthUHVReDl2UT09fA&cppv=2

223 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request player
news.now.com/home/finance/
Redirect Chain
  • http://bit.ly/2oIvDQR
  • http://news.now.com/home/finance/player?newsId=180275
  • https://news.now.com/home/finance/player?newsId=180275
75 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
bf09cb9745417c0db38b6b2290bf7916217ea29978009814a4caea1d21fe7ce4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 26 Oct 2023 15:59:16 GMT
server
nginx/1.13.3
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id
7TqvkndE0M59_VuEkxNsdfOqU8TxRT99xVxACEDManYGUz1sWZ4IsQ==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 26 Oct 2023 15:59:16 GMT
Location
https://news.now.com/home/finance/player?newsId=180275
Server
CloudFront
Via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
gu7nBHSOE4poRvDz7NoeSioEqbgBGsKyc_0dcRHjhlPc0BHip0052w==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Redirect from cloudfront
news2014.css
news.now.com/revamp2014/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/css/news2014.css?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
1ea1219ed6ec3c76cf953f0e0ea3732219e214f66a85447a81fa6bd5426df759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 05 Sep 2023 03:03:11 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
581
etag
W/"64f69a6f-3a14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
25T7dzhqnjym6XZEzazNpkQVgPLR9YxywIary2NEVuz_7ZHMcbEv3Q==
for_dark_mode.css
d7lz7jwg8uwgn.cloudfront.net/apps_resource/web/ 		650 B
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d7lz7jwg8uwgn.cloudfront.net/apps_resource/web/for_dark_mode.css?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9000:13:6c41:f5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
18af810bde060d9088e801deb820b04346316b9b0c8f62e60c91530e6edfeb1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Content-Encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Sep 2023 04:17:49 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-C2
ETag
"28a-60480cb14a92b-gzip"
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
271
X-Amz-Cf-Id
7DYXiiy6iN91EJcAQmNy-D6kJLPSfa3QytlDRhpWKVIgRFRBsqTcTw==
details2014.css
news.now.com/revamp2014/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/css/details2014.css?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f3cbc4e1f72dbf1eaf4a2fac1e4a3127c856fca42456fd6fa6fd3e8026d8454d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:58:58 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
148
etag
W/"5b1f4502-3245"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
bfB-R11ha922sVDupupLaxzdWZ9P6ip31X-Ip0xpTadHHHHLXKtKsQ==
gpt.js
www.googletagservices.com/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
929ae2cf2329d8fea492c9dc82bc19d193a803481fce2d4a5d7149e324cc35d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29464
x-xss-protection
0
server
cafe
etag
252 / 19656 / 31079110 / config-hash: 18294707092208642472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 15:59:17 GMT
prebid7.39.0.js
news.now.com/revamp2014/js/ 		262 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/prebid7.39.0.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
5a22f4b8a01844ce4ece06b04e9d534e15559a8ed8f2ae3bef9ad1dd81a71048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 06:22:35 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
215
etag
W/"64097b2b-41759"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
b2nu7AISY_uv3iIXWnBI6-ozW16uDjwtZ4_uTHnCALrchxXpfxCTLQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 07:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 07:55:27 GMT
jquery.sticky.js
news.now.com/revamp2014/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery.sticky.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
cb9c05d4b62c00e9fdd2d17b82f330d5904a4564d6595c3c6b3b02c2407a7237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
W/"5b1f4509-1565"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9TAjr4S-FeSJjJSLTew_rfXP8RwJ_p1QAXk7dkYH5pZXNiwX2lMp5w==
jquery-ui-1.10.4.min.js
news.now.com/revamp2014/js/ 		223 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery-ui-1.10.4.min.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
600759407fde32ff7bd3acc8db8a41f170a137c8bf48d2a2ede342111776c027

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
W/"5b1f4508-37cbb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
D3NianRLYU2ZywL4jIGmRMzkJzgD4bSD_gahE-tT29sAXRvi78l8TQ==
dfpAsset_prebid.js
news.now.com/revamp2014/js/ 		28 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/dfpAsset_prebid.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a95b5bcef02399a965578cd460191a02c965331e2e4ba57e2de228c41fafd175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Fri, 13 Oct 2023 02:04:23 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
73
etag
W/"6528a5a7-70b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JebFG9f-1-ME1zHua6KaoSpCUXcgKEw4E4kbG34qycgdipTzCTXQiA==
NowDataService.js
news.now.com/revamp2014/js/ 		1 KB
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/NowDataService.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a431ec20ecf46b014126e17830d94b90642cfc90b55f4142988683a4557b4e86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
W/"5b1f4509-459"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6nePjUzPn-7rjzT0x1kGV5dcWewiGQpdlye-WGh3Rvpw1RLDSTFDHA==
fbSDK.js
news.now.com/revamp2014/js/ 		699 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/fbSDK.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
e10ad5cbaa8e43bdde1151ae38bfe94d5514476e4302aacd8c8bfd9f7e60228c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:01 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
"5b1f4505-2bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
699
x-amz-cf-id
XZrchWU31peIjX8Fi0C9DhCFnhYMxSbD-nFNv8kHvrbDOU6iq__-cg==
jquery.fancybox.min.js
news.now.com/revamp2014/js/fancybox3/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/fancybox3/jquery.fancybox.min.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f2ab01fbf0fd27972b021b33e66c9fe6af549750db2e466be42c03bda4aa337f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:16:40 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
W/"64f5ae88-fc9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
C5m0LWQ9eCbbSDs57y0Y28dr608daoVcTSUKtwLMFXlmPpCZHImHvg==
jquery.fancybox.min.css
news.now.com/revamp2014/js/fancybox3/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/fancybox3/jquery.fancybox.min.css
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a02fd0f27a964a5a756e48b71edf6044259a7b0e67ebf1cd935d074f86845f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:15:19 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
82
etag
W/"64f5ae37-3664"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
mO-QIkKn0dXVZutr1TRc6Ic7z7uDJH5aOqszt4x_6VTv7lQZa_yNlQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fee81bbe8f12f8d0482c38cba7ec2682ffc6d4a9c84756dee0df14c30bb7bb58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127080
x-xss-protection
0
expires
Thu, 26 Oct 2023 15:59:17 GMT
PrerollManager.js
news.now.com/revamp2014/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/PrerollManager.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
c9344b8a1ead8004c66b22b3b928fc366feecf1190c9076b742479b381869e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Thu, 12 Aug 2021 09:15:24 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
193
etag
W/"6114e6ac-1a35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GciQ_Q-tJqBf80fgMzLvPZEvOCMzzRZgJXhhh3ryqM1mpcVm2kQXpg==
hls.min.js
news.now.com/revamp2014/js/ 		192 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/hls.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
e7608a6ef5ee8696f943b03e4484d31e88f4477122b8b07ac90bb4cd0a5d6d87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
148
etag
W/"5b1f4508-2fe07"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
37iAlhPhMHgO9Tazff_bK6xLbWfEnyKJG7tL_49zh3haWFJ_796jog==
galleria-1.4.2.min.js
news.now.com/revamp2014/js/galleria/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/galleria/galleria-1.4.2.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
343faa4d06dd00d04cd6632c215c96302faf1525f82be005a14959f71e68d383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:02 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
98
etag
W/"5b1f4506-123fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
x_WH1Q-yL0xXGMbAhbPFpmuxXRW_Z9t3xET6LPL_us4kvDhbS2Pv7A==
purl.js
news.now.com/revamp2014/js/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/purl.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f2147f9733c2bce48a9ff4d3119d9b49ae937f5ddb668dc995c069213b80ff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
W/"5b1f4509-517a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
3fXQ_6ym8O4KUxhHxTEWbHHG_bxba3pU4kKtSuFX8uLy8cqiryKlWg==
jquery-scrollto.js
news.now.com/revamp2014/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery-scrollto.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
4ee077691591a1f8bd7da317ec4a6eda9012731327c257d9e420a51d0ce4f738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
73
etag
W/"5b1f4508-1e1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
SOsliKPT3D6pUjHDwmqpfMMccQ2iHRcW6eSuOyyfV9IKq0QhA6SJWA==
jquery.ba-resize.min.js
news.now.com/revamp2014/js/ 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery.ba-resize.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
193
etag
W/"5b1f4508-44a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
unehy0daZZyQIRTACm_L1isoIaHF14oG_pLn8eJ8OSpGmZqHB5Cd4A==
common.js
news.now.com/revamp2014/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/common.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
a6e32ba84c2ab8c848dd6eae7947339165a698c673ba7d89f9a9221623c63322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Fri, 28 Dec 2018 01:27:00 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
W/"5c257be4-13cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
rUnuZR3mZ7pw9t35lOShn0x8u9MI_US-WR4Nu7V8LP5BSxbE7iYSyQ==
swfobject.js
news.now.com/revamp2014/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/swfobject.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
202a07bd11e26895b9365d248e422b15e17f3e3c96908c2211d21cefe9bbcfa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
193
etag
W/"5b1f450a-66df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
X7Q-_5d5OEZL5g1yPVQ79Q-OQKo9TNLoKuCKkfd8neQ3hPmHwW0QNA==
jquery.ellipsis.min.js
news.now.com/revamp2014/js/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/jquery.ellipsis.min.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
88b9f6d2a1527d6ce7f2c0566829c0cf993cb82bc5592c4cc61bf86d3eeffebd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:05 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
251
etag
W/"5b1f4509-472"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yIUIGzuoyj8AhA9fb40561XGUyHZLI1ug6FfgJxeSBZEqin_lbeFFQ==
details2014.js
news.now.com/revamp2014/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/details2014.js?v=20221206
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
8a34b787192eae0468e950876215956570551db61dd60b4b2b86a79e29e06125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Mon, 16 Nov 2020 08:18:23 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
98
etag
W/"5fb235cf-581d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CTLg40T_n3ao0NvNy1q-1fNsxn1uxywfRPkXbENT46jUZQauif44Kg==
logo.png
news.now.com/revamp2014/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/logo.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
30927b9d1159b5b5ce3a27acf00240b57b057edf55f13d2311e5bf3d36e7caf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 09:41:57 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
98
etag
"638f0e65-16fc"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5884
x-amz-cf-id
KhqHGmhVeYseLgzlH7lOiWdUO5C05AbP0BwSrIq7pEm-TPnzTkTY-A==
news_logo_s.png
news.now.com/revamp2014/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/news_logo_s.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
2da32cb1008ba22bdd6897e5d4dac7d8347ccea5232c2857be197fd12dbf42c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:07 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
etag
"5b1f450b-9f2"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2546
x-amz-cf-id
Nr9kwDQmXuBOXjyRIklWQb67JYwACPPas0WfdqbylxU9Dp3RRGnwyQ==
nav_tvIcon.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_tvIcon.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
760d46c5a3ddd5fa22deaf6d8b0b5dd24b52b6d238d723249ce3acae5d36363d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
etag
"5b1f450a-644"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1604
x-amz-cf-id
W1B8sXHp3b7Ifd-V6jO_usRJSQcR1IWlH38KEgNsmsB0SZwtTqymUw==
nav_live.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_live.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
ba48cf7d98447c8fcc814530db8c3a11c304c6fbb58e08025d0c1e969299f468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:17 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
556
etag
"5b1f450a-69e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1694
x-amz-cf-id
sK8CXI4ZvpV7zy9Yl_DDQt_kQjry_sBB6ZLO9_elOae7PX_a0aizaQ==
nav_local.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_local.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
00542816b8dd2f88975870804e28037af26018be56d344b511bba5f702c885d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
etag
"5b1f450a-597"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1431
x-amz-cf-id
P77mMJw3vvCH5kAZCeQj_YRVMN5vuJkE3vURd8eBArPEDGO5Q2IEFw==
nav_inter.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_inter.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
047e1939c455d37c4b116cd710a2db7595e9e99e53ceed4debe089f5784a181d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
557
etag
"5b1f450a-6bb"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1723
x-amz-cf-id
IpivkJ1RBAu5LCH2NV4AnwiEaYXPxiI7sEX5X6IAWQ5DZh8N5C9jpA==
nav_entertainment.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_entertainment.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f2ace50bb25918dc9ec3d527747a6e05797178501634deedc88cb2b66ee42743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
540
etag
"5b1f450a-61c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1564
x-amz-cf-id
JEDoZ6oStFwi4D5bFHMB2hgTTw-pn5qhi4wTAeOW4d-xFRrI7IcVqg==
nav_life.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_life.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
67a5a9bfa7f03d99269c5fbed8d183e39682380c2d54061778676e46b64588d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
451
etag
"5b1f450a-58c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1420
x-amz-cf-id
o9iQckNziE7_0tgAEnv3Bw5XtELDyLrSsefkl91c4-GG1qMPp_7G9g==
nav_tech.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_tech.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
2a05843c975829b9363d4d2ee2a03bf6a0d078710a50e312eaee55a274ff396d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
451
etag
"5b1f450a-6f3"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1779
x-amz-cf-id
Jg6tX4EYATQUwsJog23uhNggmNoBnYTbVWXUbIGBsQNzwz56n32ZNA==
nav_finance.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_finance.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
5e373ba1aca5167b4fb0fc7d897d6af3267c7317028d5e8559f96783fe4df689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
451
etag
"5b1f450a-5b7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1463
x-amz-cf-id
Tf3BigoKG2Lrcj5SJCG0oqeXQQnotsUwHt0tqN2EvddoxSeCntvOCA==
nav_sports.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_sports.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
bd5e9ffd9078578f0283d3fbc784cafa65d577342664c3feaa305ba978b67549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
451
etag
"5b1f450a-57d"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1405
x-amz-cf-id
6xUKulw3_KM06Tpyl-QANzqjzgHoFaiMz6sc-zd3y-rzdSU9SC8mRQ==
nav_tracing.png
news.now.com/revamp2014/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_tracing.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
41e77d4a4b376a0e685421f0955f9c9f24f058476cf04d42862f483d16c91db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Mon, 07 Sep 2020 08:41:12 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
451
etag
"5f55f228-8a7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2215
x-amz-cf-id
fpXvD7syq7WJT2dE4lE0PD7zXpn9lGD_zPnbYr0KeVKtbaNwzVlYyQ==
nav_feature.png
news.now.com/revamp2014/images/ 		876 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_feature.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
5c71f73f83722c55e8af961cb99bcd5f1af29f9561b143c2f86f456ba326c581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Mon, 07 Sep 2020 08:41:15 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
451
etag
"5f55f22b-36c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
876
x-amz-cf-id
0b54cBuI-pXDTzcxtb-PegpKv91dVBMxVDsVSD_jqNK1cYeTJBaRgA==
nav_opinion.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_opinion.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
930422fbcaea60d7e46c7f00093c6a082e3425b8118e176659c334b5b8599a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Mon, 07 Sep 2020 08:41:19 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
451
etag
"5f55f22f-5a8"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1448
x-amz-cf-id
gV3kJVTDDu_dIH8WszeKgOza2ITm4f5NMCo5rPCAF4uP-zHQY7dNzg==
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78abeb75533ac46d6dff1374c6c076a8cbb2bdbd51e9d5475f67740419e9fcf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://news.now.com/
Origin
https://news.now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 15:59:18 GMT
content-md5
0vN8ZY/vYQ9N22wTWtSB9A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
U8t1+DuyrLrfxmdF2hOITKBwy6q2zxFEITZRnt3GGu1czywMhh7e3XAvOYfazvXQhnDKrcJ/TJSyWBoJwrj0Qg==
x-fb-content-md5
7604f49ea8cdb11ae5026e552ee9a71a
cross-origin-opener-policy
same-origin-allow-popups
etag
"bda2a9fabc10d6ad04ba220f9891ec9c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 26 Oct 2023 16:01:03 GMT
logo_12.png
news.now.com/revamp2014/images/providers/ 		169 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/providers/logo_12.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
1e6d31cd37b39297deea85d991eca951f1bf094f9c711149b50b592b4c2d21c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:12 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
306
etag
"5b1f4510-a9"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
169
x-amz-cf-id
uE_Hu9JWpcDgWHMB6lduJsEsdZd1OH8EndnjMiWQXms0jMK5z5orqQ==
ESTORE.ZALORA.1630.260516.jpg
images-news.now.com/newsimage/NewsImage/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/ESTORE.ZALORA.1630.260516.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
299a37af4de83d9057d9045fb0b3d3dc2c5f9fca67576b901f0d3291fe3374fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Last-Modified
Thu, 26 May 2016 09:15:22 GMT
Server
nginx/1.6.0
ETag
"5746beaa-11932"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
71986
CN.DATA.SOT.1310.140318.jpg
images-news.now.com/newsimage/NewsImage/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN.DATA.SOT.1310.140318.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
0a96478c58865df9360779cb314e3509454415fbe301fb4532e871cfc9417db4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Last-Modified
Wed, 14 Mar 2018 05:33:49 GMT
Server
nginx/1.6.0
ETag
"5aa8b43d-1caf2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
117490
HYSAN.CNY.1310.230218.jpg
images-news.now.com/newsimage/NewsImage/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/HYSAN.CNY.1310.230218.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
d326c6ac9a57ce1f12c37ef462f21a0259e5c66cfa812b741a613dbe1d2798e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Last-Modified
Fri, 23 Feb 2018 05:50:38 GMT
Server
nginx/1.6.0
ETag
"5a8fabae-121de"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
74206
ECON.OUTLOOK.SOT.1310.150218.jpg
images-news.now.com/newsimage/NewsImage/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/ECON.OUTLOOK.SOT.1310.150218.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
4f44c40f9c1d3406d9b18f2d75def6d376f77efa606cc40cb21ffb1d3a0889b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Last-Modified
Thu, 15 Feb 2018 05:56:16 GMT
Server
nginx/1.6.0
ETag
"5a852100-12534"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
75060
GPAPER.310118.2.jpg
images-news.now.com/newsimage/NewsImage/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/GPAPER.310118.2.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
0d808b75fb4b708cc7d9becc395df04dc12edadf0f43cdc10e969a13c5f9e734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Last-Modified
Wed, 31 Jan 2018 05:36:00 GMT
Server
nginx/1.6.0
ETag
"5a7155c0-12603"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
75267
RESULT.HANGLUNG.SOT.1900.300118.jpg
images-news.now.com/newsimage/NewsImage/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/RESULT.HANGLUNG.SOT.1900.300118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
8a4aff713622487b6e5611dbeb85bb308cc3b1980661c59770c9034dce1c2864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Last-Modified
Tue, 30 Jan 2018 11:13:09 GMT
Server
nginx/1.6.0
ETag
"5a705345-17721"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
96033
GPAPER.120118.2.jpg
images-news.now.com/newsimage/NewsImage/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/GPAPER.120118.2.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
803fa5e667cec8cd38fbfa095952c91f6bcb24f912941511b4f8cd49568abbf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Fri, 12 Jan 2018 05:45:30 GMT
Server
nginx/1.6.0
ETag
"5a584b7a-112b7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
70327
ANN.XTEP.1645.090118.jpg
images-news.now.com/newsimage/NewsImage/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/ANN.XTEP.1645.090118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
351fcf881cc7cc86fd9d042fc943123f76abf6f3d944238563a5d4f36788bcb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Tue, 09 Jan 2018 09:37:17 GMT
Server
nginx/1.6.0
ETag
"5a548d4d-114d6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
70870
HK.RETAIL.1900.030118.jpg
images-news.now.com/newsimage/NewsImage/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/HK.RETAIL.1900.030118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
c783365c8b336d69f3135b35654e1b5c81ed021135387f33f341d7768d63f1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Wed, 03 Jan 2018 11:11:19 GMT
Server
nginx/1.6.0
ETag
"5a4cba57-df7d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
57213
MARKSNSPENCER.HK.1900.020118.jpg
images-news.now.com/newsimage/NewsImage/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/MARKSNSPENCER.HK.1900.020118.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
3e6ac4147f1b6f455ac26b38fea6c2da6b67068db8f3b449ba309edcbddcae2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Tue, 02 Jan 2018 11:19:43 GMT
Server
nginx/1.6.0
ETag
"5a4b6acf-18864"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
100452
US-SHOOTING-231026-23.jpg
images-news.now.com/newsimage/NewsImage/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/US-SHOOTING-231026-23.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
6a0af38d4f493107ae69ee350f5235fac3dfb45b0ec5747bda308c7b6d11b3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Thu, 26 Oct 2023 15:22:17 GMT
Server
nginx/1.6.0
ETag
"653a8429-2869c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
165532
MEX-STORM-231026-23.jpg
images-news.now.com/newsimage/NewsImage/ 		224 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/MEX-STORM-231026-23.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
b0c32e4eb27dbd3be54ba520539f71a70113e85214ebb75cf1570cc74228a6bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Thu, 26 Oct 2023 15:28:31 GMT
Server
nginx/1.6.0
ETag
"653a859f-37e50"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
228944
DINE-WINE-231026-23.jpg
images-news.now.com/newsimage/NewsImage/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/DINE-WINE-231026-23.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
82e8ef66e73e23973d7b68a3ccdf85ce6ce77e286d6f2273b48d0de333dce1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Thu, 26 Oct 2023 15:18:27 GMT
Server
nginx/1.6.0
ETag
"653a8343-2c630"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
181808
CN-NEWSOM-231026-22.jpg
images-news.now.com/newsimage/NewsImage/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN-NEWSOM-231026-22.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
d7425db8bd4bd78e2ed69f590bbdcd3ff644fd3b50350b92fb526eee6bf4251b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:20 GMT
Last-Modified
Thu, 26 Oct 2023 14:07:47 GMT
Server
nginx/1.6.0
ETag
"653a72b3-2a933"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
174387
2023-10-26-22-36-49FMEI8f78.jpg
images-news.now.com/newsimage/NewsImage/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/2023-10-26-22-36-49FMEI8f78.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
2e389356fbc2ee46542598aa455caf9615a6098a34163de7e12b462f0e53e6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:21 GMT
Last-Modified
Thu, 26 Oct 2023 14:36:18 GMT
Server
nginx/1.6.0
ETag
"653a7962-2a00c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
172044
CN-SPACE-231026-22.jpg
images-news.now.com/newsimage/NewsImage/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN-SPACE-231026-22.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
8a1b671b1bb68101c2de7b74af27f0fad0fb0af17d17875f60ca923916a06a58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:21 GMT
Last-Modified
Thu, 26 Oct 2023 14:12:48 GMT
Server
nginx/1.6.0
ETag
"653a73e0-352eb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
217835
CN-LAUNCH-231026-22.jpg
images-news.now.com/newsimage/NewsImage/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CN-LAUNCH-231026-22.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
3f1311e529dc988c4a95d30691d60e13252db95299eeb8732041e40357b56601

