9to5google.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Submission: On December 19 via api (December 19th 2022, 6:57:03 pm UTC) from AR — Scanned from DE

Summary HTTP 480 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 130 IPs in 14 countries across 102 domains to perform 480 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is 9to5google.com. The Cisco Umbrella rank of the primary domain is 133008.
TLS certificate: Issued by R3 on December 6th 2022. Valid for: 3 months.

This is the only time 9to5google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.27.61 13.32.27.61	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.208.166 142.251.208.166	15169 (GOOGLE) (GOOGLE)
7	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
6	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
3	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.110.23 13.32.110.23	16509 (AMAZON-02) (AMAZON-02)
4	99.86.4.104 99.86.4.104	16509 (AMAZON-02) (AMAZON-02)
5	65.9.66.106 65.9.66.106	16509 (AMAZON-02) (AMAZON-02)
2 4	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.240.27 99.86.240.27	16509 (AMAZON-02) (AMAZON-02)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
4	34.248.40.66 34.248.40.66	16509 (AMAZON-02) (AMAZON-02)
1 11	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
3	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4 10	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.210.121.7 52.210.121.7	16509 (AMAZON-02) (AMAZON-02)
2 47	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.64.190.77 185.64.190.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:ac00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1 5	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
4	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4 4	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
12	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	52.95.118.179 52.95.118.179	16509 (AMAZON-02) (AMAZON-02)
11 23	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.252.235.208 34.252.235.208	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 5	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
9	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4009:808::2003	15169 (GOOGLE) (GOOGLE)
4 7	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 22	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
8 8	52.58.96.67 52.58.96.67	16509 (AMAZON-02) (AMAZON-02)
2 2	18.193.42.231 18.193.42.231	16509 (AMAZON-02) (AMAZON-02)
4	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:12::6	15169 (GOOGLE) (GOOGLE)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	18.194.148.191 18.194.148.191	16509 (AMAZON-02) (AMAZON-02)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7 10	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	2a05:d018:d29... 2a05:d018:d29:3605:34b4:e687:cbf8:5ec7	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
4 5	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4 5	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4	2600:9000:206... 2600:9000:206f:1e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
5	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
11	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:26f0:f70... 2a02:26f0:f700:2a0::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.224.190.254 3.224.190.254	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700:10:... 2606:4700:10::6816:37e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.197.177.246 54.197.177.246	14618 (AMAZON-AES) (AMAZON-AES)
4	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	104.96.145.101 104.96.145.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.96.148.107 104.96.148.107	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.161.158.114 54.161.158.114	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	2600:9000:211... 2600:9000:211e:3e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	3.212.83.154 3.212.83.154	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
4	52.21.27.111 52.21.27.111	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b130:806:7e95:75ec:c485	14618 (AMAZON-AES) (AMAZON-AES)
1	54.146.241.124 54.146.241.124	14618 (AMAZON-AES) (AMAZON-AES)
4	35.157.129.66 35.157.129.66	16509 (AMAZON-02) (AMAZON-02)
5 6	54.194.92.99 54.194.92.99	16509 (AMAZON-02) (AMAZON-02)
2 2	185.183.112.155 185.183.112.155	60350 (VP) (VP)
2 2	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
2 2	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	72.251.245.179 72.251.245.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:5f8e:ccc2:48ed:ad64	16509 (AMAZON-02) (AMAZON-02)
2 2	3.122.156.110 3.122.156.110	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	3.248.100.224 3.248.100.224	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	44.194.228.115 44.194.228.115	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.45.81.218 52.45.81.218	14618 (AMAZON-AES) (AMAZON-AES)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
2 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.145.89 3.123.145.89	16509 (AMAZON-02) (AMAZON-02)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	162.55.120.196 162.55.120.196	24940 (HETZNER-AS) (HETZNER-AS)
1 1	141.95.171.142 141.95.171.142	16276 (OVH) (OVH)
1 1	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	54.158.226.104 54.158.226.104	14618 (AMAZON-AES) (AMAZON-AES)
480	130

20 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

9to5google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

9to5mac-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-61.fra56.r.cloudfront.net

launcher.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.166 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-23.vie50.r.cloudfront.net

direct-events-collector.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-104.fra6.r.cloudfront.net

publisher-assets.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.66.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-106.fra56.r.cloudfront.net

api-2-0.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-27.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.248.40.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-40-66.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80d::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

static-cdn.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

nineto5mac-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.21 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.121.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-121-7.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:ac00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

46d6752f02cf0d7809a59939cffd9482.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.96.145.246 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.241 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.118.179 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.251.208.98 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.252.235.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.74.118 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.234 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4009:808::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.46.155.104 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.58.96.67 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-96-67.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.42.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-42-231.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:12::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr1---sn-4g5lzne6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.148.191 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-148-191.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.144.138 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a05:d018:d29:3605:34b4:e687:cbf8:5ec7 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.125 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:1e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f700:2a0::2c79 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.224.190.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-190-254.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

p.deliveryapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:37e8 (United States)

ASN13335 (CLOUDFLARENET, US)

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.177.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-177-246.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.145.101 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-101.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.148.107 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-148-107.deploy.static.akamaitechnologies.com

l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.158.114 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-158-114.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:8806:20::2010 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.212.83.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-83-154.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.21.27.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-27-111.compute-1.amazonaws.com

s2s.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:806:7e95:75ec:c485 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.241.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-241-124.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.129.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-129-66.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.194.92.99 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-92-99.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.183.112.155 (Paris, France) 2 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.223.115 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:5f8e:ccc2:48ed:ad64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.156.110 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-156-110.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.100.224 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-100-224.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.228.115 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-228-115.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.81.218 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-81-218.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Norresundby, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.212 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.145.89 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-145-89.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.215 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.226.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-226-104.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 482 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513 dsum.casalemedia.com — Cisco Umbrella Rank: 1324 ssum.casalemedia.com — Cisco Umbrella Rank: 1318	50 KB
46	doubleclick.net 12 redirects ad.doubleclick.net — Cisco Umbrella Rank: 161 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 static.doubleclick.net — Cisco Umbrella Rank: 202 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	392 KB
39	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 481 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449 image6.pubmatic.com — Cisco Umbrella Rank: 716 simage2.pubmatic.com — Cisco Umbrella Rank: 641 image2.pubmatic.com — Cisco Umbrella Rank: 852 t.pubmatic.com — Cisco Umbrella Rank: 3682 simage4.pubmatic.com — Cisco Umbrella Rank: 1176 aud.pubmatic.com — Cisco Umbrella Rank: 4185 image4.pubmatic.com — Cisco Umbrella Rank: 824	266 KB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 46d6752f02cf0d7809a59939cffd9482.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139 aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com	483 KB
22	rubiconproject.com 8 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 462 eus.rubiconproject.com — Cisco Umbrella Rank: 529 pixel.rubiconproject.com — Cisco Umbrella Rank: 309 token.rubiconproject.com — Cisco Umbrella Rank: 563 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 894 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 957	28 KB
21	amazon-adsystem.com 7 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912 s.amazon-adsystem.com — Cisco Umbrella Rank: 273	108 KB
20	9to5google.com 9to5google.com — Cisco Umbrella Rank: 133008	1 MB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	286 KB
16	aniview.com player.aniview.com — Cisco Umbrella Rank: 1838 track1.aniview.com — Cisco Umbrella Rank: 1831 go1.aniview.com — Cisco Umbrella Rank: 4882 sync.aniview.com — Cisco Umbrella Rank: 2273 s2s.aniview.com — Cisco Umbrella Rank: 2804	208 KB
15	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com — Cisco Umbrella Rank: 576 secure.adnxs.com — Cisco Umbrella Rank: 414	47 KB
14	spot.im launcher.spot.im — Cisco Umbrella Rank: 4278 direct-events-collector.spot.im — Cisco Umbrella Rank: 4040 publisher-assets.spot.im — Cisco Umbrella Rank: 4279 api-2-0.spot.im — Cisco Umbrella Rank: 2646 static-cdn.spot.im — Cisco Umbrella Rank: 4010	168 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 637 csm.eu.criteo.net — Cisco Umbrella Rank: 8005	43 KB
12	yahoo.com 5 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1139 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408 ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	5 KB
11	spotim.market sync.spotim.market — Cisco Umbrella Rank: 2070 player.spotim.market — Cisco Umbrella Rank: 7371 ghb.spotim.market — Cisco Umbrella Rank: 8111	157 KB
11	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 658 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12162 ads.eu.criteo.com — Cisco Umbrella Rank: 7675 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9611 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173 gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2835	22 KB
10	google.com contributor.google.com — Cisco Umbrella Rank: 11328 ampcid.google.com — Cisco Umbrella Rank: 2240 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	11 KB
9	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	2 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 jnn-pa.googleapis.com — Cisco Umbrella Rank: 182	35 KB
8	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	3 KB
8	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 599 cdn.indexww.com — Cisco Umbrella Rank: 1485	7 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 73	757 KB
6	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 480	3 KB
6	dotomi.com 2 redirects web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2057 dclk-match.dotomi.com — Cisco Umbrella Rank: 2338 casale-match.dotomi.com — Cisco Umbrella Rank: 2693 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838	1 KB
6	openx.net nineto5mac-d.openx.net — Cisco Umbrella Rank: 95985 u.openx.net — Cisco Umbrella Rank: 653 rtb.openx.net — Cisco Umbrella Rank: 1546	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	20 KB
5	1rx.io 5 redirects sync.1rx.io — Cisco Umbrella Rank: 497	2 KB
5	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1556 gw.geoedge.be — Cisco Umbrella Rank: 1730	455 KB
5	spotxchange.com 4 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 562	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	109 KB
5	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 566	3 KB
5	media.net prebid.media.net — Cisco Umbrella Rank: 1148 contextual.media.net — Cisco Umbrella Rank: 540 c21lg-d.media.net — Cisco Umbrella Rank: 1799	18 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	214 KB
5	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 8775 api.viglink.com — Cisco Umbrella Rank: 12277	30 KB
5	wp.com stats.wp.com — Cisco Umbrella Rank: 2897 i0.wp.com — Cisco Umbrella Rank: 3057 pixel.wp.com — Cisco Umbrella Rank: 2717	63 KB
4	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 578	573 B
4	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 2941 l3.aaxads.com — Cisco Umbrella Rank: 4424	148 KB
4	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6132 ghb.adtelligent.com — Cisco Umbrella Rank: 5944	88 KB
4	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 710 r.turn.com — Cisco Umbrella Rank: 3099	2 KB
4	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 759	2 KB
4	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 719 id.crwdcntrl.net — Cisco Umbrella Rank: 1446	1 KB
4	mathtag.com 4 redirects sync.mathtag.com — Cisco Umbrella Rank: 434	2 KB
4	google.de ampcid.google.de — Cisco Umbrella Rank: 67289 adservice.google.de — Cisco Umbrella Rank: 8549	1 KB
4	quantserve.com 2 redirects secure.quantserve.com — Cisco Umbrella Rank: 939 pixel.quantserve.com — Cisco Umbrella Rank: 666 cms.quantserve.com — Cisco Umbrella Rank: 639	11 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3040 pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965	2 KB
3	liadm.com 1 redirects rp.liadm.com — Cisco Umbrella Rank: 1530 rp4.liadm.com — Cisco Umbrella Rank: 7037 idx.liadm.com — Cisco Umbrella Rank: 2433	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 534	883 B
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541	740 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	186 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 897 api.btloader.com — Cisco Umbrella Rank: 1011	7 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1844	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2085	1 KB
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 26432	2 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3765	625 B
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1107	1 KB
2	audrte.com 1 redirects a.audrte.com — Cisco Umbrella Rank: 1899	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 204	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 688	1 KB
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1303	565 B
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 972	843 B
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 752	498 B
2	adotmob.com 2 redirects sync.adotmob.com — Cisco Umbrella Rank: 1368	536 B
2	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 761 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532	865 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 335	956 B
2	deliveryapis.com p.deliveryapis.com — Cisco Umbrella Rank: 21382	29 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3857	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4459	562 B
2	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 629	447 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1010	1 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 413	624 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 2050	249 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3458	467 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 4752	369 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 16075	367 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 5627
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5149	280 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014	555 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	615 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 518	553 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427	524 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 2127	421 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 707	759 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1484	181 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1494	364 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	573 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 655	438 B
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 6135	323 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	5 KB
1	rlcdn.com di.rlcdn.com — Cisco Umbrella Rank: 1755 api.rlcdn.com Failed	98 B
1	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 1315	310 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 367	707 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 21953	269 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5650	320 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 929	178 B
1	googlevideo.com rr1---sn-4g5lzne6.googlevideo.com — Cisco Umbrella Rank: 72008	1 MB
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 2401	382 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	634 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	698 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	191 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1827	6 KB
1	videoplayerhub.com 1 redirects 9to5mac-com.videoplayerhub.com — Cisco Umbrella Rank: 117294	456 B
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
480	102