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:21 GMT
Last-Modified
Thu, 26 Oct 2023 14:07:27 GMT
Server
nginx/1.6.0
ETag
"653a729f-13c57"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
80983
CNTW-CARRIER-231026-21.jpg
images-news.now.com/newsimage/NewsImage/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CNTW-CARRIER-231026-21.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
f011c6e9cd89df9239e1faa2b250d61d662a58b1cb01ad1c350520e6d4716dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:21 GMT
Last-Modified
Thu, 26 Oct 2023 13:34:14 GMT
Server
nginx/1.6.0
ETag
"653a6ad6-1e601"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
124417
CNUS-DEFENSE-231026-21.jpg
images-news.now.com/newsimage/NewsImage/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/CNUS-DEFENSE-231026-21.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
542ef50029ccae2d686ee82b4fa08838d498798cd52ed33055859ac5f4c0702b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:21 GMT
Last-Modified
Thu, 26 Oct 2023 13:30:21 GMT
Server
nginx/1.6.0
ETag
"653a69ed-12f8c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
77708
ARREST-DOC-231026-21.jpg
images-news.now.com/newsimage/NewsImage/ 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-news.now.com/newsimage/NewsImage/ARREST-DOC-231026-21.jpg
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.76.112.42 , Hong Kong, ASN4760 (HKTIMS-AP HKT Limited, HK),
Reverse DNS
n219076112042.netvigator.com
Software
nginx/1.6.0 /
Resource Hash
283edc962a1e19afac3f86bbd4ddbe8f1b8a5e8a8aaf8984a91a6284952acd17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:21 GMT
Last-Modified
Thu, 26 Oct 2023 13:22:30 GMT
Server
nginx/1.6.0
ETag
"653a6816-38b14"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
232212
ad-MiniBanner-300x60.png
news.now.com/revamp2014/images/ad/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/ad/ad-MiniBanner-300x60.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
dd0cd96175da0d806a3d8617f2b562e7acafcc8493d1105f40a3ce29e07c3f1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:01 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
405
etag
"5b1f4505-2221"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8737
x-amz-cf-id
31JoY5gVBQXukQG9-0KhHJwb7n-mVAqMqf2w2TMfOb9Q6nf6lkfRfg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/ 		422 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f6a0baf7dbbc5ac8a75e413c851d73bb484b8d368f02c28ab08865b98b3b3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 26 Oct 2023 05:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
37725
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135481
x-xss-protection
0
server
cafe
etag
17406217098004719733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 25 Oct 2024 05:30:33 GMT
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/js/fbSDK.js?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78abeb75533ac46d6dff1374c6c076a8cbb2bdbd51e9d5475f67740419e9fcf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 15:59:18 GMT
content-md5
0vN8ZY/vYQ9N22wTWtSB9A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
U8t1+DuyrLrfxmdF2hOITKBwy6q2zxFEITZRnt3GGu1czywMhh7e3XAvOYfazvXQhnDKrcJ/TJSyWBoJwrj0Qg==
x-fb-content-md5
7604f49ea8cdb11ae5026e552ee9a71a
cross-origin-opener-policy
same-origin-allow-popups
etag
"bda2a9fabc10d6ad04ba220f9891ec9c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 26 Oct 2023 16:01:03 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:29:26 GMT
content-encoding
gzip
age
48592
x-guploader-uploadid
ABPtcPqHbjqPhKh2g3rLNDONjQOKU61Px7tzqzBh7WkCYt0i0BsdHalj9-b0OPiPUoULQhA2lZHQGq8cBXCis3HntxktCwlYb4qI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 25 Oct 2024 02:29:26 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:59:18 GMT
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
252278
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81c3e7dc7b6618d1-FRA
expires
Sun, 29 Oct 2023 15:59:18 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 03:07:00 GMT
content-encoding
gzip
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
46339
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
-mW06OXnOakc_yKLRU56kcaFJfdoOzv9XTJ4Pri5liGYkjmHFX6w2w==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34898
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MltStdezCrBKk2dfwutdZORatDrSMAAcm%2FBlK50frrJFLYzMmqGPdUQEVXGXqrnnggdfRMVKsEtRkRdyrPoK9w7Jt1p%2F1xsi42ORiQkV4eC1VzSaPvWR75OMwu3GL9MRUVQ5rgZ9eLr%2B0b149AA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81c3e7dc79843662-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
AZKHMN3J5641D79A
age
1773
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81c3e7dc7a4c365c-FRA
x-amz-id-2
YY4ezUb+Muw1VQU1aI5EgLP88wpJNBo+MUdVwQr7NiV/iORInFjKJJUHg1PFn8mGwE0HwKVkR34=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 26 Oct 2023 05:50:54 GMT
Via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
36505
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
SWkP7dnyRBMGD1ZFxdgqr8wgMSLOu31eZN_fc4R0QeyhgYcv2tCrWQ==
gtm.js
www.googletagmanager.com/ 		185 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF2BBNJ
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc07fc8fc92900e6e0a5d29d026260239ce90db1a213b24b9fe889e91ea2b7a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66480
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 15:59:18 GMT
MediaPlayer.js
news.now.com/revamp2014/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.now.com/revamp2014/js/MediaPlayer.js?v=20201116
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/js/details2014.js?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
bf967bff3592ef6bf5a82056456fd56519db1e4face88a7eeaaa982997c1f632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Mon, 16 Nov 2020 08:28:08 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
168
etag
W/"5fb23818-17bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pALtmePud2p9uRRvK3MoI2m7DeRnCvCdsIHXvN48dOfK2gD5GRMXTQ==
prebid
ib.adnxs.com/ut/v3/ 		468 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/js/prebid7.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
1471773a88b6f08763c70ed7b84765666d6f68bd40a7cf3a943a68a5201c47b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
an-x-request-uuid
bf74e422-7581-45b8-876f-d0e030e3dbcf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
468
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
nav_shadow.png
news.now.com/revamp2014/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/nav_shadow.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/news2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
d8214cdea5dae097d6cfae256ea88ba7df3ad9a84235b78a1a9d055f36737ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/news2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:06 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
194
etag
"5b1f450a-290e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10510
x-amz-cf-id
Flc-72zr0OBmR902DYI-yjHqsztTLNZ7sGy-nc89JpQ5-ydcNIDeFw==
btn_close.png
news.now.com/revamp2014/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/btn_close.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
110137320b8035098fb7a7ee65363c448392049b9924832025b7c8aeb8cabaa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:03 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
72
etag
"5b1f4507-d03"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3331
x-amz-cf-id
PKPfNwc35Pd8tDk_VrKbcWSgCOGspXrmKPZjahsxpsz0kG4C6Yixpw==
btn_share.png
news.now.com/revamp2014/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/btn_share.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f1d574e210335ebe4eb6ee518dfe3ed13ba764af2f32bc5bd6e1747d524208f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:03 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
149
etag
"5b1f4507-18d7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6359
x-amz-cf-id
MzAlSiB6La2ThYL75SBeIuuoNUzCZQKTNvd-nbl4qC66gtpLoHT1fQ==
bottom_gray.png
news.now.com/revamp2014/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/bottom_gray.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
65b9dd8264c39b633050dc5c331690dfceddc682d0c2fd3b85743a8c6c27b937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:03 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
149
etag
"5b1f4507-b5e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2910
x-amz-cf-id
JXKSKLy08LZL6TVIWwoiU9QRc94Ry5-ur7pHHNS2_zIG6FQajGiRqg==
icon_arrow_down_blue.png
news.now.com/revamp2014/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/icon_arrow_down_blue.png
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/news2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
cf741a07d523ba87d5f3aa15491f5a4e7053ac7697ced9cf34c6bfc53b8c5bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/news2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
72
etag
"5b1f4508-558"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1368
x-amz-cf-id
wCt0WTVIIKesCTqHmE8yxwtuFrb-IBPGdAqbeaFbMR-K3gHspQJPiw==
fb-ajax-loader.gif
news.now.com/revamp2014/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/fb-ajax-loader.gif
Requested by
Host: news.now.com
URL: https://news.now.com/revamp2014/css/details2014.css?v=20221206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/revamp2014/css/details2014.css?v=20221206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:04 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
1633
etag
"5b1f4508-c88"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
3208
x-amz-cf-id
EF_FSW3vahaoJt1UZkSAPZYcbDYOPyvOetG8nw0Kp9HzBhT7Hvl7Rg==
5
d7lz7jwg8uwgn.cloudfront.net/apis/getWidgetById/ 		90 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d7lz7jwg8uwgn.cloudfront.net/apis/getWidgetById/5
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9000:13:6c41:f5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
a954a21036c289c48db4f3ffc3ad140fe3f975b542b0804db27cfed2844d1ad7

Request headers

Accept
*/*
Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:19 GMT
Content-Encoding
gzip
Via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
98
Pragma
public
Last-modified
Thu, 26 Oct 2023 15:59:19 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, public
X-Amz-Cf-Id
6GHUpzlFBJL91K_U89yb8T-CyDwfceXrTKcK-8yLxaPfao4yZt0N8w==
Expires
Thu, 26 Oct 2023 16:04:19 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 06:02:50 GMT
content-encoding
gzip
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
35789
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
KKUBvfF8vUxpkErD8BUftaEpFa4Jq-KEQMPKwod0dBKVMi4Fzk87pA==
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 15:19:59 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2359
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 26 Oct 2023 17:19:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		92 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2729736050704422&correlator=2155856701769510&eid=31079110&output=ldjh&gdfp_req=1&vrg=202310180103&ptt=17&impl=fifs&iu_parts=94348418%2Cnownews_web_fin_SB%2Cnownews_web_fin_LR01%2Cnownews_web_fin_LR02%2Cnownews_CP_LR03&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698335958444&lmt=1698328758&adxs=562%2C925%2C925%2C925&adys=51%2C401%2C421%2C421&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&vis=1&psz=728x90%7C300x480%7C300x480%7C300x480&msz=728x0%7C300x270%7C300x0%7C300x0&fws=128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0&ga_vid=146162259.1698335958&ga_sid=1698335958&ga_hid=1943207193&ga_fc=false&dlt=1698335957619&idt=609&cust_params=pathname%3D%252Fhome%252Ffinance%252Fplayer%26Now_newsLive%3Dfalse%26Now_newsCp%3D12%26Now_newsId%3D180275%26Now_newsCat%3D121%26Now_newsTopics%3D&adks=494382883%2C319731832%2C2582627014%2C3588068213&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adb6fbe416bf83dea7aac9bcdb03280696ad635eee697815162583ae190059dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20664
x-xss-protection
0
google-lineitem-id
-1,6032896793,-2,5750743861
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138451356465,-2,138358299502
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C54 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:18 GMT
expires
Fri, 25 Oct 2024 15:59:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/zh_HK/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js?hash=376f4832fd200a617f64d440e3f0d32f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a97a49bcc74126ad8e6ea57bfed45f7f1b59db1b1ac415b686346fa7041e3877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://news.now.com/
Origin
https://news.now.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 15:59:18 GMT
content-md5
un7shpLVKypjnrVu+M75Gw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88460
reporting-endpoints
x-fb-debug
J0bscJbyP0Qb9LcxlROGgpwwBpMcyfOAcG0gpxFbJn2cA4K6lAbb894id1EpN7weT5lXgHl7ERy+9Ex4r1bzOQ==
x-fb-content-md5
11b2fce281f1adee66f9a420c41652b5
cross-origin-opener-policy
same-origin-allow-popups
etag
"77c6261d69b8d48e5770eb60985fd985"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 25 Oct 2024 14:17:43 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
7636c7a7a5f1594dcdec90090f7ad32c11374b0c8c0dedd7417fa93ebe624e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-2pS7NQE8U5/avZniJxJtNaNqnXk"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://news.now.com
location
/esp?url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
getNewsList
news.now.com/api/ 		0
0
/
graph.facebook.com/ 		250 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?callback=jQuery32109663950666937557_1698335958266&id=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&_=1698335958267
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:6:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1ff49db36bef992f69da4e0601431527cf5d39a0962ecef8f697e6c21bf8877
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Thu, 26 Oct 2023 15:59:18 GMT
x-fb-rev
1009496691
alt-svc
h3=":443"; ma=86400
content-length
192
pragma
no-cache
x-fb-debug
DtLIvW2DW6nYCyshM7P9p+6kIRGaLo4MDNHZgFSj3redLsw055gg1Tdoq7yTjQCpg+1Pq5lQMzjgZTf1kSrA9w==
x-fb-trace-id
Fcm6fk8QjdQ
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ADzZBUoOiEUdr5-KaNN8tTS
cache-control
no-store
facebook-api-version
v12.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
getLocalWeather
news.now.com/api/ 		827 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.now.com/api/getLocalWeather
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
2d24ad3b0e704c168b31da619aa25d7003a6ed6b98c8f1fef344d40c12e5e7c7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://news.now.com/home/finance/player?newsId=180275
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:57:03 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
135
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
x-amz-cf-id
h3AmBTALkgAzAqAoVs7iJka4E8TJNvjh_5XjnLS3pp_HFjICh_Ce-w==
addNewsViewCountByNewsId
news.now.com/api/ 		18 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.now.com/api/addNewsViewCountByNewsId?newsId=180275
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8

Request headers

Accept
*/*
Referer
https://news.now.com/home/finance/player?newsId=180275
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
x-amz-cf-id
3H85spS_ok-Dua-4n05G_2VKhYi0PwwuVFJLpzwRiu3g7_Kwgq1ExA==
getRankNewsList
news.now.com/api/ 		44 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.now.com/api/getRankNewsList?pageSize=10&pageNo=1
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
92cc12ac0f19ef74c5fd57234c0feb208804be77cdb44db26a2dd5ffe1812b32

Request headers

Accept
*/*
Referer
https://news.now.com/home/finance/player?newsId=180275
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:54:42 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
276
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
x-amz-cf-id
OTa6PZTfB5rQqFgh5LSjZ10BchUolbiXLUy4S28K8EEtoLEO8zCtNQ==
syncframe
gum.criteo.com/ Frame 3A6F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.now.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:18 GMT
server
Kestrel
server-processing-duration-in-ticks
274976
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.74.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-74-238.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
277ab1443576598953a508c111a7ad28d23b1e54f54a9ac0376bbdca253eac3a