	Domain	Requested by
38	htlb.casalemedia.com	ads.pubmatic.com player.aniview.com
23	cm.g.doubleclick.net	11 redirects 9to5google.com googleads.g.doubleclick.net aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
22	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com ssum.casalemedia.com
22	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net 9to5google.com cdn.ampproject.org rumcdn.geoedge.be
20	9to5google.com	9to5google.com
12	simage2.pubmatic.com	ads.pubmatic.com 9to5google.com
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 9to5google.com rumcdn.geoedge.be
12	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
11	static.criteo.net	ads.eu.criteo.com
11	pagead2.googlesyndication.com	9to5google.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net rumcdn.geoedge.be tpc.googlesyndication.com
10	ib.adnxs.com	4 redirects ads.pubmatic.com acdn.adnxs.com
9	match.adsrvr.org	ads.pubmatic.com ssum-sec.casalemedia.com 9to5google.com googleads.g.doubleclick.net aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
9	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
8	x.bidswitch.net	8 redirects
8	www.youtube.com	9to5google.com www.youtube.com
7	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com 9to5google.com
7	ads.pubmatic.com	9to5google.com ads.pubmatic.com static-cdn.spot.im player.aniview.com
6	match.prod.bidr.io	5 redirects ssum.casalemedia.com
6	pr-bh.ybp.yahoo.com	2 redirects ssum.casalemedia.com ssum-sec.casalemedia.com 9to5google.com
6	pixel.rubiconproject.com	3 redirects 9to5google.com
6	c.amazon-adsystem.com	9to5google.com c.amazon-adsystem.com player.spotim.market
5	sync.1rx.io	5 redirects
5	sync.search.spotxchange.com	4 redirects 9to5google.com
5	sync.spotim.market	9to5google.com ads.pubmatic.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum.casalemedia.com	ssum-sec.casalemedia.com
5	c1.adform.net	4 redirects ads.pubmatic.com
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com 9to5google.com
5	image2.pubmatic.com	ads.pubmatic.com
5	image6.pubmatic.com	1 redirects ads.pubmatic.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com 9to5google.com
5	api-2-0.spot.im	launcher.spot.im static-cdn.spot.im
5	www.googletagservices.com	9to5google.com googleads.g.doubleclick.net securepubads.g.doubleclick.net rumcdn.geoedge.be
5	fonts.googleapis.com	9to5google.com googleads.g.doubleclick.net securepubads.g.doubleclick.net cdnjs.cloudflare.com
4	prebid-server.rubiconproject.com	player.aniview.com
4	s2s.aniview.com	player.aniview.com
4	sync.aniview.com	player.aniview.com ssum.casalemedia.com
4	pixel-sync.sitescout.com	9to5google.com player.aniview.com ssum-sec.casalemedia.com
4	player.aniview.com	static-cdn.spot.im player.aniview.com
4	rumcdn.geoedge.be	static-cdn.spot.im rumcdn.geoedge.be player.spotim.market 9to5google.com
4	ups.analytics.yahoo.com	3 redirects player.aniview.com
4	www.google.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net 9to5google.com rumcdn.geoedge.be
4	token.rubiconproject.com	4 redirects
4	cdn.indexww.com	ssum-sec.casalemedia.com
4	um.simpli.fi	3 redirects ads.pubmatic.com
4	sync.mathtag.com	4 redirects
4	js-sec.indexww.com	ads.pubmatic.com player.aniview.com
4	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com player.aniview.com
4	jnn-pa.googleapis.com	www.youtube.com
4	api.viglink.com	cdn.viglink.com 9to5google.com
4	publisher-assets.spot.im	launcher.spot.im 9to5google.com
3	simage4.pubmatic.com	ads.pubmatic.com
3	secure.adnxs.com	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	c.aaxads.com	9to5google.com c.aaxads.com
3	ghb.spotim.market	player.spotim.market
3	track1.aniview.com	9to5google.com player.aniview.com
3	player.spotim.market	9to5google.com player.spotim.market
3	ad.turn.com	3 redirects
3	sync.crwdcntrl.net	ads.pubmatic.com 9to5google.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	u.openx.net	ads.pubmatic.com player.aniview.com
3	adservice.google.com	pagead2.googlesyndication.com rumcdn.geoedge.be
3	adservice.google.de	pagead2.googlesyndication.com rumcdn.geoedge.be
3	static-cdn.spot.im	launcher.spot.im
3	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
3	i0.wp.com	9to5google.com
3	www.googletagmanager.com	9to5google.com www.googletagmanager.com
2	mug.criteo.com	9to5google.com
2	gum.criteo.com	1 redirects
2	image4.pubmatic.com	9to5google.com
2	a.sportradarserving.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects 9to5google.com
2	a.audrte.com	1 redirects 9to5google.com
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	cm.adgrx.com	ssum-sec.casalemedia.com ads.pubmatic.com
2	casale-match.dotomi.com	2 redirects
2	t.pubmatic.com	ads.pubmatic.com
2	cms.quantserve.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	csync.loopme.me	2 redirects
2	sync.adotmob.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ghb.adtelligent.com	p.deliveryapis.com
2	aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
2	player.adtelligent.com	player.spotim.market p.deliveryapis.com
2	p.deliveryapis.com	rumcdn.geoedge.be p.deliveryapis.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net rumcdn.geoedge.be
2	ads.creative-serving.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	cr.frontend.weborama.fr	2 redirects
2	d5p.de17a.com	2 redirects
2	acdn.adnxs.com	ads.pubmatic.com
2	contextual.media.net	ads.pubmatic.com
2	web.hb.ad.cpe.dotomi.com	ads.pubmatic.com
2	prebid.media.net	ads.pubmatic.com
2	hbopenbid.pubmatic.com	ads.pubmatic.com
2	fastlane.rubiconproject.com	ads.pubmatic.com
2	c2shb.ssp.yahoo.com	ads.pubmatic.com
2	ads.yieldmo.com	ads.pubmatic.com
2	nineto5mac-d.openx.net	ads.pubmatic.com
2	api.btloader.com	9to5mac-com.videoplayerhub.com
2	ad-delivery.net	9to5google.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	idx.liadm.com	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	ads.playground.xyz	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	pixel-eu.onaudience.com	1 redirects
1	green.erne.co	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	9to5google.com
1	aud.pubmatic.com	9to5google.com
1	sync.srv.stackadapt.com	1 redirects
1	bh.contextweb.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	s.company-target.com	1 redirects
1	p.rfihub.com	1 redirects
1	d.adroll.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	rp4.liadm.com	9to5google.com
1	rp.liadm.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ssbsync.smartadserver.com	player.aniview.com
1	ssum.casalemedia.com	player.aniview.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	dclk-match.dotomi.com	aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	rumcdn.geoedge.be
1	gw.geoedge.be	rumcdn.geoedge.be
1	c21lg-d.media.net	c.aaxads.com
1	l3.aaxads.com	9to5google.com
1	www.aaxdetect.com	9to5google.com
1	go1.aniview.com	player.aniview.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	di.rlcdn.com	9to5google.com
1	pixel.advertising.com	1 redirects
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	px.ads.linkedin.com	9to5google.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	sonata-notifications.taptapnetworks.com	1 redirects
1	sync.taboola.com	1 redirects
1	rr1---sn-4g5lzne6.googlevideo.com	googleads.g.doubleclick.net
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	46d6752f02cf0d7809a59939cffd9482.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.doubleclick.net	www.youtube.com
1	pixel.quantserve.com	9to5google.com
1	rules.quantcount.com	secure.quantserve.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fundingchoicesmessages.google.com	9to5google.com
1	ampcid.google.de	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	sb.scorecardresearch.com	9to5google.com
1	contributor.google.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	direct-events-collector.spot.im	launcher.spot.im
1	pixel.wp.com	9to5google.com
1	secure.gravatar.com	9to5google.com
1	cdn.viglink.com	9to5google.com
1	ad.doubleclick.net	9to5google.com
1	stats.wp.com	9to5google.com
1	launcher.spot.im	9to5google.com
1	btloader.com	9to5google.com
1	9to5mac-com.videoplayerhub.com	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
480	186

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
twitter.com
instagram.com
itunes.apple.com
apple.news
b.smartnews.be
flipboard.com
linkedin.com
eepurl.com
trade-in.9to5google.com
9to5mac.com
9to5toys.com
electrek.co
dronedj.com
spaceexplored.com
www.fifa.com
news.google.com
facebook.com
www.linkedin.com
amzn.to
wpvip.com

Subject Issuer	Validity	Valid
9to5google.com R3	`2022-12-06` - `2023-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.spot.im Amazon	`2022-10-04` - `2023-11-01`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
viglink.com Amazon	`2022-10-13` - `2023-11-11`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-12-06` - `2023-02-14`	2 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
gw.geoedge.be Amazon	`2022-09-12` - `2023-10-10`	a year	crt.sh
player.spotim.market R3	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
ghb.spotim.market ZeroSSL ECC Domain Secure Site CA	`2022-10-22` - `2023-01-20`	3 months	crt.sh
p.deliveryapis.com R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
player.adtelligent.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
aaxads.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-12`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
sync.spotim.market ZeroSSL ECC Domain Secure Site CA	`2022-11-25` - `2023-02-23`	3 months	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA	`2022-01-02` - `2023-02-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.iprom.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
truffle.bid R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2022-09-27` - `2023-03-08`	5 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh