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://news.now.com
cache-control
no-cache
x-server
10.45.29.166
access-control-allow-credentials
true
content-length
60
expires
0
MF.png
news.now.com/revamp2014/images/wearther/50x40/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.now.com/revamp2014/images/wearther/50x40/MF.png
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9200:8:e4a9:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.13.3 /
Resource Hash
cc95151ccc5e1da65516dd8e94e0766e134f32174a017b163fd2ffcefd4fb143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/home/finance/player?newsId=180275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Jun 2018 03:59:15 GMT
server
nginx/1.13.3
x-amz-cf-pop
FRA56-C2
age
557
etag
"5b1f4513-dc9"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3529
x-amz-cf-id
qu-FDpEtQIGBJho9pUCNAIWOmko-_IDdkxo-WTPWx_anma5vgrVS9w==
increment
id5-sync.com/api/esp/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.now.com
date
Thu, 26 Oct 2023 15:59:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=515076798590105&input_token&origin=1&redirect_uri=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=376f4832fd200a617f64d440e3f0d32f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 26 Oct 2023 15:59:18 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
505DnVqtYjTtwoDwLWua3UxV0p7vXjPmy1BiS701/5cBNkKJhIYdKPlpKg6+tF+mS64cSvLmeZlh5AoAnA0GRw==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1599765896&utmhn=news.now.com&utme=8(deviceType*newsTitle)9(desktop*%23180275%20Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896&slf_rd=1&random=4217507432
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896&slf_rd=1&random=4217507432
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34166611-1&cid=146162259.1698335958&jid=932879961&_v=5.7.2&z=1599765896&slf_rd=1&random=4217507432
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9612192&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698335958562&ns_c=UTF-8&c7=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&c8=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&c9=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
nMh-YSIAFGhGmkQANzEBuv3wQAHPU5JhmnmYXuPgWk_SdecpIgF_Vw==
x-cache
Miss from cloudfront
3R6YIGVY.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/3R6YIGVY.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF2BBNJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
b5067e032363589d65b0bd4a9480ab1136a7a6f29b8095abc01281f717039b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
gzip
cdn-edgestorageid
1080
x-amz-request-id
MMM04EAD4SWPDDEX
cdn-cachedat
07/07/2023 02:25:47
cdn-pullzone
55316
x-amz-id-2
fsrYEdepH7HZF54ILAdXxijkL6IlQtdrmqmwxkHc1T9/Nusvl8NFYHKQQwUVEcmk8TqoIn4xmTs=
last-modified
Tue, 01 Feb 2022 19:20:13 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"61c3d9199ce8b76667425b6af7672058"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
4c6efc1d268a0582075b52eda6948fe0
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF2BBNJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2b01b4d5be4566fa531b39574aa7c79ba5b2858c3321184ae3ac916ee2465a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85559
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 15:59:18 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DGFECMB23C&gtm=45je3an0v893189895z8830088854&_p=1943207193&_gaz=1&gcd=11l1l1l1l1&cid=146162259.1698335958&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698335958&sct=1&seg=0&dl=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&dt=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&en=page_view&_fv=1&_ss=2&ep.now_platform=web_desktop&ep.now_page_lvl1=finance&ep.now_page_detail=180275&ep.now_page_path=finance%3A180275&ep.now_page_cp=Now%E6%96%B0%E8%81%9E%E5%8F%B0&epn.now_page_has_video=1&ep.now_page_title=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DGFECMB23C&cid=146162259.1698335958&gtm=45je3an0v893189895z8830088854&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DGFECMB23C&cid=146162259.1698335958&gtm=45je3an0v893189895z8830088854&aip=1&z=1356104733
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 3A6F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=now.com&sn=ChromeSyncframe&so=0&topUrl=news.now.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=fFg3YnxvR1k1dExiUmt0VWJrbWJKWmQycWNHbGh0MjR4SFhBdXVLQ3NtYWp2Z0xTTk5wa2gxcDMxMDhZc2JBQ2w5WEhZNHdWL0JRWnFFOVVMaUY1L0dsekhlaURxaDZJWWZncG5xWDQ4dWJjZEo3VzdOd015U1ZZVkZRa2...
447 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fFg3YnxvR1k1dExiUmt0VWJrbWJKWmQycWNHbGh0MjR4SFhBdXVLQ3NtYWp2Z0xTTk5wa2gxcDMxMDhZc2JBQ2w5WEhZNHdWL0JRWnFFOVVMaUY1L0dsekhlaURxaDZJWWZncG5xWDQ4dWJjZEo3VzdOd015U1ZZVkZRa2hnUU5icnVtTWJNNEdDQm9obFJUNFBEWlRPN3BVa1hPQVVlakptVlFSUFdLam50VXR3QXNlN2VyYjR2bTB1anZZbHdXZU8yWEMwTmEyc2xzNU5qU3NsZ1FhTmJqMFVEQnZrNmVGbWw3cFRDa1R2eG1OQ2s3L1Nmb0RDcmxJVjdBQ2puTmRBWVUrWWZjWGkyeFExZk1tR2pBdWRBeWk1dz09fA&cppv=2
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6c2dd7bffc734ee937c30b72b4c26db9badd51fd439f5cca50f9e3a407a93c22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1245755
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=fFg3YnxvR1k1dExiUmt0VWJrbWJKWmQycWNHbGh0MjR4SFhBdXVLQ3NtYWp2Z0xTTk5wa2gxcDMxMDhZc2JBQ2w5WEhZNHdWL0JRWnFFOVVMaUY1L0dsekhlaURxaDZJWWZncG5xWDQ4dWJjZEo3VzdOd015U1ZZVkZRa2hnUU5icnVtTWJNNEdDQm9obFJUNFBEWlRPN3BVa1hPQVVlakptVlFSUFdLam50VXR3QXNlN2VyYjR2bTB1anZZbHdXZU8yWEMwTmEyc2xzNU5qU3NsZ1FhTmJqMFVEQnZrNmVGbWw3cFRDa1R2eG1OQ2s3L1Nmb0RDcmxJVjdBQ2puTmRBWVUrWWZjWGkyeFExZk1tR2pBdWRBeWk1dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
298497
content-length
0
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 7451 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 26 Oct 2023 15:59:18 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=3R6YIGVY&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&t=1698335958805
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/3R6YIGVY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.40.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-40-57.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3126a2287bfb357a1c090c4f57c7b4aade8b3a1a2faec77f3a82c2ea8c2b556f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:18 GMT
expires
Fri, 25 Oct 2024 15:59:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D0C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:18 GMT
expires
Fri, 25 Oct 2024 15:59:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0D19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd4lY1FnOAAiy64RkDrr_Szr5AMTt5XnYt5WHRqz5hIRCosquAc1C2o4W7ZeycPmrruzzA0VFgNTcqMKzmdDMi355LHbOrKKgjZxtEehYtk85jtccAWuxe7QKrsXeLW-U-jQMkAbhTtHDS_nMyc_Vqs7Y4cMWDEgH9-XF6AUUQte-wodgU_tlDnl2fxbThEcoZh6zQMnzCrTTdWJhczTAHLWLVTMSHKW8mIkgxlRDGXXkDy0ZpgbmBIAjJrI_Z6LxVT9e1pR9Zc6eYrlPvV_xjmLk090sZa66ynt9tsgfmuTdSwqsnfaW5-2D16RMW9_VmwbSla8gqKQ&sai=AMfl-YTT5WWZ3Cq5hFJISOviMyAQsNXlcskcs56sPdWC_--0tQ90HiRgaWoiEEvU1JfdeWy4T5ZO5skDRCkCe_y-dNrmc0MmaSpI0UXnTpDgQ3xVM0vybCOgT0ZDuzWCmtSaiV9SaM8wNyc4FLGVU5Y&sig=Cg0ArKJSzADSpfjPk8JdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 15:59:19 GMT
ats.js
anymind360.com/js/2193/ 		187 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/2193/ats.js
Requested by
Host: news.now.com
URL: https://news.now.com/home/finance/player?newsId=180275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b44c75bbe2ff7009ee3693779e7b5fc44067657f74b186b7fe2756e3a88dfb33
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 08:31:03 GMT
date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
26896
x-guploader-uploadid
ABPtcPq5MkqGdY7rrjfrKWN_KxtA5mXHtENw-3JcD7wpLQpUspnnRT0b8NZlbUxUO4T3AZ3Y8ecmrRQ_Xw
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42512
x-served-by
cache-tyo11983-TYO, cache-fra-eddf8230078-FRA
last-modified
Fri, 13 Oct 2023 04:27:17 GMT
server
UploadServer
x-timer
S1698335959.408235,VS0,VE1
etag
"11e3f02bab676389f0ea1bb895e982b1"
vary
Accept-Encoding
x-goog-generation
1697171237393736
x-goog-hash
crc32c=eq5S6g==, md5=EePwK6tnY4nw6hu4lemCsQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
42512
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
6, 1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D19 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 15:59:19 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2AE3 		150 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0ccca434c548c8c680e0f59054c28bdf978f47f2692c7f325ad53d34e864ac9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:18 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=znv682AWYU6ChlLAHuNkCCComTxvj4AQzyR2QgsMrBgh1FPsBF_EG-EtAU8htHAfJnqVXKJFPw4Y3APgCwvEN-EnGNUH_cerofcINV5PJLY5sKnrzp-dgYWV4NnwprTvEQ1T7lbFIMmx14VSMjmATlaon3QySoPY64RilOBAGMHhirFIIBPOxWyAkHL--UdJbqNEyPImi14M0Sxg3GtnUMN-_QzrzNifyzU_ZUl1cP2cCbmQ55mkPEO8javaQbxyFrqKyQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
65317618
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame BB36 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:41:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
1078
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 15:41:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/ Frame BB36 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231024/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:22:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
49035
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 02:22:04 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BB36 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
552310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB36 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 15:59:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2D0C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
552310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
9488608712396272660
tpc.googlesyndication.com/simgad/ Frame 2D0C 		423 KB
424 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9488608712396272660?
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71627f06704b44ae3dec078e31d22dc0d97b231b6c1988376c200a3ad3cf9be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:15:47 GMT
x-content-type-options
nosniff
age
78212
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
433354
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 08:35:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Oct 2024 18:15:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D0C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 15:59:19 GMT
truncated
/ Frame 0D19 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
684fbb13ec87eed49e511e6da678f633273da52d55d5c6968eaa918d3cc9e7a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0D19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR-M_Z3NtIrgkCgiFURGY3-2fIYyDoSImiUbXHadBf0FdzsrOec3idIpZJYy7IJCcDFz-K0XIHOWfUtv6S5LZPRSU3YaNBdR46AGrRFeQNKAOW9L2pSm9aYNhKnsQ8lQWJh1FnMWQ0qWC-PNVM_0t0UTQV-VKLPk6InEd0bkU9RUghBDM9mvEtiF63IWfahLo8I4RazayyaAT4skpdoxQz69Pph--0dYbdZCmOUK0oIbLCUDSsvHJoNs0AHoAFe99mZHE-vtZtJ36hVxVvnPdJxmeT_zoOsq9HQr7_xwwAsfumyuVCfutKALqsFoQIeTFiAyabqs19C9EA&sai=AMfl-YQ_RJmRUvFGvpzCM_H-LZrLVebUUmagN0LRtA7bwe50cuU-ygIVVHps6fb1VJIZd0Wa7CHlIgw4gMCTwg3eSBAaSKJlsWIGKO3WqCWhGlZKqj0BxALASDdFAFoux0twJoxjkOlVvT7oibdfDqA&sig=Cg0ArKJSzAEd7Jn7B6uTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 15:59:19 GMT
truncated
/ Frame BB36 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
479eb246f1c3974d9ce4096f4fc13fc1e8002986f06ee6dfe004398f41958580

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2D0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspjwpTtsqN1CwW35SvpwDa3dbLRu9Zknl_QYnSLkXK188MHnH5BP-af4RRG912tBal4tKJGnXfj0mgggBD1tw_8kriJbXCcqqq7r1p4awOO-rQ956-o2VVKuEmK6occrwqMCWpV55bHiNbfgCk5PcF6aynJ3cP8v7vzNICnbujmYwEggwvOqwj3d9dZQAfXnfFpQmmQzQ327aWojwPcJSeUdB38nEpd934NeYYmS47y3cuG57Tf93qFwn_QrlG3knTzLQTu6ZX7hgZ0x2IyiHlmeDlWfpKsQm8spUAFd26tvXRHVDdOJLNHQzazA9kykUUjn_3ZX6jU8TAQyAfe_agAbsL6enO9RD0k4ooO0f2Ug&sai=AMfl-YRvuqRCp7BDUYeN2s26j3H9LYo4_CK8aFMlV9-1iLnmSpWDN020thIuVFFh0rdCTddRfIq3uOZXA1hEKwuYffxB0q_XuskOuKqyaRoBrBKHkAx3BOX0fGF3Kn-My1aZnfvnzRzTa1XE1I2vDfQ&sig=Cg0ArKJSzOGvF2h79Sr2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2D0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujXvDHpqGMbBVEdXLV1ePZcIGDB-JkVn5c5w2fm_NtwOfn8UXymYg_2npk-YoO7RSnfZx5vhiXyALalZILquhvOrjEJ4XyDSi6wD09Y8sWg_eh-5R6OVYFTya0cL2d4nhUUcXkQHhk7tdrhFjtpssNDJ5S3aymW4yr-lKdZVtUU47HKrHBUekWimhv2aT4Ta3mXXq4yBNECOMA4To4OJg9wyUGFPUq2PMqAvRxcO78xle0pH0UTSBuBr5s3zuZKCjai6KFe5spJhlF1m_o2WornOV8VYqUmOxeu9jSLD72Lo43s6nFJwDNoAMXz5IKEQvBlQAqz13sFrZRNH1TB4B_6_O1Asalxs1GfxEXNvUcnn5t&sai=AMfl-YTs0qeyw7a30GE4hXqJ37h_8LnjvhGRSWCg8HBf1QI6rtsuulV7ytJViw1iMKZ_nWRfEtDYD7vu2aaKpWzK1pUYwECtWqiWyAmW-CNNc_rXWmRVGiYFq2KEm8SDbYBprzS8G4Jd6ig2Jq_-e64&sig=Cg0ArKJSzBip7NcIc14KEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 15:59:19 GMT
iat-realtime-7.0.11-ws.js
cdn.insurads.com/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-realtime-7.0.11-ws.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=3R6YIGVY&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&t=1698335958805
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
cdn-edgestorageid
1081
x-amz-request-id
T2W1K0941E6R58XZ
x-amz-server-side-encryption
AES256
cdn-cachedat
09/19/2023 10:24:46
cdn-pullzone
55316
x-amz-id-2
Rhs7Q+TE3y7luPRCoSGh7VbI2KdvFimopuH4QmHuiQahfBUSAE0EwEeChu7/lHp/F8WQdI6PbnxK5dpL/HiPMpPBjmqMSZiY0skxZ0JYQa0=
last-modified
Tue, 19 Sep 2023 08:22:46 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"75857c4fac071c7c848bbe0f76263cf8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
0137dbd86aceacb7aa0cc79ffc08b3ea
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
iat-1.14.20.js
cdn.insurads.com/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-1.14.20.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=3R6YIGVY&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&t=1698335958805
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
cdn-edgestorageid
1082
x-amz-request-id
8RWWGM3CWK3S9TY3
x-amz-server-side-encryption
AES256
cdn-cachedat
10/24/2023 14:39:32
cdn-pullzone
55316
x-amz-id-2
6UsjhvKT4Z+Mei9eByUzaglU/KjgEbkdDbtgplQLp9C7Osp3Sjt8dYCwyj67pdZmSvwg9PWecmY=
last-modified
Tue, 24 Oct 2023 14:38:13 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"2b9d33be45a640fc410b9057606a5237"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
54e4e55d364df8b0802c1ef493237082
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		138 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?v=1.0.12&appId=1546&vId=6AC5E88910458F17&s=1873&fpc=1&nv=1&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tcfc=1&lts=0&ts=1698335959286&iatId=f95d2bb0127b88e30df1f5400d2f4cc7&iatIdB=b2b4e6a94f12fd91b8a9326cad9e39e3&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=URUURIEUEZ
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/3R6YIGVY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.40.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-40-57.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BB36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtNQH1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSwAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFJ3chH_-bFLWt0sEThSC3vBJKP7xvoCgb6C3RJltjpA7uXIvdPRvgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMDE4NDkwOTk5MTU2MzA5GOKNGA&sigh=S71joTEowjI&uach_m=[UACH]&cid=CAQSSwDICaaNRP_7Y9vfg5lRFPu2jBK8onjz6MC8eNNaJ00Q92MhGp-FzpnldXaVnvHNhFtrKhKhd47OBjoAiNb0bN-PLbpGleuLGGObLRgB&cbvp=2&vis=1
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame BB36 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMg12AVanYNiAgIAAAAGAM9Dufj4S4Q27aWyVSGOENaMOmV_um1auPRUWjX1AAASAAAKCkFRVUJEd0VCRHc&wp=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&cbvp=2
Requested by
Host: 3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
166812
server
Kestrel
content-length
0
truncated
/ Frame 2D0C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc9aca5e1efbb05b44d6e680afd5074b74ce1cdfd8c2668766f501ad16d9f30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2AE3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 15:59:19 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2AE3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 15:59:19 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2AE3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 20 Oct 2024 15:59:19 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2AE3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 20 Oct 2024 15:59:19 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2AE3 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3Kn6w0w1vKREGpm8ff9nbhvlYMPBauUT7mEzLN_FuaYs_PPqfu0c7ErQbv1X3YIv6xXTApp4Xsy5U37BEyiQdsdOFFB04-bBFocMfzW6UtDC3k5w8pfahjCNZgSgTE0QXiTrzwXVarAlWWopRHvMXjOf5_Dk19V1Zzc5muMIrJkAYhBoAxnO9VMr-MKOKC7G1F0AbkvWoCblUoARuWRLn-Aa7ZyZgLSxbNDn3eVBu5mPzQBQnpl4xCOVyn-JFnXDNr4SAgdELZKULZhxVQvwXpmdVSe7AmGf7aBXtKj3mu0eR84R9oGCYgqOuISGUozLiMD2jtFP6Tn4KonSx3hd6XXvEVYoomlmYEud_nJIh2Mnqdg6gIuBXdt87fBESAwYMnoxM4q9VCCut3XLJs6Lb7OI8hMN77PLA-mgeCp45II_14Vr
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2494250
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 2AE3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 15:59:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=412&rid=4&s=4XmDzDhTj_Xt41SoTFfmZS1p
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13661
expires
Thu, 03 Oct 2024 11:24:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F7251_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=8cdAn7lBwzgxpi0QJKVay_Ht&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9d7858fcf072cca6ec23f9b871b0ea6f8c03f0ebda25bfa8e5f19ed9b62c082e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4022
expires
Sat, 04 Nov 2023 15:15:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F7205_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=Se2Qgo8KcgUmr5FN-aX6FRaz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
18698
expires
Sat, 04 Nov 2023 22:38:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=N2-N3FEOfepReAgBnHPPF5ZX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8586
expires
Sat, 04 Nov 2023 12:47:14 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F3984_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=qha8S_p0EyJ8g6mGfoHFedeB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
47d28f2d8e65dc2ee8bf14064d39a5915f75fca7c1c91b922f6955fe7fc02f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4054
expires
Sun, 05 Nov 2023 04:56:44 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F7966_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=R4KBWrseKDiRDhar-WwL6lEp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
5320
expires
Sun, 05 Nov 2023 12:40:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=jlK4xXIF2hBRwd2TfO2bBhxs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
20960
expires
Sat, 04 Nov 2023 13:01:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AE3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F8191_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=PgO1hs4yg4iTYDvpfSxe94Jb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7288967bd508366a5f2b2e5b64656ec99ee6538dca3eae54fc4ab86b59c0ae3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
13962
expires
Sat, 04 Nov 2023 12:21:16 GMT
all
csm.eu.criteo.net/ Frame 2AE3 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=znv682AWYU6ChlLAHuNkCCComTxvj4AQzyR2QgsMrBgh1FPsBF_EG-EtAU8htHAfJnqVXKJFPw4Y3APgCwvEN-EnGNUH_cerofcINV5PJLY5sKnrzp-dgYWV4NnwprTvEQ1T7lbFIMmx14VSMjmATlaon3QySoPY64RilOBAGMHhirFIIBPOxWyAkHL--UdJbqNEyPImi14M0Sxg3GtnUMN-_QzrzNifyzU_ZUl1cP2cCbmQ55mkPEO8javaQbxyFrqKyQ&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2AE3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 15:59:19 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2AE3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 15:59:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71720fe68c5a708363489312340bcde955850e57766ba24a2e70d9443c20d958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29842
x-xss-protection
0
server
cafe
etag
859 / 19656 / 31079181 / config-hash: 18294707092208642472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 15:59:19 GMT
prebid_2023_10_13_4_27_2.js
anymind360.com/js/2193/ 		430 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
564913ca7c425cc7027417fb4b74fb43802ccb43158b25f1d177063c5c8b2549
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 04:27:17 GMT
date
Thu, 26 Oct 2023 15:59:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
211715
x-guploader-uploadid
ADPycdvwn9hxKEJ0q0-j4rVMlIwnIfCXFqeG3QmBTZTSJ2bKuBNpRaWmocge6qmqbWpLXlzTaxn2ro8H-A
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
139932
x-served-by
cache-tyo11949-TYO, cache-fra-eddf8230078-FRA
last-modified
Fri, 13 Oct 2023 04:27:17 GMT
server
UploadServer
x-timer
S1698335959.455831,VS0,VE2
etag
"b5d3ad44ebe003944f23fd4f6c360404"
vary
Accept-Encoding
x-goog-generation
1697171237389747
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=/+aLeA==, md5=tdOtROvgA5RPI/1PbDYEBA==
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
139932
accept-ranges
bytes
x-cache-hits
39, 1
apstag.js
c.amazon-adsystem.com/aax2/ 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:23:52 GMT
content-encoding
gzip
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2128
x-amz-server-side-encryption
AES256
etag
W/"f90f24d20b0a1f80ef986c97a9726a2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
y_U7pkR80fd7k1cjtHPfnRRG12gmfCJJo8Pv6kNYGbioFJMtP9s5YA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b862cf296d276abfc28afff81b0ff181e3141b46342803acea39a42031a505f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
43105
x-jsd-version
1.0.1854
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230052-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-HhsU0g45tI5PzmP1+sbL8iGIJu0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=En535DmsTVNIllH%2F6sNmCmmM%2Bai7Fn%2FbY8rZJ5%2BzrHZ8BBwyP1kdEeZd%2FjUBS%2F42MVfyu1ZFgYL5q%2BZHJM%2FTVoCkF%2FkwPSjLxkwcmhUaqibFrVr1pIDQ%2FMWoCt3%2FaDyOIIFO0sLXgroMSVKJgIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81c3e7e33ebe9018-FRA
v1
prg-apac.smartadserver.com/prebid/ 		171 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.225 , France, ASN16276 (OVH, FR),
Reverse DNS
ip225.ip-217-182-178.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://news.now.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9173772c90bcee0c552cfcb94e058e451ddd5239003bd089c589acf636750623