This page contains 72 frames:

Primary Page: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Frame ID: 2FE8DC95D3B0A1928987E71F5A2F96C6
Requests: 178 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
Frame ID: F4AE74D373E1D6609F8D9BF8171F1925
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 95D504C7AF09E0EB2B9E0F987EC6665E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&adk=1812271804&adf=3025194257&lmt=1671476215&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215209&bpp=3&bdt=633&idt=306&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=692912416232&frm=20&pv=2&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350
Frame ID: A22B23AB04ABF470108C2B919D36ED2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1671476215&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215212&bpp=2&bdt=635&idt=361&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TNgTY2CXeX&p=https%3A//9to5google.com&dtd=365
Frame ID: 9C6EA6AE94084080971C5FBD7AA56D31
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6
Frame ID: EAE5BE2BD708CDE2307F3FB8611A350A
Requests: 8 HTTP requests in this frame

Frame: https://46d6752f02cf0d7809a59939cffd9482.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3173983684C5F56ADE5692DD14CDC3E0
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUOZ495Q&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: D3D20574547B88C8BFF53DED39FE149A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D33B8C0C3471350AD3BFB5D06DB635BD
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUOZ495Q&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: F2C363142BDBDDFABCAF05300D6F6F46
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Frame ID: 60B176F421540ABE5CC47855072D5C1A
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AEE831E10CE29409457E0F562842E471
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E4162E0C1CC87333F46AC127F6AEBF44
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3114ABBF8704B2AE5FFDFA1CB64F1EA0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Frame ID: A0436C3504C657FBD9FDB51ABB9C4208
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4A2632A73DE5DFD8B52327C34F098F89
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8D571217090FA127C5492979BB07E27A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3A8A9800F176B31CCB713252385FFF02
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8476384A44812B8F8B455CDC6DAC3674
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 23FE8944EA65673D081CE21AA6A66B08
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d30663a0-b3f8-4800-8386-c9b16b03db35&gdpr=0&gdpr_consent=
Frame ID: B16C5E251018DC1F6D276B86674409EA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 933E3941E33DA0D49E249FF35285BBD7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1265204569685843185
Frame ID: 78E86E71E0C405F2C71FB9F12A0B9A02
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 5A4C2AFC47F20C7D74452D1568C7F82D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2643881268435628356&gdpr=0&gdpr_consent=
Frame ID: B826AB00592387EA06D2A7F812B9231E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLJ9BdzSxMBiillyFi1R4fNcHR5ZQfrC9QDSTLzPJKMEhMuzmHyLAGeranaNaIGirJJYD2SHTsUwS8wrqNTt5ySf2vkRmMuSUOJA2JL8kFEoLByr6OFeHos9hIDvdDwDjIPWPS45nR_Qf6MidrMG9f1bixSfN36GxXvxg7m738h4WJRelktL9LFE_vCgqqj2W1dnrwFKoL7swie9jt3_1KajMnhddrgtsNZdlLGCDVFxy92cQ5jHScM1wHtrFJ5QbFzOTJdJBxNtJKV74ExaAt8Jhv-vhVypYJCVV_tmUoUkK3T9dZbnnh1LMu1zxD3qYnBLK6ULMTKk9pezmh0vp17zqFqZPD8bV2cN7lkvlWKK9R-Q&sai=AMfl-YT9HwSXHuSkw_N5t6-tso694Pn1JkF_AqVyPee3PWpf0EgiYdvWtkizM2MXeS9RhF09FG2-tau92hLZSxwS8Cy5rNn8zFhfE1U4FNT_wKL48ZYwKjh1pVu5DNgf1hDj&sig=Cg0ArKJSzHtNFE8OrP8REAE&uach_m=[UACH]&adurl=
Frame ID: 6A1BE36BA425E43253962B3E8DBAA552
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 5D38DEA0DDC3A69FA982FAB6B3845FC2
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Cz9wAOqWEDoglAAATXbHFq5wim96H_an0Zfw&u=%7Ct8IM4boGToc%2FWZy0lCMtUvrj7Ou1rV83ymx1jVqqD9w%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sYvPAi6t_FNE10WDbUTJ-LA_1iQInZ-Oc8qx5k7yIph0sWQFFnOia1qwLrg48_FWuPQvRyL8RHCfdnA_p_y0b8xcBdtbSZoObPRYsmSz54TA-1WxdfhH8W75d-CLJixfMIa5NzhQ9X4r0S6sIL3w7wM5irMoR8ua8oBcN8-2oPPV9HAVNC7KgQGylVHo9uQf1asA6ET0skTFWheLe1sX0hPZg7jp_6YHhn2-sfwFboEFr5Ns_9VYd-ud2vKs882bV9-4mPzqQ1XnFg4Ppz99eBAJ4F0G2cAmng_ol5PEaabRHwMnQ3q45o2PJ8XPsdg1b4Bf8pLjTMEXdkNOJpboMch639mF3Fs_4dB22cWIbPEev6YIFlpECm7cdgek6ey5IV80lsQhmAooROczt5bKQaWjblgcqLTt1OJ1rmGPZ1zVMJYFmEjEClt3fxqUur2sKesnj38yko2rOXbIZcS0ZwbXqI-w_TkSl-Xtsa5nVD4yiedm8YP85_zCNlgz3DZXjwgJEYrtNpjC2EghFjDrD3t3LGg5SwtfmP8MQpys1n-Y8os2VJkWH4gf2fi2Hd7bqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCegOq97OgY-HSOsCSiM0P7K6T2AjJntKxXPXqoYaIAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NzEwODc0NjY2MDMxNjQ4yAEJqQIOq2M6ycuxPqgDAaoE7AFP0NvDCcUtDHPqM4-8i2CD8TOHnHnc0G1iTldfgf07VCIKNbCcNpIE9lGpHvXDEH1ldTexz2rskEOLJVPEJvuQgxicW4Y_Ltx_yQ0-aaz-c-GMnuzFJ6-tqeC-y38FGl7UbX67IPz43Pjkk-SB_z2djV0Jh3u7pBcFFwo7Hq8d23-Ij82LECqbkZpskM9K93xj-9T7UdEMMSFOzK149nMU4mDWu5RQRYOf0KQMP5mzGbe2Mxrv9GYFYrJzoC0k8vOvKThg-jIH63FeQOvECmvNc2tqkhVcDGzlhNHlJ28Hk59oV3EsjcRv8LiE64AGrYWer8P_t94noAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3LQdnxOe-4PpdpcU9t_prFegDuxw%26client%3Dca-pub-4710874666031648%26adurl%3D
Frame ID: EBB4CF5D903395AF474DD5DD5E4A23EA
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 963803617B89E1CA2D72217CD04504C6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 8778B50E7200494B90A9AD5F54E64C83
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: E659738788D5C57A2601EAF0B597A538
Requests: 6 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: BBCDB84DB6E11E2B9E54994D4C1018C6
Requests: 31 HTTP requests in this frame

Frame: https://p.deliveryapis.com/prebidlink/19345/j.html?i=11597
Frame ID: B1C7B842AA5FF13BCA174FF625D20EB4
Requests: 5 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: B9D0921AFEBBA78A02E10A25CF1B2A88
Requests: 5 HTTP requests in this frame

Frame: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 765AEFF14400667FA92270FF94FD0EF6
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX413QP4&fv=1&fy=37&ke=1&suylg=222%2C195%2C213%2C3010%2C367%2C82%2C175%2C3007%2C325%2C306%2C282%2C141%2C108%2C109%2C178%2C159%2C263%2C368%2C97%2C3012%2C38%2C264%2C214%2C203%2C225%2C3014%2C219&yvVbqf=1&uhiXuo=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 03ECF5C3CEFADDD34B9DAAE2A93907E4
Requests: 2 HTTP requests in this frame

Frame: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 37D3A6F94731482A33C86828E2EA5BCF
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Cz-QABU8AK4DyiAAbWdrFB9SqHRbNEtnbEFw&u=%7Cty1c20ymhZYgDlhT44ZY038G%2BfOg4mrdA7IFP4RlPlM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVIaZePdi05XJGt40gHhDKgwG0rtMk-frnoTkQgvGRR9m_uCBQ9cYehw7n71dMaMPYFF7_cwogzPkA_P6otxONC6jvELmiRXEB8dh_nLr6ZE5DNSuDSEIQhYI9hr07sMFEcy_3bYnycgjuWAlLN93dCsyDPGb3hHFVY-_Cfmr91wLemz6Ly_BAJaMqJ014j8G_lNFGg0w3kJJ_EfI7MApKCSJw8-UuN79ZLI5aby59pTxmDjhhLUP3vvHY0jKQKQLwZJTbmUPmLnS-lg-ANhDnngsxgfbfngrubRD8HGpw_SDaoHrber3pKzLqmuYGDWbF_MWdOoBYyzSfzJPHo8KxYWZNQ35-Xg8vXahRmjqetaGsYIBgMEtpKU1nKZu7EDy3Xenj90PzDWzu18O0-3cUP4hHFnq2nimPzQPFdHKq75R0yxgZ4Bn_aMnJVLDoE0QnlNlkCo24zhJu-KOZQdmihCtuSQddiD3cXYn4ej3xqqCO4xcg9G-Zc1LvAZ7Mz1i4nfc4GVxsSNhuk55XKD2EiXq15N0hfIbaajTbJCOWdhFXJL7Z7TM30R&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEkgo-bOgY8CnBaL5gAf2rJvQBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItNTYxNjA0NjE4NzU0NTAxOcgBCakCDqtjOsnLsT7gAgCoAwGqBPEBT9DiMKivBJERTbIQQRAxe0d_TFOrlXfH1sSxav2iDEV6zLsiidRbHT7rraMYLZzjpqTn6M9YRT24qyOpP0xpLGjZjVet0XJnx8dviHxQlQS6hpcSvV5d1t4LxvnFSU-H-xUwMbYtIJaTgloSK77jHRZ9K12HG6Hql-sXzYr7TrlDrc4cvk6Zwrax_MhREP4CcKDvIOAAV_om_NxDyhGlUqjtqn3J3au8s99srOKwjHrbREaJvYA_JRaEXX6GHeb-DOpCVmrwmKAnqB0nF6Q9N_M3Ae_yjjg_8iVQKpZoxLTsrHbFszbKMpj4Wt_U4G5ZTeAEAYAGm7CK0rTAksWiAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MCNhaXeb7qbCLqk2TfYdJMt5Fzw%26client%3Dca-pub-5616046187545019%26adurl%3D
Frame ID: 362144F10849C189E3CF47252B45F18B
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9AB3139F6907E15EA302DA3A2E6C5A21
Requests: 9 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Frame ID: 0AF11D9717E50C1373F0999413DDC886
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=2&key=e8e8e712-7fce-11ed-9376-15758c630406
Frame ID: DB42E9B6BEBA2B87ED9BE1FB5F52E204
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Frame ID: 432F1232E02B7F66177D49755A54A55A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=55&key=2643881268435628356
Frame ID: 42217DD7E25416AB8FD6A9A4C410E3CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D1%26key%3D
Frame ID: 53D9C0E9F9B1E815138EBBD62D7235B9
Requests: 2 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 2FC72AF24D483E8CE1C4DC1A5E8A6E94
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=200&key=OPTOUT
Frame ID: 8C38E4FDE6BD2287EC318CE0772FED1B
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: 9A8355964719C66778CB6861859DAE5B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 62E562C626FE8B12DAEDCB4506B5AF87
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D23%26key%3D
Frame ID: 33A16DFC1E518A4109C306026357E9D4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63F1E90C553E95A84AF7E6327D9A95CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 778D1F38AE85AAC2EE291507ECDBA81C
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BBBB54DA10C13BA93B2AB05F0C3806E0
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BF7D4311BC43703EAB7537BBDBDD7F78
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 87F5CEED56FA5E53954942672709508E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B0AEDEBD91DAA8E01DE5990A420C5C3D
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC
Frame ID: 49CA78D236EF5DDC60067C0C2CC88530
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178935696651909271&gdpr=0&gdpr_consent=
Frame ID: 07ADDB7CE8770295989E53CF1D26646C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIcKk7HQWgAAB8fdvDpVw&gdpr=0&gdpr_consent=
Frame ID: 28717F076FB028DFA122F60FC8A42254
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gGA0MYZkQl5mE7LRDZ4dOlFfBSg
Frame ID: 1B3F51C0F699A1627314E5756840222A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=0&gdpr_consent=
Frame ID: E1F9535E73B5BFA7A41EE98597D487D2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6Cz_QAAANOb-QAp&gdpr=0&gdpr_consent=
Frame ID: 3C0768206351A8F6664865F8344D46E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: F758BB359AB2154A37C6F4B239D32848
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 59C83CC234E5A787718F43B15375D59F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3644628597
Frame ID: 7E8E617268499AA7924CB60C35EEEA26
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 9AFECF15EFA2EA35BD23E7085480F008
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4700AA200CB3ADCCAA5B6AF74DE423D4
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 8E77E05A6ADBD7AEFB7BBE34FBE30DDC
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbgnjTVRTXVngRVSg
Frame ID: A37131EF07464823D81AAC20A2F5429F
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 2FE671E1EC537FFA0515639558CD6CBC
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: FE42F42C8FFDC545F3CAD3D2F1977E34
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4B2A77DD4C6941AD9F5DA742A6C4963F&gdpr=0&gdpr_consent=
Frame ID: 46F7976B740B859042D171B2E6AE3852
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=797F025D-0740-4D6D-854D-989A493E9C38
Frame ID: 6263D2BE22676D91871DF198EDBD8BD4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2022 World Cup Quarter Finals: Google celebrates with DoodleGoogle News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

480
Requests

84 %
HTTPS

33 %
IPv6

102
Domains

186
Subdomains

130
IPs

14
Countries

7019 kB
Transfer

16533 kB
Size

134
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/c/9to5google

Search URL Search Domain Scan URL

URL: https://www.facebook.com/9to5Google/

Search URL Search Domain Scan URL

URL: http://twitter.com/9to5google

Search URL Search Domain Scan URL

URL: http://instagram.com/9to5google

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/podcast/alphabet-scoop/id1359922601?mt=2

Search URL Search Domain Scan URL

URL: https://apple.news/TMzMaigopSFChmI1nDK60mg

Search URL Search Domain Scan URL

URL: https://b.smartnews.be/r/8GkJ3uZKPl1eorSk

Search URL Search Domain Scan URL

URL: https://flipboard.com/@9to5google

Search URL Search Domain Scan URL

URL: http://linkedin.com/company/9to5google

Search URL Search Domain Scan URL

URL: https://eepurl.com/bdw6AH

Search URL Search Domain Scan URL

URL: http://trade-in.9to5google.com/
Title: Trade In

Search URL Search Domain Scan URL

URL: https://9to5mac.com/
Title: 9to5Mac

Search URL Search Domain Scan URL

URL: https://9to5toys.com/
Title: 9to5Toys

Search URL Search Domain Scan URL

URL: https://electrek.co/
Title: Electrek

Search URL Search Domain Scan URL

URL: https://dronedj.com/
Title: DroneDJ

Search URL Search Domain Scan URL

URL: https://spaceexplored.com/
Title: Space Explored

Search URL Search Domain Scan URL

URL: https://9to5mac.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://9to5mac.com/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=iamdamienwilde&original_referer=https%3A%2F%2F9to5google.com
Title: @iamdamienwilde

Search URL Search Domain Scan URL

URL: https://www.fifa.com/fifaplus/en/tournaments/mens/worldcup/canadamexicousa2026
Title: Mexico, Canada, and the United States will host matches

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMMqA-Qow-c_gAg?hl=en-US&gl=US&ceid=US:en
Title: Add 9to5Google to your Google News feed. Google News google-news

Search URL Search Domain Scan URL

URL: https://9to5mac.com/about/#affiliate
Title: More.

Search URL Search Domain Scan URL

URL: http://facebook.com/9to5google
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/9to5google.com/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/9to5google
Title: subscribe to our YouTube channel

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/9to5google?sub_confirmation=1
Title: Check out 9to5Google on YouTube for more news:

Search URL Search Domain Scan URL

URL: https://amzn.to/3zLP9Ag
Title: Google Pixel 6

Search URL Search Domain Scan URL

URL: https://amzn.to/3BhUGB6
Title: Samsung Galaxy Watch 5 Pro

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=9to5google.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1 HTTP 301
https://btloader.com/tag?h=9to5mac-com&upapi=true

Request Chain 114

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 147

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 161

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 162

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 163

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d30663a0-b3f8-4800-8386-c9b16b03db35&gdpr=0&gdpr_consent=

Request Chain 165

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1265204569685843185

Request Chain 166

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 167

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2643881268435628356&gdpr=0&gdpr_consent=

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eX8CXQdATW2FTZiaST6cOA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 171

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=350426392 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=797F025D-0740-4D6D-854D-989A493E9C38

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzk3RjAyNUQtMDc0MC00RDZELTg1NEQtOTg5QTQ5M0U5QzM4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKKMce80hgNkOb7h3m0CLAM&google_cver=1

Request Chain 175

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8009231631805409972

Request Chain 182

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB&dcc=t

Request Chain 183

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6Cz.CMpmf-7dqS5gi7HZwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1

Request Chain 185

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d30663a0-b3f8-4800-8386-c9b16b03db35

Request Chain 186

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2643881268435628356

Request Chain 187

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2996585902459466121

Request Chain 188

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=67108a8d-15c7-4030-af8c-e6963664db99 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=67108a8d-15c7-4030-af8c-e6963664db99 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=1aa6f054-6bb4-49d1-be82-023269d0df33&ssp=index&expires=30&user_group=5&bsw_param=67108a8d-15c7-4030-af8c-e6963664db99 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=

Request Chain 192

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&dcc=t

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1

Request Chain 195

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6Cz.CMpmf-7dqS5gi7HZwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2

Request Chain 196

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=cd727a19-89a7-46b0-afe8-358662ef6100-tucta9a3978

Request Chain 197

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6046524278057156256&expiration=1672685816

Request Chain 198

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_e4d78e48-0720-472b-9b41-d81b41cdca43&bsw_param=67108a8d-15c7-4030-af8c-e6963664db99&expires=10 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=

Request Chain 199

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0e53287c-0962-4815-b673-4c302273e554

Request Chain 202

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wnjiKT0MQlyaZ7KtxGRBLQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wnjiKT0MQlyaZ7KtxGRBLQ

Request Chain 203

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBV5S65K-1H-COW3

Request Chain 204

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==

Request Chain 205

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=y0Fr4UxDTGOKeaTMkCqDSA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=y0Fr4UxDTGOKeaTMkCqDSA

Request Chain 206

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjE1YTM3ZGFmNTY0ZjBhNzllMzBjY2MxYWJjNDExMTBlOWNhYzJlNg

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRvB9kcFBzw213Sf8mVqLA&google_cver=1

Request Chain 208

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/jvOb4e3uGb2Oz12mrKgCWsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hTkdU4hE2oLmPeOYjsdz.mwiQ1XfHlvKK3V2ig--~A

Request Chain 243

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2643881268435628356

Request Chain 244

https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=e8e87c6d-7fce-11ed-a673-199e6d820306

Request Chain 245

https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-1UPkuj1E2uErlz1dhE9fCwtfpPqhVOzy~A

Request Chain 246

https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=e8e8e766-7fce-11ed-9376-15758c630406 HTTP 302
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=e8e8e712-7fce-11ed-9376-15758c630406

Request Chain 250

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBoOtnz4POW_Yei4cDA8c_g&google_cver=1&google_push=AavPq0Mr0i6TicDOeZRww4yzvItpaI7tcCOrrpa0NvszAmXaMtCbN7GySW-G5iHbGrb-96WIcQnYV8QoYn7bDG2kkniiFa2BL47ocQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk5NjU4NTkwMjQ1OTQ2NjEyMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHXKIKEgqIbdWmhxJcVflp8&google_cver=1

Request Chain 252

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED6Q3YXgmWZo-qOPR2-9DGM&google_cver=1&google_push=AavPq0NlNXZv6w-sWcVk7peBUwtwFZjgdDJKd6Calv5mCJW-fPpEStFTqOrrveukm9XWmE-vIaYiQBDEgCbtefuCutmNC4coyfWDeQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NlNXZv6w-sWcVk7peBUwtwFZjgdDJKd6Calv5mCJW-fPpEStFTqOrrveukm9XWmE-vIaYiQBDEgCbtefuCutmNC4coyfWDeQ&google_hm=eS1YYXViVE5oRTJwSGhSMlFuYmh2bHVWMjFnOEp6RkRFcH5B

Request Chain 253

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKUFo83-7RunzM2UPie9WK8&google_cver=1&google_push=AavPq0O1qiKYWAJQAEucrERVL-_qkeOgp6rj1rQJQj0FMhiISrKys_vFZVA8QNEcDNVnQVTPCb1tXTPqQh2DCur6HAoQz-kQtHxY5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NjUyNDI3ODA1NzE1NjI1Ng&google_push=AavPq0O1qiKYWAJQAEucrERVL-_qkeOgp6rj1rQJQj0FMhiISrKys_vFZVA8QNEcDNVnQVTPCb1tXTPqQh2DCur6HAoQz-kQtHxY5w

Request Chain 255

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDgGPD65r7Jghgcd8xeK66w&google_cver=1&google_push=AavPq0PHkk4EIes1AbTpNwpogCfUMNwv4l4y8VrvBLCISYmFhp5rseGHlaWD95f2YoqxuXAyu1_g1vrZ0zF5do3sWzK5bvSHS665GQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==&google_push=AavPq0PHkk4EIes1AbTpNwpogCfUMNwv4l4y8VrvBLCISYmFhp5rseGHlaWD95f2YoqxuXAyu1_g1vrZ0zF5do3sWzK5bvSHS665GQ

Request Chain 306

https://sync.1rx.io/usersync2/rmpssp?sub=openweb HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1671476217118 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5367475200