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:18 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
36
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 15:59:19 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.now.com
date
Thu, 26 Oct 2023 15:59:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=713044
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b201b6d4e40b7044515572ccd73eca863563fdb0f13f42487f5bf1cd51c0feb5

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGrcXBC%2FOCNe8i9D%2Bzs5muUteZhYZNT7cut60NIEcTWeVFYEQ8UVKXXVTJ2ebHQnCwUVqcJQwWJ6Zu2GZMLcSOHkS1AedbRS7X26x9iUjvoLQBvzH%2BB0l7%2FRJKXzyj%2FKWO7tI6wn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://news.now.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81c3e7e36d7f6983-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=65483749343&lsavail=0
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://news.now.com
date
Thu, 26 Oct 2023 15:59:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.ad.smaato.net/oapi/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.18.240.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-240-81.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace
https://tracing.smaato.net/api/traces/b48db61f0fde18984149f66538b3b987?prettyPrint=true
access-control-allow-origin
https://news.now.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
37e29971-0d00-3ad0-baf6-78ef695a2a06
fastlane.json
fastlane.rubiconproject.com/a/api/ 		461 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=439118&zone_id=2575352&size_id=15&alt_size_ids=67&rp_schain=1.0,1!acquamedia.com.hk,A1439,1,,,&rf=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tg_i.domain=news.now.com&tg_i.page=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&tg_i.pbadslot=%2F29746187%2C94348418%2Fhk_now.com_desktop_RightSticky_300x250_Finance&tk_flint=pbjs_lite_v7.54.4&x_source.tid=d157baaf-1ba4-4c92-a610-6ad60fb4cc52&l_pb_bid_id=14895c4c043f575&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d157baaf-1ba4-4c92-a610-6ad60fb4cc52&rp_maxbids=1&p_gpid=%2F29746187%2C94348418%2Fhk_now.com_desktop_RightSticky_300x250_Finance&slots=1&rand=0.1956132390491585
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1a7a6793bd25088043f1ae46f834835581d5b6a38fda53862e80121c95b9085a

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
461
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:19 GMT
an-x-request-uuid
c314f956-48ae-4295-bc33-d58e58c102ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
53
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
db25e772-a50a-4abc-826c-f029cd5364e4
config.aps.amazon-adsystem.com/configs/ 		537 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:37:02 GMT
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1337
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
cdZtRVS5Ge22eHRm3pe1_Z-s4ihxoZYJQ4g4-EnfDwnA06CTuLkfmg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnews.now.com&pubid=db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:19:13 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
2405
x-cache
Hit from cloudfront
access-control-allow-origin
https://news.now.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
_IZQZftASDz3Uxcl6zxktK26gmLgGFx3C3Z7f6xf4xAAop-VbrRbAg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&pid=WWX26VP72WqIy&cb=0&ws=1600x1200&v=23.1020.1619&t=2000&slots=%5B%7B%22sd%22%3A%22ats-insert_ads-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x480%22%5D%2C%22sn%22%3A%22%2F29746187%2C94348418%2Fhk_now.com_desktop_RightSticky_300x250_Finance%22%7D%5D&schain=1.0%2C1!acquamedia.com.hk%2C2193%2C1%2C%2C%2C&pubid=db25e772-a50a-4abc-826c-f029cd5364e4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.239.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-239-116.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P4
x-amz-rid
GQZSCDWGXK4C3JZVVFV0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://news.now.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
s5Vqch7OPzQzY8TErYZjkZM1KJjtBqpZ8JAiIv9tHTIr3wG6qAsCFw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
date
Thu, 26 Oct 2023 01:24:11 GMT
x-amz-cf-pop
FRA56-P6
age
52509
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
FhcalTTkJEWV5-o-xUvGzIrETW6fDeKrYUezFhCH0NxvDs-BbpVsLg==
ads
securepubads.g.doubleclick.net/gampad/ 		340 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2729736050704422&correlator=2155856701769510&eid=31079110&output=ldjh&gdfp_req=1&vrg=202310180103&ptt=17&impl=fifs&iu_parts=29746187%3A94348418%2Chk_now.com_desktop_RightSticky_300x250_Finance&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x480&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D177c0de22d8efdf2%3AT%3D1698335958%3ART%3D1698335958%3AS%3DALNI_MazAS3iBjU5wD16TjDDUm8lxx_hqA&gpic=UID%3D00000cc4697ec0ba%3AT%3D1698335958%3ART%3D1698335958%3AS%3DALNI_MaNyXx8HbQ0iYBzVWFIQZpUwJ-oLA&abxe=1&dt=1698335959748&lmt=1698328759&adxs=925&adys=759&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&vis=1&psz=300x30&msz=300x0&fws=128&ohw=0&ga_vid=584306327.1698335959&ga_sid=1698335959&ga_hid=1943207193&ga_fc=true&ga_cid=146162259.1698335958&a3p=EhwKDWNyd2RjbnRybC5uZXQYlMrY5bYxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiUytjltjFIAFICCGQSGQoKcHViY2lkLm9yZxjiy9jltjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YlMrY5bYxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVprNXNSM0F5ZFZSUmNHMXJka1ZOWmswNVNsZ3ZaejA5SW4wPRiLztjltjFIABIZCgp1aWRhcGkuY29tGJTK2OW2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ywc3Y5bYxSABSAghq&dlt=1698335957619&idt=609&prev_scp=Audience%3Dfinance%26Campaign%3Dmanulife%26amznbid%3D2%26amznp%3D2&cust_params=pathname%3D%252Fhome%252Ffinance%252Fplayer%26Now_newsLive%3Dfalse%26Now_newsCp%3D12%26Now_newsId%3D180275%26Now_newsCat%3D121%26Now_newsTopics%3D%26url%3D%252Fhome%252Ffinance%252Fplayer%26ref%3Dnull%26param%253AnewsId%3D180275&adks=2886535119&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3652553684ab78dd054fd857edcc220506fe7da4a988871f9e8448a86c96bd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D19 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdKs_2eGbdzs8Q8BsEIZ5dwGd1oBsfgFQgRb8uYbs4rHXLNlf4j3DOofdlaJd_Vc7vv2zIp1dwNLBYJBxT5mprAhNW0-Fmh6uU3PfwJmkA-0J5d4LLdbUMK4xxGrnN9e-kvF9RNOXgqw&sig=Cg0ArKJSzP4A-H8z1KlsEAE&id=lidar2&mcvt=1000&p=711,925,961,1225&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3588068213&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698335959084&rpt=102&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D0C 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnBpvTEPQLIsXwmyKvkEekfJsAqmWGVqpCGGYkZIlGlhAo7Kh0B2ot0ORqvmYRfla_9x71H2hS8lt-T5axMdaXkt5koGUu5o0Zg5oeNu1oupxypaDkEh165dDJWcZurJomcNc2OnxS4A&sig=Cg0ArKJSzF1OQJFi5ieZEAE&id=lidar2&mcvt=1000&p=421,925,671,1225&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=319731832&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698335959078&rpt=173&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BB36 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqMHO8rsBqJ_SzcNBJPHVBkWPEZwysTvi19xfZ53D5LM_IBsdF5KoJh4QNsM3jZ96TPcjFzQkZw4je-Pc_4CLltKRrV6kdYmXD-egQTz2xh0hdLNjo&sig=Cg0ArKJSzCQuWJoJ6WjwEAE&id=lidar2&mcvt=1002&p=71,562,161,1290&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=494382883&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698335959072&rpt=161&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 2AE3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=znv682AWYU6ChlLAHuNkCCComTxvj4AQzyR2QgsMrBgh1FPsBF_EG-EtAU8htHAfJnqVXKJFPw4Y3APgCwvEN-EnGNUH_cerofcINV5PJLY5sKnrzp-dgYWV4NnwprTvEQ1T7lbFIMmx14VSMjmATlaon3QySoPY64RilOBAGMHhirFIIBPOxWyAkHL--UdJbqNEyPImi14M0Sxg3GtnUMN-_QzrzNifyzU_ZUl1cP2cCbmQ55mkPEO8javaQbxyFrqKyQ&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 15:59:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
828f19462048c00b2f2453e914003894c30a516061457aeb8ec5aecb8adec97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 25 Oct 2023 08:33:57 GMT
server
nginx
etag
W/"6538d2f5-17f71"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 15:59:21 GMT
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		0
0
batch
services.insurads.com/dfp/mapping/ Frame 565A 		1 KB
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=1546&requests=[{%22eaUp%22:%22/94348418/nownews_web_fin_LR01%22,%22eoId%22:3012214987,%22eolId%22:6032896793,%22advId%22:223740178,%22ecId%22:138451356465,%22w%22:300,%22h%22:250,%22eId%22:%22main_nownews_web_fin_lr01_0%22},{%22eaUp%22:%22/94348418/nownews_web_fin_SB%22,%22eoId%22:488130058,%22advId%22:176757058,%22w%22:728,%22h%22:90,%22eId%22:%22main_nownews_web_fin_sb_0%22}]&h=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&ts=1698335961622
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.40.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-40-57.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b378c7034466ed33969ffa5d7d89e8633a4e028f665c6c66f0c8c710971da53c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:21 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DGFECMB23C&gtm=45je3an0v893189895z8830088854&_p=1943207193&gcd=11l1l1l1l1&cid=146162259.1698335958&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698335958&sct=1&seg=0&dl=https%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&dt=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE%20%7C%20Now%C2%A0%E6%96%B0%E8%81%9E&en=now_page_view&ep.now_platform=web_desktop&ep.now_page_lvl1=finance&ep.now_page_detail=180275&ep.now_page_path=finance%3A180275&ep.now_page_cp=Now%E6%96%B0%E8%81%9E%E5%8F%B0&epn.now_page_has_video=1&ep.now_page_title=Zalora%EF%BC%9A%E6%9C%9F%E9%96%93%E9%99%90%E5%AE%9A%E5%BA%97%E7%84%A1%E5%8A%A9%E9%8A%B7%E5%94%AE&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DGFECMB23C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.now.com%2F&domain=news.now.com&bundle=fWO3P19nY2M0OGlqQVRscjklMkJ6c0Z0YzByMUNRJTJCVGhFVW5uTzA5TEVXTkZoNGd1JTJGNTBIJTJGeCUyRnFHbExiMzRST0FKMWF5cm9GdUJOUDE1WmJCYzh4NGRFSWpVNjdmdzJzYjZLNEJJUXNlU3B3OWpnUXlXZlphOCUyQkVFRVlDalJUaiUyRmVWbm9aUW1WQ254MEp0Nlphb1JHcDJUMGh4dyUzRCUzRA&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://news.now.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 26 Oct 2023 15:59:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
257132
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.now.com%2F&domain=news.now.com&bundle=fWO3P19nY2M0OGlqQVRscjklMkJ6c0Z0YzByMUNRJTJCVGhFVW5uTzA5TEVXTkZoNGd1JTJGNTBIJTJGeCUyRnFHbExiMzRST0FKMWF5cm9GdUJOUDE1WmJCYzh4NGRFSWpVNjdmdzJzYjZLNEJJUXNlU3B3OWpnUXlXZlphOCUyQkVFRVlDalJUaiUyRmVWbm9aUW1WQ254MEp0Nlphb1JHcDJUMGh4dyUzRCUzRA&cw=1&pbt=1&lsw=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.now.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
214673
expires
0
checksync.php
contextual.media.net/ Frame 3B43 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C2099%2C3020%2C173%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C345%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f564378ab495fcaf84ffaff9f89a7e25cfb265061a70a9588fabda268d843c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8451
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 15:59:25 GMT
expires
Sat, 28 Oct 2023 15:59:25 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 827A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81c3e80a3c6f65e0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 15:59:25 GMT
expires
Thu, 26 Oct 2023 19:59:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3A0C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 15:59:25 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ADD8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=17443
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 26 Oct 2023 15:59:25 GMT
expires
Thu, 26 Oct 2023 20:50:08 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F22B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/2193/prebid_2023_10_13_4_27_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
21800
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 26 Oct 2023 15:59:25 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
175, 171805
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230128-FRA
X-Timer
S1698335966.822007,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame 3A0C 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 01:19:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33676
Connection
keep-alive
Content-Length
11051
Expires
Fri, 27 Oct 2023 01:20:41 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 00AC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3fd68dd79cc544630db50dedeb03b160a71e98055058259286512d54e8c9b0