Request Chain 329

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAUmuYoHsTKD7wrb3e71dBo&google_cver=1&google_push=AavPq0MKoiskgGHNA3hAZZ-mZhlM8hfwVufeywarsAHSXWoYFVYbc_kP0urle-Z_tc7DbfN4BLrgsXGsi8QYQvxQDO1JpB84HBtd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0wZjoLP4SACDhsmxawPbNQ&google_push=AavPq0MKoiskgGHNA3hAZZ-mZhlM8hfwVufeywarsAHSXWoYFVYbc_kP0urle-Z_tc7DbfN4BLrgsXGsi8QYQvxQDO1JpB84HBtd

Request Chain 330

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEL2WevKSmKkEdyVOU47Tw2M&google_cver=1&google_push=AavPq0MVDMdQe89if3aQI5dnBJKG-gJSHBIj2lDXz6ORGAQmi5lURXe0eyS2xDFeNrS6JhHkr5rbNLl8z2H0OGhri_AArtt0E44V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL2WevKSmKkEdyVOU47Tw2M&google_push=AavPq0MVDMdQe89if3aQI5dnBJKG-gJSHBIj2lDXz6ORGAQmi5lURXe0eyS2xDFeNrS6JhHkr5rbNLl8z2H0OGhri_AArtt0E44V

Request Chain 332

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBqrwFdGy-NS3HVVoqJyWms&google_cver=1&google_push=AavPq0O4FwZWDgtmJUUZTiNLpXkYoPiPa8jL8NtmSnI0YOvK4vD67_42wl3eNE1D6c6ptBsvA-7erMk11nLXd0V6IJS4_E534OTf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O4FwZWDgtmJUUZTiNLpXkYoPiPa8jL8NtmSnI0YOvK4vD67_42wl3eNE1D6c6ptBsvA-7erMk11nLXd0V6IJS4_E534OTf

Request Chain 333

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBlbo_V5hzFhNsQY330HOvU&google_cver=1&google_push=AavPq0PdrVLZZn-h_68Tuhua4yMarv8D5ayV0j57D-nk8Y_4pdKrmx5MvH0JIsZkmmI1E1A5n4tSwZWwW_Qn_COowsx0nu5c8PI HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-70ee4464-9a72-4063-99f3-700ac9374a2a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PdrVLZZn-h_68Tuhua4yMarv8D5ayV0j57D-nk8Y_4pdKrmx5MvH0JIsZkmmI1E1A5n4tSwZWwW_Qn_COowsx0nu5c8PI%26google_hm%3DA3DuRGSackBjmfNwCsk3Sio HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PdrVLZZn-h_68Tuhua4yMarv8D5ayV0j57D-nk8Y_4pdKrmx5MvH0JIsZkmmI1E1A5n4tSwZWwW_Qn_COowsx0nu5c8PI&google_hm=A3DuRGSackBjmfNwCsk3Sio

Request Chain 334

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPb5flNtf9UeVoR0t374xh8&google_cver=1&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZTPJnjNBrIGMqAW1PXN4QCnyea27__8sBkhgfXhhRKMGb HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZTPJnjNBrIGMqAW1PXN4QCnyea27__8sBkhgfXhhRKMGb&google_gid=CAESEPb5flNtf9UeVoR0t374xh8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgxMjg1OTM1Mjk1Njg5MTgxMTQwNg%3D%3D&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZTPJnjNBrIGMqAW1PXN4QCnyea27__8sBkhgfXhhRKMGb

Request Chain 348

https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=2&key=e8e8e712-7fce-11ed-9376-15758c630406

Request Chain 350

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D55%26key%3D%24UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=55&key=2643881268435628356

Request Chain 353

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=200&key=OPTOUT

Request Chain 355

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

Request Chain 360

https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&duid=aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2&se=e30&dtstmp=1671476217730 HTTP 302
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&duid=aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2&se=e30&dtstmp=1671476217730&i6=MmEwMTo0YTA6MmI6Ojg%3D&n3pc=true

Request Chain 374

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2643881268435628356

Request Chain 376

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB

Request Chain 377

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D

Request Chain 378

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cdcfe2e9-5fd8-4bc5-aedb-cda407e77267&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 379

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 380

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zxMdXZsTGlrUQU5byRRRDs1ETQ_UQh1UykGQR35a

Request Chain 410

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6Cz_QAAANOb-QAp

Request Chain 411

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618

Request Chain 413

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F

Request Chain 414

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bc24229-81b2-99fc-71ca0e82

Request Chain 417

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB5se1oPIm11x2WJV2UgXV4&google_cver=1

Request Chain 420

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NzEKuEUV1P7ljQ5

Request Chain 421

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522560355908

Request Chain 422

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687201018&external_user_id=a74df47f-af35-4679-9097-47380fbef6bf

Request Chain 423

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618

Request Chain 424

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189

Request Chain 425

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D

Request Chain 426

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F

Request Chain 429

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC

Request Chain 430

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178935696651909271&gdpr=0&gdpr_consent=

Request Chain 431

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJY0trN0hRV2dBQUI4ZmR2RHBWdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAIcKk7HQWgAAB8fdvDpVw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5992295696983674993&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAIcKk7HQWgAAB8fdvDpVw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5992295696983674993%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5992295696983674993&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAIcKk7HQWgAAB8fdvDpVw&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIcKk7HQWgAAB8fdvDpVw&gdpr=0&gdpr_consent=

Request Chain 432

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gGA0MYZkQl5mE7LRDZ4dOlFfBSg

Request Chain 433

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=797F025D-0740-4D6D-854D-989A493E9C38 HTTP 302
https://a.audrte.com/p

Request Chain 434

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=797F025D-0740-4D6D-854D-989A493E9C38&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=797F025D-0740-4D6D-854D-989A493E9C38&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 435

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=797F025D-0740-4D6D-854D-989A493E9C38&addseg=19,36,42

Request Chain 436

https://pixel.onaudience.com/?partner=214&mapped=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=88c4ebff74b169c34d838809565c707d&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1aec759725ea958a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 437

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cb87dd3b-3823-4744-b04e-7bd9ca68b798&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 439

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-a8RK.vtE2uWX83DTXLn2VoUL.Z9Lx1M-~A&gdpr=0&gdpr_consent=

Request Chain 442

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:689db0f3-c805-460f-8ef4-94d474eb7efd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 445

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6Cz_QAAANOb-QAp&gdpr=0&gdpr_consent=

Request Chain 446

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 447

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 448

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3644628597

Request Chain 452

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbgnjTVRTXVngRVSg

Request Chain 455

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4B2A77DD4C6941AD9F5DA742A6C4963F&gdpr=0&gdpr_consent=

Request Chain 457

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d30663a0-b3f8-4800-8386-c9b16b03db35

Request Chain 458

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2996585902459466121&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 459

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2643881268435628356

Request Chain 462

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F9to5google.com%2F&domain=9to5google.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=l-o2pXxXdjA1bno0M0p1OGMyRk1oY24rWGtWdGJQYXlSWXNoTDhJSDJKVnlOeG9ndVBtbnkwdTVYcmpoc2FsY0pRbXAxdTYvVmdRME0vTHhEUityL0ZKcDduMkp4QTM3MEs1ajVSMTRobyt0SVRGWUN2TThUU3NSNlF5ZXV6V3F6QXNMYm9OYVlXWkg4ZE1kVnNCbzRJT0FSanl4WDN3anVua3BnOXRxTW5pRXdvVmhhd1lsWm9ubmpVNnJZenArS3dBZnYzdnZMUFk4STM1d1VJWmJqczUwNEd4T1BTMGl6OGlkUXlmMUR3Ri9zWHdjPXw&cppv=2

480 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
9to5google.com/2022/12/09/2022-world-cup-quarter-finals/ 96 KB
22 KB 357ms
328ms Document
text/html 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

81846283708bfe69391f17ba3ffc86bf9d4cdbc2d02eb03db083952774c64a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:54 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://9to5google.com/wp-json/>; rel="https://api.w.org/" <https://9to5google.com/wp-json/wp/v2/posts/542713>; rel="alternate"; type="application/json" <https://9to5google.com/?p=542713>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: miss
x-distributor: yes
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 0 4 9980

GET
H2 200 adsbygoogle.js Show response
9to5google.com/wp-content/themes/9to5-2015/assets/js/ 21 B
154 B 19ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/wp-content/themes/9to5-2015/assets/js/adsbygoogle.js

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
strict-transport-security: max-age=31536000
last-modified: Mon, 07 Nov 2022 19:39:42 GMT
server: nginx
age: 2825606
etag: "63695efe-15"
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 /
9to5google.com/_static/ 108 KB
15 KB 21ms
10ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/_static/??-eJyNj9EOgjAMRX/IWeBBnozfMroGqt1Y1hGzv3dgNJD44ONt72nvhWc0HFAWRwqoCo41wyAzPozwkGwqoLkInT2HczWcYE/cFTw5tiTkKeSDiGILJSM0Wiz/4XW31wcI55C3F4uJsowcFJRswglIrGbGmOiTfy2S6jiTM3HWrObdaGuiv7OsDNZLymjyVP9/fTd/bS990/Vt03YvJzpx2g==

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b395a9adbc18174a906ebe2c585487fc17c24c5a6976b8f4e1b67cc7cb0ba804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 20:10:12 GMT
server: nginx
age: 350039
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15666

GET
H2 200 darkmode.css
9to5google.com/wp-content/themes/9to5-2015/assets/css/ 41 KB
6 KB 20ms
13ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/wp-content/themes/9to5-2015/assets/css/darkmode.css?m=1671125867g

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d200b2913e86f1402caa9485683207064daaa4ffa44edc2e91f9164e04fa38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 15 Dec 2022 17:37:47 GMT
server: nginx
age: 350039
etag: W/"639b5b6b-a500"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5622
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 49ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c38d26434ae7eb5e6c35db3038c1365c838952713ac97d2f2f1e82f3a8750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 18:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:55:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 18:56:54 GMT

GET
H2 200 /
9to5google.com/_static/ 425 KB
84 KB 257ms
251ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/_static/??-eJyVjMEKgCAQBX8o2wzUOkTfErqQpBa8jejvi4Lu3R7MzKNjU34twkVIZs4M6mU1qm20oQlgAXmAkKJf6ntV9KdQj/GvkzMx6hzLl8Xi0x745WHCHO+jTxnzoK3TujWddRcAnUi6

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

509e5acf0b7b0ec6f47344db8156e6a61efc34e1c52e6c8908495e086615003b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 15 Dec 2022 17:37:47 GMT
server: nginx
age: 350039
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 85879

GET
H2 200 / Show response
9to5google.com/_static/ 102 KB
35 KB 256ms
252ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/_static/??/wp-includes/js/jquery/jquery.min.js,/wp-includes/js/jquery/jquery-migrate.min.js,/wp-content/themes/9to5-2015/assets/js/vendor/darkmode.js?m=1671125867j

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6cb4e5459b8592b083b9ad65323531f8bef596f9f1175adfd98c8bcdb05f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 15 Dec 2022 17:37:47 GMT
server: nginx
age: 350039
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35649

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
https://btloader.com/tag?h=9to5mac-com&upapi=true

14 KB
6 KB

61ms
29ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=9to5mac-com&upapi=true
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5619894ce76a4a4d1629aa5a5599681ae3265207f961d79d1d41698e45af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 18:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3170
etag: W/"c239b5c5f217f8007a66d19fbbd24215"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4o%2F7raJZPuV1oFR3j61C4YgVO3onhA7lOjdQf3J30ckLw5Z8YYtQX2CK%2BgTcdVl1mLSwAYk%2FbCYPUfy%2Bz3vu2kiz7mB0%2FRoSientzd%2FFQnt1ywVNUwyLQQjVAC0Q3zmcjKXwci5hqkqIhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 77c25c65df4890c7-FRA

Redirect headers

date: Mon, 19 Dec 2022 18:56:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJ3uzjV9A9qEZFjdcXHf9khwCh9kpocinzt5kOpqmcdR8meaOLQYX8MAsKHHDpZBv1xkOb0eOuF1cwcH9aqAr2lnmIG8esUvgaqXOQBFtx24ouGiL5WckR1iVqgSp0IrTDYTSziycR48RDhS2p5R%2Fdi8DRTL0H28EqSIMg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=9to5mac-com&upapi=true
cache-control: max-age=3600
cf-ray: 77c25c657f519156-FRA
expires: Mon, 19 Dec 2022 19:56:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 111ms
76ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a112b76726af34d0bfc2fecbf892974d1a3ebf180089be3dd747fc17d3c1cede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49584
x-xss-protection: 0
server: cafe
etag: 12661543983726682956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 18:56:55 GMT

GET
H2 200 cropped-new-9to5-google-logo.png
9to5google.com/wp-content/uploads/sites/4/2018/10/ 10 KB
10 KB 10ms
7ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/uploads/sites/4/2018/10/cropped-new-9to5-google-logo.png

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

052de6675c51ba85ae7e985de0fa1b3de9bfed30ab5f50ed1b694f1b62b2928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 27 443
last-modified: Wed, 23 Nov 2022 13:35:03 GMT
server: nginx
etag: "ee6924309ce8dbe6"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9954
expires: Thu, 23 Nov 2023 13:35:03 GMT

GET
H2 200 2022-world-cup-quarter-finals-dec-9-10-6753651837110006-2xa.gif
9to5google.com/wp-content/uploads/sites/4/2022/12/ 585 KB
585 KB 18ms
15ms Image
image/gif 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/uploads/sites/4/2022/12/2022-world-cup-quarter-finals-dec-9-10-6753651837110006-2xa.gif?w=1000

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

531586009bb97adc59ab2f102f6a0a5c4afe07b24eb52495fb53009796f0ac40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 32 443
last-modified: Mon, 19 Dec 2022 16:55:03 GMT
server: nginx
vary: Accept
x-cache: HIT
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 598560
expires: Tue, 19 Dec 2023 16:55:03 GMT

GET
H2 200 sp_rVSSRN5u Show response
launcher.spot.im/spot/ 292 KB
69 KB 68ms
21ms Script
application/javascript 13.32.27.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-61.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5d78559de14fe99dcc19f7956aa6c5df0bca980a80aaeec7354dd50576f7fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Om3OYk0WqHefHe_Zn0ds8gSrRBJwPpvg
content-encoding: br
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
date: Mon, 19 Dec 2022 18:56:54 GMT
x-amz-cf-pop: FRA56-C2
age: 43
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70186
last-modified: Mon, 19 Dec 2022 17:06:29 GMT
server: AmazonS3
etag: "6bca48d6f0a9b7f5ac106ec0fa9d5b3f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: gaCltrkbOqNyDtPt7FZw_aF0Suu-aGMIL0rEhtt7Jw93sp1HLvF-bQ==

GET
H2 200 vip-powered-light-small.png
9to5google.com/wp-content/mu-plugins/vip-helpers/images/ 2 KB
2 KB 18ms
16ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/mu-plugins/vip-helpers/images/vip-powered-light-small.png?ver=20220317

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e4d08fe871a7738aa3b3dcb95cfbd0e071765fcc681d17e37f12cd34b443066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 03 Oct 2022 21:21:30 GMT
server: nginx
age: 5420496
etag: W/"633b525a-843"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2138
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 / Show response
9to5google.com/_static/ 80 KB
24 KB 9ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/_static/??-eJyVzr0OwjAMBOAXIjVBagsD4lkgdalL4kSxU1Sent+BgYFuN9x3Orgm4yIrsoIOGFBgp7E2m7Wt4SiCKjAKhNhhZrplE4umotUoK/iPMjFq7GnCKhAvgMQ9MSkacTl6/0snX87EAqnIUNITvdN3l9j50uFr0sUQHs5kTH5eeGdC7mIGUXKX+UQqH38Ie9u01m7qbdOOd+4CeJc=

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6c43edec8d8e4c1dc0fd7a49bc480082390ad590dd9d5ff510980ae328c9b8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 15 Dec 2022 17:37:47 GMT
server: nginx
age: 349991
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24099

GET
H2 200 mediaelement-and-player.min.js Show response
9to5google.com/wp-includes/js/mediaelement/ 154 KB
38 KB 10ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 15 Nov 2022 19:44:35 GMT
server: nginx
age: 2825606
etag: W/"6373ec23-26935"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38823
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 / Show response
9to5google.com/_static/ 2 KB
956 B 9ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeHo5mamFyWWpOrlZubpZRXr6OPTCJRD5kP12OfaGpqZGxiZGxoYGmUBAA58LE8=

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62d7063193d6e769104780b14db028cc0a725a4e074ffd59711fcd054c800795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 20:10:12 GMT
server: nginx
age: 350039
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 921

GET
H2 200 e-202251.js Show response
stats.wp.com/ 9 KB
3 KB 29ms
9ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202251.js
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 19 Dec 2022 18:56:54 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 11 Dec 2023 07:02:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
68 KB 61ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82b1fe9413b663c4608244059fe3754f1681542744a54b14fd7f7c177ceeee5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70007
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 18:56:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
43 KB 50ms
16ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5LZ9VX

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30073b8873bc4a03e3678ad656f5a575250f3513bdb2034b391d49cca0d03440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Dec 2022 18:56:54 GMT

GET
H2 200 wp-emoji-release.min.js Show response
9to5google.com/wp-includes/js/ 18 KB
5 KB 21ms
20ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 15 Nov 2022 19:44:36 GMT
server: nginx
age: 2825606
etag: W/"6373ec24-48b9"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5004
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
942 B 91ms
21ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2611402
x-guploader-uploadid: ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFCJEpkNhMmOwgNC8cfGyTHTXaEPpX6Y5ltJWulufEpOAcFs5AnA3jiGmGmvNqHPJq4fJmIV8Sxs4khwL7ycNNCeMRx8WkQ%2F3GPhjwHdvrNDw0e7vRPGzVnOlRiI3FeW0woLNZUYLMTtdks5jA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 77c25c67cc64bb38-FRA
expires: Sat, 19 Nov 2022 14:29:22 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 105ms
23ms Image
image/x-icon 142.251.208.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Dec 2022 13:58:17 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 95ms
25ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7949007927602898
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2611402
x-guploader-uploadid: ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A24vAc%2FR40refn%2Fxq9pnjjI1L7GvprCtqIKaPBLmGUjOc5RFVQqOf%2FHTwZcAiiqx2lMoqRDl3WHW%2F9dKy8cFUcooQJ006imbVsfalFMZPclJ%2BZjc3gyEF%2Fl0RbspRrAm3ryUxk5rf8rkuDXmWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 77c25c67cc69bb38-FRA
expires: Sat, 19 Nov 2022 14:29:22 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161751/6840/ 473 KB
140 KB 45ms
10ms Script
application/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 13f8cd8875ae6aaee24c8be69c7ace951a9a6cf798747b8db1ff5ce31d5f4acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
content-encoding: gzip
last-modified: Fri, 07 Oct 2022 19:59:37 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=57616
accept-ranges: bytes
content-length: 143056
expires: Tue, 20 Dec 2022 10:57:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 50ms
10ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:38:32 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 1103
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: HdzuirBvcGPh-KTjh1RTCxTuhgasIEQFbgL5PplbZs51vd8QO5gLig==

GET
H2 200 svg-sprite-2020.svg
9to5google.com/wp-content/themes/9to5-2015/images/ 75 KB
22 KB 19ms
18ms Other
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/wp-content/themes/9to5-2015/images/svg-sprite-2020.svg?ver=1671125867

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

11a3e2f84a2f9d98bfc3a089636bc2740572f27b94ef649b6a56c6432ba5af95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
content-encoding: gzip
x-rq: hhn2 0 4 9980
last-modified: Thu, 15 Dec 2022 17:37:47 GMT
server: nginx
strict-transport-security: max-age=31536000
age: 239
etag: W/"639b5b6b-12bb2"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22685
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 83ms
20ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 429835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:33:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 87ms
24ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:34:12 GMT
x-content-type-options: nosniff
age: 429763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:34:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 106ms
44ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:58:46 GMT
x-content-type-options: nosniff
age: 406689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 01:58:46 GMT

GET
H2 200 6Ui1LxiAodc Show response
www.youtube.com/embed/ Frame F4AE 42 KB
13 KB 440ms
378ms Document
text/html 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6dde32d48986e80246d0ac0361921724a44b53c5225d8e49672c9296c747770a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 102 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 442d89f52e547c09e65138356e0500d4d34f44d43177425ba08050c0f32bd011

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/css;charset=UTF-8

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 185b37f6935a30be6a5e613ef0f18ca43622a0a62964e1ed88f8bd96c03830d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5958b8a9d0305d805f41bae7c315e34e46b76a1bab8f530b5cf9711a6e45862

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc8a74cc1c2bd638de7ac7e7cdb1839c18dd964fedbcf22697b882238245b97a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 top-leaderboard-bg.png
9to5google.com/wp-content/themes/9to5-2015/images/ 374 B
448 B 11ms
10ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/themes/9to5-2015/images/top-leaderboard-bg.png

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

96f3b885965ded818806762fde9e7a2dba777005f479d30a6496af7aebbd5ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
x-rq: hhn2 0 4 9980
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Oct 2022 16:07:26 GMT
server: nginx
age: 5420496
etag: "633dabbe-176"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 374
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v18/ 19 KB
19 KB 94ms
65ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 09:00:48 GMT
x-content-type-options: nosniff
age: 554167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19292
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 09:00:48 GMT

GET
H2 200 9to5.woff2
9to5google.com/wp-content/themes/9to5-2015/assets/fonts/ 2 KB
2 KB 10ms
10ms Font
application/font-woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://9to5google.com/wp-content/themes/9to5-2015/assets/fonts/9to5.woff2?r027eh

Requested by

Host: 9to5google.com
URL: https://9to5google.com/_static/??-eJyVjMEKgCAQBX8o2wzUOkTfErqQpBa8jejvi4Lu3R7MzKNjU34twkVIZs4M6mU1qm20oQlgAXmAkKJf6ntV9KdQj/GvkzMx6hzLl8Xi0x745WHCHO+jTxnzoK3TujWddRcAnUi6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