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81c3e80adfde6983-FRA
content-encoding
br
content-type
text/html
date
Thu, 26 Oct 2023 15:59:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiemxr%2FDr0jeENTbC4R58DAqmeqlMl4du5YrsCTZQEeqfa4It0z4rDSMBgM28M8zUKyalKdug2qgHs88jFPzjZ4L8cYZPwIwgH4gMWzMzhuAW%2BgkTbChR4Gf6LI3mC3DH%2FVGhVzVzQffeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81c3e80a9f836983-FRA
content-length
0
date
Thu, 26 Oct 2023 15:59:25 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5a8XRo1f9m4wPHVT5BU7UktogxkbdW5ny%2Fd7gETGmJdxS4zORyO1DDX%2BevSWqLni%2FzJmmskWw%2Fm1JpvPEk4UNIRvy4ejfWkiyhIAoPYG%2BDTByBJqrTz%2FHjJVz%2B6xk0MP249TRWdEISDfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bounce
ib.adnxs.com/ Frame F22B
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:25 GMT
an-x-request-uuid
afada58f-f18a-4ff3-98d0-28b4c362b0c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:25 GMT
an-x-request-uuid
78f1734f-e3af-4526-9d70-3745e5274b44
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame ADD8 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98289078&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3f0a667fd8dc11662117c1129a8116c231c96cf4149f1dbe636e8b89236117de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 15:59:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 3A0C 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
crum
dsum-sec.casalemedia.com/ Frame 00AC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTqM3Z2PDyT9tLRlu9k5TAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENSajX8mlBXzimSNMQZvFJs&google_cver=1
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENSajX8mlBXzimSNMQZvFJs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2A3Z7dit6ROikewd2h6cgK15t5KnW4CMnXI2imF77m1faWreMqphmS54M8daJXKYoVaN%2FmPvpBMId42OUSmyqNPkZw5sH5Bl043wivp33WCuwle16QLL4Y3bqNTui38ZqsYoB6V8LENCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c3e80bedad920b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENSajX8mlBXzimSNMQZvFJs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 00AC
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTqM3Z2PDyT9tLRlu9k5TAAA%263314&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTqM3Z2PDyT9tLRlu9k5TAAA%263314&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=ff66069a63094752a1599535ac1f2365
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-TNoYXaRX43ERv_I1SSuvUDqWG-1K4MqthL2x7A
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-TNoYXaRX43ERv_I1SSuvUDqWG-1K4MqthL2x7A
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-TNoYXaRX43ERv_I1SSuvUDqWG-1K4MqthL2x7A
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:686a:b20f:8598:8ecc -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:27 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-TNoYXaRX43ERv_I1SSuvUDqWG-1K4MqthL2x7A
Date
Thu, 26 Oct 2023 15:59:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
usermatchredir
ssum-sec.casalemedia.com/ Frame 00AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELJULQ1PQ_uNL3UuuOIxQ4s&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELJULQ1PQ_uNL3UuuOIxQ4s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=410YV9aM3qf1sIj8gz%2BN32wVaD8qNUpgq7JStHMjWho232C5RP4MZHP13G4%2BZtaIWUtLwYvTYSoZT3Rci7foe8cWmzv4z5BgjrSkSPqqYn0JDUPhLmAkLE86Yu9ha0Etv1AYgml06sDwIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c3e80bddac920b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELJULQ1PQ_uNL3UuuOIxQ4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 00AC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 15:59:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FYKJA3F44GWFG6M923H4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 15:59:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T2VM536NYW5AA9QZ36CZ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTqM3Z2PDyT9tLRlu9k5TAAADPIAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 00AC 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:add9:3669:29b3:4d0e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:26 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 00AC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2051001822236575055&expiration=1699545566
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2051001822236575055&expiration=1699545566
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD9%2FJjESdZMgl8JE4peaY8rv%2FyykfAb%2F9YD9MK%2FHNXZPp2%2Bl%2BVk3AWK6q7s1f2tuE%2FYGuWZadfhgS0Vb5xrdvj8dGYskic%2BZcgmz2tphwgL6GcTQSWKtcMxc6ubMltUbp1itltaJ0Wx9og%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c3e80c1de0920b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2051001822236575055&expiration=1699545566
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 00AC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZTqM3gAXgckWgABV
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTqM3gAXgckWgABV&_test=ZTqM3gAXgckWgABV
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTqM3gAXgckWgABV&_test=ZTqM3gAXgckWgABV
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPINhaei19AaE2pQpYW%2BOvo1WXEo5H9XjWt7adnsOUf7AH%2BMicr8%2FdlAiCiGXakZEp084Yr3B%2Bgg%2FNJPBb%2BTldBTgUAXq6YU5AQO3fBpB1qaDe0xlPl5OMMLKTc62qhxQxUxzKE2LGM69w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c3e80c6e2a920b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230105-FRA
pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698335966.121338,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTqM3gAXgckWgABV&_test=ZTqM3gAXgckWgABV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 00AC
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHoWsjIKLPtp7jRSEQpFGh58N5UYTiKa%2FGZsPsP0uLDDueBsWNg5VXyRaeCgmCyPdwLgb3gkOyAyVRu3uKMtAoSDI7oyUrcPAWw8Pt78LqJd9v0ADMN0O%2BNjJ3IRQxUF3pUuLUJXsFHDUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c3e80d6f13920b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Thu, 26 Oct 2023 15:59:26 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 00AC 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTqM3Z2PDyT9tLRlu9k5TAAA%263314
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnews.now.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
26161
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81c3e80b4dc565e0-FRA
content-length
43
expires
Fri, 27 Oct 2023 15:59:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 650F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:25 GMT
expires
Thu, 26 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
628911
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0D23
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 26 Oct 2023 15:59:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XXG5Q2MZFCYRW0BRT9WT

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 26 Oct 2023 15:59:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ACPM7EVK0AVVAECMFV9P
Pug
image2.pubmatic.com/AdServer/ Frame 15F1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0
42 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 26 Oct 2023 15:59:26 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 42C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5935648017172192030&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5935648017172192030&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ca310e95-27e4-4342-bbf1-9bfbbc00f284
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 15:59:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5935648017172192030&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame D99F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294297431593121944&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294297431593121944&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 26 Oct 2023 15:59:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294297431593121944&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
odr.mookie1.com/t/v2/ Frame 44A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=384f4ec5-b636-4d1f-bde4-a84fd0b51349&ssp=pubmatic&gdpr=0&gdpr_consent=
42 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=384f4ec5-b636-4d1f-bde4-a84fd0b51349&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
content-type
image/gif
date
Thu, 26 Oct 2023 15:59:26 GMT
etag
"6530c7b4-2a"
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 26 Oct 2023 15:59:26 GMT
location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=384f4ec5-b636-4d1f-bde4-a84fd0b51349&ssp=pubmatic&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame B3C9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NUImJQfmVYxctzWJWXktSdly2hw&gdpr=0&gdpr_consent=
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NUImJQfmVYxctzWJWXktSdly2hw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Oct 2023 15:59:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NUImJQfmVYxctzWJWXktSdly2hw&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ADD8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cwev4P2VTySDUtQEz8czIA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:26 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=17442
accept-ranges
bytes
content-length
5606
expires
Thu, 26 Oct 2023 20:50:08 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame ADD8 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7307AFE0-FD95-4F24-8352-D404CFC73320&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.46
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame ADD8
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=768971453
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7307AFE0-FD95-4F24-8352-D404CFC73320
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7307AFE0-FD95-4F24-8352-D404CFC73320
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:25 GMT
via
1.1 google
last-modified
Thu, 26 Oct 2023 15:59:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7307AFE0-FD95-4F24-8352-D404CFC73320
date
Thu, 26 Oct 2023 15:59:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame ADD8
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7307AFE0-FD95-4F24-8352-D404CFC73320
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDEyeUlaNlRMYlRRdUM5YUNQNkY3Qk4zZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6607338330339205149&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
HTTP/1.1
Server
52.3.75.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-75-156.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 15:59:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 26 Oct 2023 15:59:26 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame ADD8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzMwN0FGRTAtRkQ5NS00RjI0LTgzNTItRDQwNENGQzczMzIw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame ADD8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMSW6Wr7p6YFSET1-aPFDng&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMSW6Wr7p6YFSET1-aPFDng&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMSW6Wr7p6YFSET1-aPFDng&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame ADD8 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 25 Oct 2023 15:59:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame ADD8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6607338330339205149
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6607338330339205149
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 15:59:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6607338330339205149
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame ADD8 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
7307AFE0-FD95-4F24-8352-D404CFC73320
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame ADD8 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7307AFE0-FD95-4F24-8352-D404CFC73320?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c184:4582:9358:8e30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame ADD8 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7307AFE0-FD95-4F24-8352-D404CFC73320&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame ADD8 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
all
csm.eu.criteo.net/ Frame 2AE3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=znv682AWYU6ChlLAHuNkCCComTxvj4AQzyR2QgsMrBgh1FPsBF_EG-EtAU8htHAfJnqVXKJFPw4Y3APgCwvEN-EnGNUH_cerofcINV5PJLY5sKnrzp-dgYWV4NnwprTvEQ1T7lbFIMmx14VSMjmATlaon3QySoPY64RilOBAGMHhirFIIBPOxWyAkHL--UdJbqNEyPImi14M0Sxg3GtnUMN-_QzrzNifyzU_ZUl1cP2cCbmQ55mkPEO8javaQbxyFrqKyQ&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTqM1gAIelEIFWQSAAaqRNPrTJBHyU1OCH5iyA&u=%7CzZ9DqmlwdCr5DPcalkeCEVOHCB1WfyQFtdHckKuxth0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-Bi2eWsB_VA9gMrC3UGifPXheX3rqglcbUP4rdY_c9IFbqp6zYahd9tf2B9qJVwxd03wwwd9v72x7VYzp0fbq0mHAj4C8zXwHfEmRGFENfDFT8HnEX5w3NXvExfRRjvu8yghHATbOhOuHg3sCfZA3sUYPucU2HG_HPZmQadBfO_W79GDUp__nGi0KW5lorXQcw46QvZbormGHE0sU7MD48aZErkatstA_n9hzkH6s1x7I6MQpw6q3mgGQrxWaSfqcjWEV0aT4WfI39SVMHc_5aw7KldOjpFrO01I2GrZJYXCo_5Ns2TA7vifOzbuqjG30s8OjIWJCQunW8gIlYTGaXR6Y6-mahiHOQsR7nugA1CUZ3ukPArpmlYCtXm82EETotDzZS2rHkNF5utmo3BzU8zKdaotn8NRJYqUR3ZqLu6JCkl4ZHS2XYLynDDTuKWYcHTGxayYDVi1zmU_1wlrvJXd1gTO_-WcBBlRnSRQ57VkhT5KIuAqzURYhyUlQJmImoHulkHSr8T8WzBlkhN8Cq4gPox6rzpZA63Vv1K5tEGwhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCa4cD1ow6ZdH0IZLI1fAPxNSa8APJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTIwMTg0OTA5OTkxNTYzMDnIAQmpAstVNDOLrbE-4AIAqAMByAMCqgSzAk_Q58DVkaTF6UkOymSQSJ4zyF11dJKmu6UBpWJQiNGeG2xpfdQ9dhPIXmnE0deg0Ib9kHgVSFkYwds0K4sTIP5QaDRyJcD2VdT6-wrlFuEenaWYgFMWtv23xBnuIclkvXfuym8peGoXybsBPDMTBqIuET_aPkur4UWb4nXjDn_xED87vZ8cx3zvJR_Mtlk0A1jcrjRnwL1v9CtEjp6wNAxnYqoNEV9Bzg3gczkUNnxS1Lo7-H0C3pkrUO34i5Tls8jN52I32HWXFYTKzASLcaajClL0XaR_Z7dy69qZdbeeS1JS7xkD_aY5NtJGhuB5LWsgFoS71vgseXKxV0nvu_HVB2voeZXgqlmFZXUAjX8IxIgLAubJCQBeGBxtNQpljjCZXOXsgKncuiL2xEFJHfJ0b3XgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2JaZR50rouV86Fz-dYjbOHyQR2Ww%26client%3Dca-pub-2018490999156309%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 15:59:25 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
async_usersync
ib.adnxs.com/ Frame F22B 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:26 GMT
an-x-request-uuid
481cf924-380c-416b-9d97-2a88d614b5a3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.28; 217.114.218.28; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180103&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaa503e17a19968c03069df3e582f18ddc41f8b4c85dab302f1282ac9d60679e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12273
x-xss-protection
0
comments.php
www.facebook.com/v2.9/plugins/ Frame 8D88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/comments.php?app_id=515076798590105&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2377504bb1aff8%26domain%3Dnews.now.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnews.now.com%252Ff2cb66a237b3f08%26relation%3Dparent.parent&color_scheme=light&container_width=520&height=100&href=http%3A%2F%2Fnews.now.com%2Fhome%2Ffinance%2Fplayer%3FnewsId%3D180275&locale=zh_HK&numposts=5&sdk=joey&version=v2.9&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=376f4832fd200a617f64d440e3f0d32f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 26 Oct 2023 15:59:27 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
hMUAWh4meM/7GZIc9wXcELpH6GQz1ruuegO+h00lDi3PSg3QcA7Yo2tsxuil3+9kzemgF+cvFAH/kMRTrD8Yhw==
x-frame-options
DENY
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B640 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.now.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:26 GMT
server
Kestrel
server-processing-duration-in-ticks
652111
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame B640
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=now.com&sn=ChromeSyncframe&so=3&topUrl=news.now.com&bundle=fWO3P19nY2M0OGlqQVRscjklMkJ6c0Z0YzByMUNRJTJCVGhFVW5uTzA5TEVXTkZoNGd1JTJGNTBIJTJ...
  • https://mug.criteo.com/sid?cpp=76Gq3XxEMkZSZFQ2S1NJZmN4Z3VuWGI2eGVEK29hYWJtdDZ5RENIRTBSRzZYREtVMWYra28zM2VpTzNQcDZkTlpvMzBpUXR5MmtRbjJmOEZicHJvYS82MjdpL3FNeXNXWEZoSDI1VHFPaC9QTUZTbE00TzEyN1VCTVAvN3...
430 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=76Gq3XxEMkZSZFQ2S1NJZmN4Z3VuWGI2eGVEK29hYWJtdDZ5RENIRTBSRzZYREtVMWYra28zM2VpTzNQcDZkTlpvMzBpUXR5MmtRbjJmOEZicHJvYS82MjdpL3FNeXNXWEZoSDI1VHFPaC9QTUZTbE00TzEyN1VCTVAvN3BxM0V1SENVSy90Y0xoUGFkZ2RGc01jY24rZGNlUkFTYmdGbEZRbEh0aW8ySGp4VXdRbklVdG1samwwd1ZBMjV1ajQvVlNCemlzYkxqSjFjeTJhZnNac2lhV3JLbUFTSjViZFFyR1JsYmNjL0tKMGMvNXVTU0JlR3BvQXY0K3d5SkIwaHFEcjdVbnczcStQQkRJbTFUeGthUHVReDl2UT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
406932028f3f3311d116c5102bdcf201de5f2b6b4e92865ceec93b762e2e9a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
829276
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 15:59:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=76Gq3XxEMkZSZFQ2S1NJZmN4Z3VuWGI2eGVEK29hYWJtdDZ5RENIRTBSRzZYREtVMWYra28zM2VpTzNQcDZkTlpvMzBpUXR5MmtRbjJmOEZicHJvYS82MjdpL3FNeXNXWEZoSDI1VHFPaC9QTUZTbE00TzEyN1VCTVAvN3BxM0V1SENVSy90Y0xoUGFkZ2RGc01jY24rZGNlUkFTYmdGbEZRbEh0aW8ySGp4VXdRbklVdG1samwwd1ZBMjV1ajQvVlNCemlzYkxqSjFjeTJhZnNac2lhV3JLbUFTSjViZFFyR1JsYmNjL0tKMGMvNXVTU0JlR3BvQXY0K3d5SkIwaHFEcjdVbnczcStQQkRJbTFUeGthUHVReDl2UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
344530
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.now.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 15:59:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4798 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1057
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:41:50 GMT
expires
Fri, 25 Oct 2024 15:41:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0AFC 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76e4028e47b7946fe0caa67c8aad1fa693894cfa88eb0a6b92d2f99e1b9750b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P_bOWIBaWdkQlZDdSq_ggA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.now.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-P_bOWIBaWdkQlZDdSq_ggA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 15:59:27 GMT
expires
Thu, 26 Oct 2023 15:59:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
pagead2.googlesyndication.com/bg/ Frame 4798 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
sffe /
Resource Hash
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:53:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
3942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15202
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 14:53:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0AFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180103&jk=2729736050704422&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4798 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tulnmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame ADD8 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 15:59:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
news.now.com
URL
https://news.now.com/api/getNewsList?category=121&pageSize=200&pageNo=1
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| pbjsChunk object| pbjs function| $ function| jQuery number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| commonAd object| adUnit object| adsData string| firstProfile string| profile boolean| matchProfile object| firstAdUnit object| currentAdUnit function| setFirstProfile function| checkProfile function| initAdserver function| postDisplayHelper_hideAd function| postDisplayHelper_BottomBanner function| onRenderEnded object| preBid function| NowDataService boolean| fb_inited function| fbAsyncInit object| dfpProfiles string| _pageCategory string| _pageNewsId string| _pageTopic object| dataLayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| PrerollManager function| Hls function| Galleria function| MyUrl function| purl object| jquery-scrollto function| fillImage function| loadViuWidget object| globalConfig object| windowData object| swfobject object| mediaSupport object| $myUrl function| MediaPlayer boolean| clickedFbLogin function| loginFB object| newsData object| providerInfo object| relatedNews object| relatedNewsCpMapping string| title string| providerName object| photoLink string| pageType object| _gaq object| _comscore number| google_unique_id object| gaGlobal object| FB object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __buffer function| logoutFB object| _gat object| COMSCORE object| ns_p object| google_tag_manager function| onYouTubeIframeAPIReady object| __tgconf function| __tginitcb object| __iat_api object| _mappingResponses object| __tgunits object| sas object| adloox_pubint object| anymindTS function| startAnymindTS object| atspbjs object| apstag object| anymindTSApstag object| atspbjsChunk object| mnet object| _aps boolean| apstagLOADED object| apscustom object| criteo_pubtag_prebid_144 object| Criteo_prebid_144