59b4588816ca9e84d8033925306d2f62e55a2e9e3ca96352256c82aa06f825cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://9to5google.com/_static/??-eJyVjMEKgCAQBX8o2wzUOkTfErqQpBa8jejvi4Lu3R7MzKNjU34twkVIZs4M6mU1qm20oQlgAXmAkKJf6ntV9KdQj/GvkzMx6hzLl8Xi0x745WHCHO+jTxnzoK3TujWddRcAnUi6
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
age: 239
x-cache: hit
content-length: 2287
x-rq: hhn2 0 4 9980
last-modified: Thu, 15 Dec 2022 17:37:47 GMT
server: nginx
etag: W/"639b5b6b-8d8"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 18:56:54 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 88ms
60ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:38:58 GMT
x-content-type-options: nosniff
age: 429477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:38:58 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 80ms
51ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%7CQuestrial&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:02:47 GMT
x-content-type-options: nosniff
age: 528848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 16:02:47 GMT

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 43ms
9ms Script
text/javascript 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-65.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 02:37:40 GMT
content-encoding: gzip
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 404356
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28567
x-amz-cf-id: 2OSBOQsnxQkyg3zgwLztgThUaQXFfVnOStUExSayzkh48H2URuHPNA==

GET
H2 200 2022-world-cup-quarter-finals-dec-9-10-6753651837110006-2xa.jpg
i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/12/ 52 KB
52 KB 34ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/12/2022-world-cup-quarter-finals-dec-9-10-6753651837110006-2xa.jpg?w=2000&quality=82&strip=all&ssl=1

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b23e8e54254c0bc8a3086123a3ae013fb635dfd15aa401b0b98cbf26453416bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 19 Dec 2022 18:56:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Dec 2022 09:09:49 GMT
server: nginx
etag: "2d56daa45e5a2f0b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://9to5google.com/wp-content/uploads/sites/4/2022/12/2022-world-cup-quarter-finals-dec-9-10-6753651837110006-2xa.jpg>; rel="canonical"
content-length: 53046
expires: Sun, 08 Dec 2024 21:09:49 GMT

GET
H2 200 08efb4f07d9631753c3fc7562f8a5f18
secure.gravatar.com/avatar/ 6 KB
6 KB 30ms
8ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/08efb4f07d9631753c3fc7562f8a5f18?s=128&d=mm&r=r
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fb06a148d46826d0c231300157e57ec020b1e144b4f1a81554bc4d20aaf0cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 19 Dec 2022 18:56:55 GMT
last-modified: Tue, 29 Dec 2020 18:23:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="08efb4f07d9631753c3fc7562f8a5f18.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/08efb4f07d9631753c3fc7562f8a5f18?s=128&d=mm&r=r>; rel="canonical"
content-length: 5997
expires: Mon, 19 Dec 2022 19:01:55 GMT

GET
H2 200 Pixel-6-Light-Rain-case.jpg
i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2021/11/ 2 KB
2 KB 29ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2021/11/Pixel-6-Light-Rain-case.jpg?resize=300%2C175&quality=82&strip=all&ssl=1

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

daf04cb16deca0e1b85c89da3ca2b7dfd1235f22d4c3dccfcb90907a26716ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 19 Dec 2022 18:56:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Jan 2022 11:57:47 GMT
server: nginx
etag: "39e79251948e17f3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://9to5google.com/wp-content/uploads/sites/4/2021/11/Pixel-6-Light-Rain-case.jpg>; rel="canonical"
content-length: 2010
expires: Thu, 11 Jan 2024 23:57:47 GMT

GET
H2 200 Samsung-Galaxy-Watch-5-Pro-6.jpg
i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/08/ 5 KB
6 KB 27ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/08/Samsung-Galaxy-Watch-5-Pro-6.jpg?resize=300%2C175&quality=82&strip=all&ssl=1

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

dc66973e2246a8a2eb8bad0f81f4fe2f19556296a2a7b65b7e183aad5695707a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 19 Dec 2022 18:56:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 12:27:32 GMT
server: nginx
etag: "b77bf40e0a5fbff2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://9to5google.com/wp-content/uploads/sites/4/2022/08/Samsung-Galaxy-Watch-5-Pro-6.jpg>; rel="canonical"
content-length: 5550
expires: Fri, 06 Sep 2024 00:27:32 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 10ms
10ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=146091833&post=542713&tz=-8&srv=9to5google.com&hp=vip&j=1%3A11.6&host=9to5google.com&ref=&fcp=735&rand=0.6744305694014328
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 18:56:55 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 oppo-find-n2-pixel-fold-2.jpg
9to5google.com/wp-content/uploads/sites/4/2022/12/ 93 KB
93 KB 11ms
10ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/uploads/sites/4/2022/12/oppo-find-n2-pixel-fold-2.jpg?quality=82&strip=all&w=1280

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfafaf0be63d56933d0694eeb233e016fea1e4e8203986e1ce1197362ae18866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 86 443
last-modified: Fri, 16 Dec 2022 19:39:40 GMT
server: nginx
etag: "cf5d2debb33f7ee4"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 94918
expires: Sat, 16 Dec 2023 19:39:40 GMT

GET
H2 200 Android-Phone-of-the-Year-2022-2.jpg
9to5google.com/wp-content/uploads/sites/4/2022/12/ 48 KB
48 KB 11ms
10ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/uploads/sites/4/2022/12/Android-Phone-of-the-Year-2022-2.jpg?quality=82&strip=all&w=1280

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7fde72282a5b31f6721254d8787483ebd646fdd6aa184065e589a4237e5f387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 32 443
last-modified: Fri, 16 Dec 2022 17:26:40 GMT
server: nginx
etag: "09c5755eaa94e8cd"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48948
expires: Sat, 16 Dec 2023 17:26:40 GMT

GET
H2 200 Android-Google-Wallet-drivers-license-maryland.jpeg
9to5google.com/wp-content/uploads/sites/4/2022/12/ 25 KB
25 KB 11ms
10ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/uploads/sites/4/2022/12/Android-Google-Wallet-drivers-license-maryland.jpeg?quality=82&strip=all&w=1280

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4445174b6d9dfb51e469da8db29f55a2fd80bba7440505e398cb8f874202d3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 144 443
last-modified: Thu, 15 Dec 2022 16:57:29 GMT
server: nginx
etag: "f76adc3db5824096"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25090
expires: Fri, 15 Dec 2023 16:57:29 GMT

GET
H2 200 Nothing-OS-1.5-2.jpg
9to5google.com/wp-content/uploads/sites/4/2022/12/ 53 KB
54 KB 11ms
11ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9to5google.com/wp-content/uploads/sites/4/2022/12/Nothing-OS-1.5-2.jpg?quality=82&strip=all&w=1280

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c81eeebe62ab826bea0b7d48fa8100f728be6a6240f5107f3787fb34f96aff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=31536000
x-rq: hhn2 109 84 443
last-modified: Fri, 16 Dec 2022 18:42:58 GMT
server: nginx
etag: "8440ab65af3e7bbc"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 54628
expires: Sat, 16 Dec 2023 18:42:58 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 14ms
13ms XHR
text/plain 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F9to5google.com&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:08:47 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 6487
x-cache: Hit from cloudfront
access-control-allow-origin: https://9to5google.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: VIqE42ufbBrEC8c_nfhwvhKungsC2aFJfTI-1x43lBNe0ibqH0z3sA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
462 B 108ms
43ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&pid=nB3Pb2bsjCBsn&cb=0&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22s%22%3A%5B%22300x250%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22div-gpt-ad-1%22%7D%5D&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 6QFEMV8WA52K738Q5NEM
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://9to5google.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: FAfeg4deN0qDS8C3rEjDzxEN2PDX2VUDOOhNB4qnj7QCqNeCiNnp3w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 35ms
11ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
date: Mon, 19 Dec 2022 03:08:40 GMT
x-amz-cf-pop: FRA56-C2
age: 58104
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: DjBIu1-hJyLhTI-GIKtJfw72goCcyKAyNL1YI3Qmyv8S_v12EIseJg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 118ms
56ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1425 / 935 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Dec 2022 18:56:55 GMT

POST
H2 204 events Show response
direct-events-collector.spot.im/api/v2/ 0
212 B 394ms
121ms XHR
text/plain 13.32.110.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-23.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 18:56:55 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: NbhfMiniqj33erTsb7z9u1zrWiZN7vrtepUpAx31ATuHUq_HRphcSw==
x-cache: Miss from cloudfront

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 0
0 262ms
10ms Fetch
text/html 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:51:46 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 25514
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 0
x-amz-cf-id: dMp6_oKA8lKNha9aZ5xnYvmR07NHdATpf_G7Ugrcyhalq27qJl6-sQ==

GET
H2 200 device-load Show response
api-2-0.spot.im/v1.0.0/ 36 B
926 B 152ms
99ms Fetch
text/plain 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/device-load
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: fasthttp /
Resource Hash: 68bc02200d961f58251a580c6935e70eba6bbb9369055b1bd5a2764e4c3dfefa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-spotim-device-uuid: b114f83e-33c7-49e3-9cc9-0035b321c567
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 36
x-guid: b114f83e-33c7-49e3-9cc9-0035b321c567
server: fasthttp
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://9to5google.com
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id: 6vRSXRb20qSDruYhFCcp4s25YZL6Px8H9lhuY7LGJDKjTUvaHqaTEQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 262ms
10ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 26 Dec 2022 18:56:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 17:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5538
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 19 Dec 2022 19:24:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D2FJXCHD85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5LZ9VX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6a0e8bf3be339246ac7d2b01da5e5d0560fff4b463553fe0cc88f87a35203ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 18:56:55 GMT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/16178437623bc61c/ 0
1 KB 151ms
31ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/16178437623bc61c/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THGGVXB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y6sAqfa0J4Z61HNDa4tqPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-Y6sAqfa0J4Z61HNDa4tqPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 19 Dec 2022 18:56:55 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 320ms
29ms Image
text/plain 99.86.240.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20278522&ns__t=1671476215179&ns_c=UTF-8&c8=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&c7=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&c9=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-27.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
via: 1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: _Zp5M18nfCnphFIugW0BU_hlbVdfUS-T_kGeZvVfteMfiSg5ID8SYw==
x-cache: Miss from cloudfront

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 150ms
119ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: 9to5mac-com.videoplayerhub.com
URL: https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 151ms
120ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=QPZCfGDu&w=5671021014155264&o=5740908856213504&cv=2.1.03-1-g6247d5c&r=false&vr=1600x1200&pageURL=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&sid=qzRwL732&upapi=true
Requested by: Host: 9to5mac-com.videoplayerhub.com
URL: https://9to5mac-com.videoplayerhub.com/gallery.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 18:56:55 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 288 B
735 B 154ms
34ms XHR
text/javascript 34.248.40.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.40.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-40-66.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 75c5bd403aac884c7685c1f3f4b7d362320067f6b383b229481cf4d5f7ef8835

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:55 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://9to5google.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 288
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 85ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4710874666031648&plah=9to5google.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

099f7bd7eeecadbaac06271857ca7ed29a0c4ab338b7ec6bc89170c506f4629d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119959
x-xss-protection: 0
server: cafe
etag: 7087561380695782875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 18:56:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 95D5 10 KB
5 KB 94ms
21ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 02:49:30 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 02:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
531 B 122ms
48ms XHR
application/json 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9to5google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
337 B 39ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D2FJXCHD85&gtm=2oebu0&_p=784651585&cid=1782646198.1671476215&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671476215&sct=1&seg=0&dl=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&dt=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2FJXCHD85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 94ms
19ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Dec 2023 15:08:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 162 B
726 B 126ms
52ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=9to5google.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d320910eb20c3179d95a6110f64c2eb0c949b1cb0738d841fbe50cf3769aba15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Mon, 19 Dec 2022 18:56:55 GMT