70 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARCsFgoJCP____8HELYW
i6.liadm.com/s Name: _li_ss
Value: CgA
.bit.ly/ Name: _bit
Value: n9qfXf-ab2d2039bf4f0b6f2c-00Q
.now.com/ Name: lotame_domain_check
Value: now.com
.news.now.com/ Name: __utma
Value: 262549139.584306327.1698335959.1698335959.1698335959.1
.news.now.com/ Name: __utmb
Value: 262549139.0.10.1698335959
.news.now.com/ Name: __utmc
Value: 262549139
.news.now.com/ Name: __utmz
Value: 262549139.1698335959.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.news.now.com/ Name: __utmv
Value: 262549139.|1=deviceType=desktop=1
.now.com/ Name: __utmt
Value: 1
.now.com/ Name: __utma
Value: 262549139.146162259.1698335958.1698335958.1698335958.1
.now.com/ Name: __utmb
Value: 262549139.1.10.1698335959
.now.com/ Name: __utmc
Value: 262549139
.now.com/ Name: __utmz
Value: 262549139.1698335959.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.now.com/ Name: __utmv
Value: 262549139.|1=deviceType=desktop=1
.openx.net/ Name: i
Value: 7cd946a7-6b93-4299-a4bc-431f33d257fe|1698335958
.criteo.com/ Name: uid
Value: 539bae70-ad56-4734-b8e9-639b3d3881fb
.now.com/ Name: _ga
Value: GA1.1.146162259.1698335958
.now.com/ Name: _ga_DGFECMB23C
Value: GS1.1.1698335958.1.0.1698335958.60.0.0
.now.com/ Name: cto_bundle
Value: fWO3P19nY2M0OGlqQVRscjklMkJ6c0Z0YzByMUNRJTJCVGhFVW5uTzA5TEVXTkZoNGd1JTJGNTBIJTJGeCUyRnFHbExiMzRST0FKMWF5cm9GdUJOUDE1WmJCYzh4NGRFSWpVNjdmdzJzYjZLNEJJUXNlU3B3OWpnUXlXZlphOCUyQkVFRVlDalJUaiUyRmVWbm9aUW1WQ254MEp0Nlphb1JHcDJUMGh4dyUzRCUzRA
.now.com/ Name: __gads
Value: ID=177c0de22d8efdf2:T=1698335958:RT=1698335958:S=ALNI_MazAS3iBjU5wD16TjDDUm8lxx_hqA
.now.com/ Name: __gpi
Value: UID=00000cc4697ec0ba:T=1698335958:RT=1698335958:S=ALNI_MaNyXx8HbQ0iYBzVWFIQZpUwJ-oLA
.doubleclick.net/ Name: IDE
Value: AHWqTUmj1siIQktiCj7pcl2CJV_LptSCjesl8rOV6PuVUMP9rVXgOJAfFYGScmJ2qEA
.insurads.com/ Name: ___iat_gid
Value: 6AC5E88910458F17
.news.now.com/ Name: ___iat_ses
Value: 6AC5E88910458F17
.news.now.com/ Name: ___iat_vis
Value: 6AC5E88910458F17.f95d2bb0127b88e30df1f5400d2f4cc7.1698335959142.b2b4e6a94f12fd91b8a9326cad9e39e3.URUURIEUEZ.11111111.1.0
news.now.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LO7DDPBG-K-LJ7X
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoKS4YQLsmjUrU1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDtAKiPlDRgauiz8/dyswbPAzgHlbzd1OQDH4Wm0It/pKoKNoLyt5l2Qijy0RC4Zd8RuybVyVU0yt
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 5935648017172192030
.casalemedia.com/ Name: CMID
Value: ZTqM3Z2PDyT9tLRlu9k5TAAA
.casalemedia.com/ Name: CMPS
Value: 3314
.casalemedia.com/ Name: CMPRO
Value: 3314
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7307AFE0-FD95-4F24-8352-D404CFC73320
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158497:2
.pubmatic.com/ Name: DPSync3
Value: 1699488000%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1698883200%3A223%7C1700870400%3A203%7C1699142400%3A63%7C1699488000%3A8_233_54_56_3_55_220_21_251_71_13%7C1699574400%3A35
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EMkBCwGjKvijAA
.quantserve.com/ Name: mc
Value: 653a8cde-14f07-7905f-14464
.adform.net/ Name: uid
Value: 6607338330339205149
.adfarm1.adition.com/ Name: UserID1
Value: 7294297431593121944
.bidswitch.net/ Name: tuuid
Value: 384f4ec5-b636-4d1f-bde4-a84fd0b51349
.bidswitch.net/ Name: c
Value: 1698335966
.bidswitch.net/ Name: tuuid_lu
Value: 1698335966
.weborama.fr/ Name: AFFICHE_W
Value: WlTQ7aDzfvha81
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTqM3gAXgckWgABV
.simpli.fi/ Name: suid
Value: 256694550BEB4E8A8D6201CFDC284565
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0&KRTB&19420-XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0&KRTB&22979-XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0&KRTB&23403-XFjEQ1IOk0dHXMNEWlraFVNdwkRHXMMWXFl1O2B0
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMSW6Wr7p6YFSET1-aPFDng&KRTB&23025-CAESEMSW6Wr7p6YFSET1-aPFDng&KRTB&23386-CAESEMSW6Wr7p6YFSET1-aPFDng
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7294297431593121944&KRTB&23369-7294297431593121944
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5935648017172192030&KRTB&23339-5935648017172192030
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6607338330339205149&KRTB&23263-6607338330339205149&KRTB&23481-6607338330339205149
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A0CMvIAepEtPtQPZngEQ9IU
.liadm.com/ Name: lidid
Value: ff66069a-6309-4752-a159-9535ac1f2365
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-35422625-07e6-558c-5cb7-358959792d49.KT360rvQ34GqiL8DvMSbjzlFDEq0f52B3yxDjONkZG4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-35422625-07e6-558c-5cb7-358959792d49.KT360rvQ34GqiL8DvMSbjzlFDEq0f52B3yxDjONkZG4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ANUImJQfmVYxctzWJWXktSdly2hw.pLqKOJGpQS%2Bt6m4WU%2FT74a%2BLCfpzPKXwB2SfHrjp3Rg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ANUImJQfmVYxctzWJWXktSdly2hw.pLqKOJGpQS%2Bt6m4WU%2FT74a%2BLCfpzPKXwB2SfHrjp3Rg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJZtxV4rItxX0nJnoXntTm6nqIrJEkM-zhatKeGOmjObEHwYBCDemeqpBjABOgSSgrqOQgQ5cptj.UPDmgOkMQG33JWRRmboqFl1ndBi7KvJ7NIAbjQZeUew
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJZtxV4rItxX0nJnoXntTm6nqIrJEkM-zhatKeGOmjObEHwYBCDemeqpBjABOgSSgrqOQgQ5cptj.UPDmgOkMQG33JWRRmboqFl1ndBi7KvJ7NIAbjQZeUew
.audrte.com/ Name: arcki2
Value: d12yIZ6TLbTQuC9aCP6F7BN3g!20220908!1698335966498!ip#217.114.218.28
.audrte.com/ Name: arcki2_pubmatic
Value: 7307AFE0-FD95-4F24-8352-D404CFC73320!20220908!1698335966502
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-NUImJQfmVYxctzWJWXktSdly2hw&KRTB&23334-NUImJQfmVYxctzWJWXktSdly2hw&KRTB&23417-NUImJQfmVYxctzWJWXktSdly2hw&KRTB&23426-NUImJQfmVYxctzWJWXktSdly2hw
.pubmatic.com/ Name: PugT
Value: 1698335966
.audrte.com/ Name: arcki2_ddp2
Value: d12yIZ6TLbTQuC9aCP6F7BN3g!20220908!1698335966673
.audrte.com/ Name: arcki2_adform
Value: 6607338330339205149!20220908!1698335966871

8 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180103/pubads_impl.js?cb=31079110, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://news.now.com/home/finance/player?newsId=180275
Message:
Access to XMLHttpRequest at 'https://static.criteo.net/js/ld/publishertag.prebid.144.js' from origin 'https://news.now.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7307AFE0-FD95-4F24-8352-D404CFC73320&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3fc185b53732434e2e0f5bc2e8e7e82a.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.eu.criteo.com
ads.pubmatic.com
ajax.googleapis.com
anymind360.com
bcp.crwdcntrl.net
bidder.criteo.com
bit.ly
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.indexww.com
cdn.insurads.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
csm.eu.criteo.net
d.adroll.com
d7lz7jwg8uwgn.cloudfront.net
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
google-bidout-d.openx.net
graph.facebook.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images-news.now.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
news.now.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg-apac.smartadserver.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s.amazon-adsystem.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
services.insurads.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
sync.srv.stackadapt.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
news.now.com
static.criteo.net
104.18.25.18
104.18.26.193
104.18.35.167
108.138.1.25
13.32.121.21
151.101.130.49
151.101.193.108
151.101.65.55
162.19.138.119
178.250.1.6
178.250.1.9
18.197.117.175
18.208.6.155
184.30.22.30
185.64.189.112
185.64.190.78
185.64.191.210
198.47.127.20
2.19.244.232
2001:4860:4802:32::36
216.58.206.34
217.182.178.225
219.76.112.42
2400:52e0:1e00::1082:1
2600:1f18:ed:550a:686a:b20f:8598:8ecc
2600:9000:211e:2200:8:e4a9:2240:93a1
2600:9000:211e:9000:13:6c41:f5c0:21
2600:9000:211e:9200:8:e4a9:2240:93a1
2600:9000:2250:5400:a:e047:753:6381
2602:803:c003:200::44
2606:4700:10::6816:3556
2606:4700::6810:5614
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:400c:c0c::9b
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::c
2a03:2880:f083:6:face:b00c:0:2
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:cc3:fe05:add9:3669:29b3:4d0e
2a05:d018:d29:3601:c184:4582:9358:8e30
3.71.149.231
34.102.146.192
34.111.129.221
34.111.131.239
34.120.135.53
34.120.63.153
34.160.236.64
35.204.74.118
35.244.159.8
37.157.2.228
37.252.171.52
44.206.40.57
45.137.176.88
52.18.240.81
52.222.239.116
52.223.40.198
52.3.75.156
52.46.155.104
52.48.43.143
54.164.162.143
54.72.74.238
65.9.66.104
67.199.248.11
67.220.226.238
69.173.144.139
85.114.159.93
95.101.148.20
98.98.134.243
99.86.4.71
00542816b8dd2f88975870804e28037af26018be56d344b511bba5f702c885d7
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8
047e1939c455d37c4b116cd710a2db7595e9e99e53ceed4debe089f5784a181d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a96478c58865df9360779cb314e3509454415fbe301fb4532e871cfc9417db4
0bc9aca5e1efbb05b44d6e680afd5074b74ce1cdfd8c2668766f501ad16d9f30
0ccca434c548c8c680e0f59054c28bdf978f47f2692c7f325ad53d34e864ac9e
0d808b75fb4b708cc7d9becc395df04dc12edadf0f43cdc10e969a13c5f9e734
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
110137320b8035098fb7a7ee65363c448392049b9924832025b7c8aeb8cabaa7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe
1471773a88b6f08763c70ed7b84765666d6f68bd40a7cf3a943a68a5201c47b2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18af810bde060d9088e801deb820b04346316b9b0c8f62e60c91530e6edfeb1f
19ecc975c16e667a04ac9b2bf6612b4a6687320f26c3e899200d4e4b07a852be
1a7a6793bd25088043f1ae46f834835581d5b6a38fda53862e80121c95b9085a
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b3fd68dd79cc544630db50dedeb03b160a71e98055058259286512d54e8c9b0
1e6d31cd37b39297deea85d991eca951f1bf094f9c711149b50b592b4c2d21c6
1ea1219ed6ec3c76cf953f0e0ea3732219e214f66a85447a81fa6bd5426df759
202a07bd11e26895b9365d248e422b15e17f3e3c96908c2211d21cefe9bbcfa8
277ab1443576598953a508c111a7ad28d23b1e54f54a9ac0376bbdca253eac3a
283edc962a1e19afac3f86bbd4ddbe8f1b8a5e8a8aaf8984a91a6284952acd17
299a37af4de83d9057d9045fb0b3d3dc2c5f9fca67576b901f0d3291fe3374fb
2a05843c975829b9363d4d2ee2a03bf6a0d078710a50e312eaee55a274ff396d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986
2d24ad3b0e704c168b31da619aa25d7003a6ed6b98c8f1fef344d40c12e5e7c7
2da32cb1008ba22bdd6897e5d4dac7d8347ccea5232c2857be197fd12dbf42c6
2e389356fbc2ee46542598aa455caf9615a6098a34163de7e12b462f0e53e6e1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30927b9d1159b5b5ce3a27acf00240b57b057edf55f13d2311e5bf3d36e7caf7
3126a2287bfb357a1c090c4f57c7b4aade8b3a1a2faec77f3a82c2ea8c2b556f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
343faa4d06dd00d04cd6632c215c96302faf1525f82be005a14959f71e68d383
351fcf881cc7cc86fd9d042fc943123f76abf6f3d944238563a5d4f36788bcb2
3652553684ab78dd054fd857edcc220506fe7da4a988871f9e8448a86c96bd90
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6ac4147f1b6f455ac26b38fea6c2da6b67068db8f3b449ba309edcbddcae2c
3f0a667fd8dc11662117c1129a8116c231c96cf4149f1dbe636e8b89236117de
3f1311e529dc988c4a95d30691d60e13252db95299eeb8732041e40357b56601
3f6a0baf7dbbc5ac8a75e413c851d73bb484b8d368f02c28ab08865b98b3b3bb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406932028f3f3311d116c5102bdcf201de5f2b6b4e92865ceec93b762e2e9a64
41e77d4a4b376a0e685421f0955f9c9f24f058476cf04d42862f483d16c91db9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479eb246f1c3974d9ce4096f4fc13fc1e8002986f06ee6dfe004398f41958580
47d28f2d8e65dc2ee8bf14064d39a5915f75fca7c1c91b922f6955fe7fc02f68
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4ee077691591a1f8bd7da317ec4a6eda9012731327c257d9e420a51d0ce4f738
4f44c40f9c1d3406d9b18f2d75def6d376f77efa606cc40cb21ffb1d3a0889b9
542ef50029ccae2d686ee82b4fa08838d498798cd52ed33055859ac5f4c0702b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
544fd1a8f5be8daf9ead2626ae25b4423ac3126d06abed1acb0c825160f6438f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564913ca7c425cc7027417fb4b74fb43802ccb43158b25f1d177063c5c8b2549
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5a22f4b8a01844ce4ece06b04e9d534e15559a8ed8f2ae3bef9ad1dd81a71048
5c71f73f83722c55e8af961cb99bcd5f1af29f9561b143c2f86f456ba326c581
5e373ba1aca5167b4fb0fc7d897d6af3267c7317028d5e8559f96783fe4df689
600759407fde32ff7bd3acc8db8a41f170a137c8bf48d2a2ede342111776c027
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac
65b9dd8264c39b633050dc5c331690dfceddc682d0c2fd3b85743a8c6c27b937
67a5a9bfa7f03d99269c5fbed8d183e39682380c2d54061778676e46b64588d3
684fbb13ec87eed49e511e6da678f633273da52d55d5c6968eaa918d3cc9e7a8
6a0af38d4f493107ae69ee350f5235fac3dfb45b0ec5747bda308c7b6d11b3a4
6c2dd7bffc734ee937c30b72b4c26db9badd51fd439f5cca50f9e3a407a93c22
6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917
71627f06704b44ae3dec078e31d22dc0d97b231b6c1988376c200a3ad3cf9be5
71720fe68c5a708363489312340bcde955850e57766ba24a2e70d9443c20d958
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7288967bd508366a5f2b2e5b64656ec99ee6538dca3eae54fc4ab86b59c0ae3d
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
760d46c5a3ddd5fa22deaf6d8b0b5dd24b52b6d238d723249ce3acae5d36363d
7636c7a7a5f1594dcdec90090f7ad32c11374b0c8c0dedd7417fa93ebe624e76
76e4028e47b7946fe0caa67c8aad1fa693894cfa88eb0a6b92d2f99e1b9750b6
78abeb75533ac46d6dff1374c6c076a8cbb2bdbd51e9d5475f67740419e9fcf0
803fa5e667cec8cd38fbfa095952c91f6bcb24f912941511b4f8cd49568abbf1
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
828f19462048c00b2f2453e914003894c30a516061457aeb8ec5aecb8adec97b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e8ef66e73e23973d7b68a3ccdf85ce6ce77e286d6f2273b48d0de333dce1de
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88b9f6d2a1527d6ce7f2c0566829c0cf993cb82bc5592c4cc61bf86d3eeffebd
8a1b671b1bb68101c2de7b74af27f0fad0fb0af17d17875f60ca923916a06a58
8a34b787192eae0468e950876215956570551db61dd60b4b2b86a79e29e06125
8a4aff713622487b6e5611dbeb85bb308cc3b1980661c59770c9034dce1c2864
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9173772c90bcee0c552cfcb94e058e451ddd5239003bd089c589acf636750623
929ae2cf2329d8fea492c9dc82bc19d193a803481fce2d4a5d7149e324cc35d9
92cc12ac0f19ef74c5fd57234c0feb208804be77cdb44db26a2dd5ffe1812b32
930422fbcaea60d7e46c7f00093c6a082e3425b8118e176659c334b5b8599a4f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d7858fcf072cca6ec23f9b871b0ea6f8c03f0ebda25bfa8e5f19ed9b62c082e
9f564378ab495fcaf84ffaff9f89a7e25cfb265061a70a9588fabda268d843c8
a02fd0f27a964a5a756e48b71edf6044259a7b0e67ebf1cd935d074f86845f8c
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a431ec20ecf46b014126e17830d94b90642cfc90b55f4142988683a4557b4e86
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6e32ba84c2ab8c848dd6eae7947339165a698c673ba7d89f9a9221623c63322
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a954a21036c289c48db4f3ffc3ad140fe3f975b542b0804db27cfed2844d1ad7
a95b5bcef02399a965578cd460191a02c965331e2e4ba57e2de228c41fafd175
a97a49bcc74126ad8e6ea57bfed45f7f1b59db1b1ac415b686346fa7041e3877
aaa503e17a19968c03069df3e582f18ddc41f8b4c85dab302f1282ac9d60679e
adb6fbe416bf83dea7aac9bcdb03280696ad635eee697815162583ae190059dd
b0c32e4eb27dbd3be54ba520539f71a70113e85214ebb75cf1570cc74228a6bd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b201b6d4e40b7044515572ccd73eca863563fdb0f13f42487f5bf1cd51c0feb5
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a
b378c7034466ed33969ffa5d7d89e8633a4e028f665c6c66f0c8c710971da53c
b44c75bbe2ff7009ee3693779e7b5fc44067657f74b186b7fe2756e3a88dfb33
b5067e032363589d65b0bd4a9480ab1136a7a6f29b8095abc01281f717039b9b
b862cf296d276abfc28afff81b0ff181e3141b46342803acea39a42031a505f6
ba48cf7d98447c8fcc814530db8c3a11c304c6fbb58e08025d0c1e969299f468
bc07fc8fc92900e6e0a5d29d026260239ce90db1a213b24b9fe889e91ea2b7a5
bd5e9ffd9078578f0283d3fbc784cafa65d577342664c3feaa305ba978b67549
bf09cb9745417c0db38b6b2290bf7916217ea29978009814a4caea1d21fe7ce4
bf967bff3592ef6bf5a82056456fd56519db1e4face88a7eeaaa982997c1f632
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55
c783365c8b336d69f3135b35654e1b5c81ed021135387f33f341d7768d63f1ce
c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1
c9344b8a1ead8004c66b22b3b928fc366feecf1190c9076b742479b381869e27
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
cb9c05d4b62c00e9fdd2d17b82f330d5904a4564d6595c3c6b3b02c2407a7237
cc95151ccc5e1da65516dd8e94e0766e134f32174a017b163fd2ffcefd4fb143
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf741a07d523ba87d5f3aa15491f5a4e7053ac7697ced9cf34c6bfc53b8c5bd1
d326c6ac9a57ce1f12c37ef462f21a0259e5c66cfa812b741a613dbe1d2798e0
d7425db8bd4bd78e2ed69f590bbdcd3ff644fd3b50350b92fb526eee6bf4251b
d8214cdea5dae097d6cfae256ea88ba7df3ad9a84235b78a1a9d055f36737ec3
dd0cd96175da0d806a3d8617f2b562e7acafcc8493d1105f40a3ce29e07c3f1f
e10ad5cbaa8e43bdde1151ae38bfe94d5514476e4302aacd8c8bfd9f7e60228c
e1ff49db36bef992f69da4e0601431527cf5d39a0962ecef8f697e6c21bf8877
e2b01b4d5be4566fa531b39574aa7c79ba5b2858c3321184ae3ac916ee2465a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7608a6ef5ee8696f943b03e4484d31e88f4477122b8b07ac90bb4cd0a5d6d87
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f011c6e9cd89df9239e1faa2b250d61d662a58b1cb01ad1c350520e6d4716dc1
f1d574e210335ebe4eb6ee518dfe3ed13ba764af2f32bc5bd6e1747d524208f6
f2147f9733c2bce48a9ff4d3119d9b49ae937f5ddb668dc995c069213b80ff8a
f2ab01fbf0fd27972b021b33e66c9fe6af549750db2e466be42c03bda4aa337f
f2ace50bb25918dc9ec3d527747a6e05797178501634deedc88cb2b66ee42743
f3b3df7cdcdf37d3c1aace125d990d040d6544dfa4e8f646a15128ac14a8bed8
f3cbc4e1f72dbf1eaf4a2fac1e4a3127c856fca42456fd6fa6fd3e8026d8454d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
fee81bbe8f12f8d0482c38cba7ec2682ffc6d4a9c84756dee0df14c30bb7bb58