GET
H2 200 sprite.svg Show response
static-cdn.spot.im/production/icons/sprites/ 23 KB
9 KB 53ms
7ms Fetch
image/svg+xml 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: gJImWiUZ43TZkUACGUvnT4BAL8Ytwpd5
content-encoding: br
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
date: Sun, 18 Dec 2022 20:53:58 GMT
last-modified: Wed, 11 May 2022 08:57:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79380
etag: W/"5a00ba991fdd7fb0f560fb63f2f832e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-id: B30Iu2xw-lasQGRSVeGJrlFr8FPE4wDrVf-y9oLxpaYjYUpwo9kIDQ==

GET
H2 200 no_post Show response
api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/ 129 B
861 B 284ms
284ms Fetch
application/json 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/no_post
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: fasthttp /
Resource Hash: e05be51aee9ba2945756bab6ffb05cad1900a1441be2506114b7296d60d68e7b

Request headers

Accept: application/json
Referer: https://9to5google.com/
x-spotim-device-uuid: b114f83e-33c7-49e3-9cc9-0035b321c567
x-spotim-page-view-id: aef0aaac-6a49-4eea-82f3-77170f89f8fb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server: fasthttp
x-amz-cf-pop: FRA56-C1
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://9to5google.com
x-cache: Miss from cloudfront
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
content-length: 129
x-amz-cf-id: UgyCC-ll3aa0ItcGRf8wZOuobWUiLj5TopG91EdNNX6R1oKDr3P8bw==
x-request-id: e86124f7-7fce-11ed-b7a6-a63ac2c55993

OPTIONS
H2 200 no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/ Frame 0
0 117ms
101ms Preflight 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_rVSSRN5u/no_post
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method: GET
Origin: https://9to5google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://9to5google.com
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age: 86400
content-length: 0
date: Mon, 19 Dec 2022 18:56:55 GMT
server: fasthttp
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
x-amz-cf-id: nVsuzTC1MzAMQcqUZnWfdnjYTw8oIhwi6w7mp4rs-8aX384udBp_sQ==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 43 B
390 B 32ms
32ms Script
image/gif 34.248.40.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=b8f771eed689587b82c4635131ce08d7
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.40.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-40-66.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:55 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 43 B
390 B 100ms
43ms Image
image/gif 34.248.40.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=b8f771eed689587b82c4635131ce08d7
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.40.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-40-66.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:54 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
460 B 56ms
15ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://9to5google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 AGSKWxWRVgQCrTV_0WPnzTWF3pp4HU_BShilvG1NAl0BI-0eVz8C-Hc_nhshMHlZ1UFSL_20vwgW_meSnZ-_43iw Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 36ms
34ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWRVgQCrTV_0WPnzTWF3pp4HU_BShilvG1NAl0BI-0eVz8C-Hc_nhshMHlZ1UFSL_20vwgW_meSnZ-_43iw

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58d1b38116cea1334ab5be9693a5b51996a550e5a63e5d974a34d7f90aee60f3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fx_juyY1T02Hvq7zWT0qBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-fx_juyY1T02Hvq7zWT0qBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 107 B
554 B 49ms
36ms XHR
text/javascript 34.248.40.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.40.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-40-66.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2d0adf5f31150fd7f141c97336ad18628e5f9f3350a6a6c01af87b0a4c0e783b

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:55 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://9to5google.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 107
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/34f9b71c/ Frame F4AE 360 KB
49 KB 133ms
86ms Stylesheet
text/css 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49901
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:34:20 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/ Frame F4AE 316 KB
98 KB 152ms
106ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1bc98f188a5797fcbe67ffd72028347b81fb7cafca30994789f953694e81c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100066
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:34:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/ Frame F4AE 2 MB
587 KB 161ms
115ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc630686190c6b0588372183c91c0981c79bfdbe03d7e019f581da24c48cedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600672
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:38:09 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/ Frame F4AE 9 KB
3 KB 159ms
113ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:34:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4AE 15 KB
15 KB 60ms
19ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:20:58 GMT
x-content-type-options: nosniff
age: 293757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 09:20:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4AE 15 KB
15 KB 61ms
21ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:15:01 GMT
x-content-type-options: nosniff
age: 333714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:15:01 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
460 B 62ms
62ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&pid=nB3Pb2bsjCBsn&cb=1&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1436850350386-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%7D%5D&pubid=fee31bcb-d8b7-4565-8a5b-b1097e207e11&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: R1WPQAW9XMZVT21N1WT8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://9to5google.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qbr4fyNyKji9Kv2geZkrnBAxpzR5Y1d2BIpNwWn-bEBw1-muCcCciQ==

GET
H2 200 arj Show response
nineto5mac-d.openx.net/w/1.0/ 72 B
376 B 82ms
27ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nineto5mac-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=885d644a-ab2b-4b7a-bc4a-044a039d3390&nocache=1671476215474&aus=300x250%2C728x90%2C970x90%2C970x250&divids=div-gpt-ad-1&aucs=%252F1049447%252F9to5google-300x250-TopSidebarMain-R&auid=557730549
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a0f238508e429d2c6fd2e29980d33924c5b847ad33506a1e939e65d96a7350db

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://9to5google.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
939 B 234ms
181ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6f77070444ce219494c5e549bb1e20fee019d4e5acafa577ca417787eff34649

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:55 GMT
AN-X-Request-Uuid: 47d65c1a-1e66-4e37-945b-db495fc16fbb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://9to5google.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
223 B 247ms
32ms XHR
text/plain 52.210.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=5.20.3&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1%22%2C%22callback_id%22%3A%22659a67b3af1ac7%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%223051577113086730262%22%2C%22gpid%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%7D%5D&page_url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&bust=1671476215478&pr=&scrd=1&dnt=false&description=Today%27s%20Google%20Doodle%20is%20celebrating%20the%20start%20of%20the%202022%20World%20Cup%20Quarter%20Finals%20with%20an%20animated%20image%20for%20the%20upcoming%20matches.&title=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.121.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-121-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://9to5google.com
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
564 B 157ms
122ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=860679&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227fa84243af726b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228f19924a576541%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22860679%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-300x250-TopSidebarMain-R%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede13f8d3789f5531e4e0434a57ba6f7b726416233e2ee7588f8f7573847c89d

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQaw6wADsrRInlASLU7JyFrNUYyPLMg65u0%2B2LcYKVW8PDNtmr%2BRe4Bg9D7of2rlKksA9kS3KBxegGNn22ONmQ%2FNZoLlJjUXT9qPY%2BAci5D02ZVDI0HLfW3ma70YyC2kZ3rqoLhp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c6afde59bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 370ms
86ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a6018080b98f8cbe0f535e005c&pos=8a96907a0182825f8075610eb06a000c&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e63263a867dc7c59ad1b3cf4cc7726f12f3fb7c008e0688ac9924c39da066094

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://9to5google.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 391 B
940 B 187ms
96ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24532&site_id=425270&zone_id=2413094&size_id=15&alt_size_ids=2%2C55%2C57&rf=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&tg_i.dfp_ad_unit_code=1049447%2F9to5google-300x250-TopSidebarMain-R&tg_i.pbadslot=1049447%2F9to5google-300x250-TopSidebarMain-R&tk_flint=pbjs_lite_v5.20.3&x_source.tid=885d644a-ab2b-4b7a-bc4a-044a039d3390&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.507835577061378
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1c524efaad9ef1e6774ed9f7189d0d7144cb74815e4c6e0f0627b18292080249

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://9to5google.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 391
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 187ms
78ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://9to5google.com
date: Mon, 19 Dec 2022 18:56:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
954 B 91ms
54ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUOZ495Q
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e80d36d103021453278832a727ab4a229bd348d51adb2ced472f399e248f0da

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://9to5google.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Mon, 19 Dec 2022 18:56:55 GMT

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 212 B
396 B 87ms
14ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e0c0b644862e8e883e94e2ef5b63fc84891666f4c9977c44718c75a83a179d32

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 212
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=784651585&t=pageview&_s=1&dl=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ul=en-us&de=UTF-8&dt=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAQCAC~&jid=542160935&gjid=279451699&cid=1782646198.1671476215&tid=UA-23224427-1&_gid=599912946.1671476215&_r=1&gtm=2wgbu0THGGVXB&z=288980381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
8ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=784651585&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ul=en-us&de=UTF-8&dt=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User&ea=Color%20Mode&el=Light&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=1782646198.1671476215&tid=UA-23224427-1&_gid=599912946.1671476215&gtm=2wgbu0THGGVXB&z=336470178

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58464
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
8ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=784651585&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ul=en-us&de=UTF-8&dt=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Content%20Category&ea=undefined&el=%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=1782646198.1671476215&tid=UA-23224427-1&_gid=599912946.1671476215&gtm=2wgbu0THGGVXB&z=339040751

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58464
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
9ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=784651585&t=event&ni=1&_s=1&dl=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ul=en-us&de=UTF-8&dt=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adblocker&ea=inactive&el=%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&_u=YADAAEABAAQCACAAI~&jid=&gjid=&cid=1782646198.1671476215&tid=UA-23224427-1&_gid=599912946.1671476215&gtm=2wgbu0THGGVXB&cd1=inactive&z=75882646

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58464
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
698 B 104ms
42ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=9to5google.com&callback=_gfp_s_&client=ca-pub-4710874666031648&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4710874666031648&plah=9to5google.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a069da4929aa7b5ba51de3d311bea24eaeb2f71114fc677f3e1a67fc277afffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 105ms
42ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9to5google.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9to5google.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&tn=HEADER&id=js-site-header&cls=site-header%20js-header-normal&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A22B 7 KB
893 B 171ms
125ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&adk=1812271804&adf=3025194257&lmt=1671476215&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215209&bpp=3&bdt=633&idt=306&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=692912416232&frm=20&pv=2&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a59b0141b6e767c230bac6893897f14e56fc1567b6faf3972eee87fb1b62a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 870
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:55 GMT
expires: Mon, 19 Dec 2022 18:56:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C6E 131 KB
39 KB 498ms
470ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1671476215&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215212&bpp=2&bdt=635&idt=361&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TNgTY2CXeX&p=https%3A//9to5google.com&dtd=365

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

093c3668b2e402b8513f0b04fafb4a325f73b357650206b7dd5e6ea11bd2f3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39521
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Mon, 19 Dec 2022 18:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 372 B
696 B 127ms
127ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24532&site_id=425270&zone_id=2413096&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&tg_i.dfp_ad_unit_code=1049447%2F9to5google-728x90-TopMain-R&tg_i.pbadslot=1049447%2F9to5google-728x90-TopMain-R&tk_flint=pbjs_lite_v5.20.3&x_source.tid=8430fd1c-b2f4-43e7-8e94-dfb0e683a160&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.992540914911221
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8e914d90858b126945053136c058591e9e5b490ba54177cbc142e29ecf1d00dc

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://9to5google.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 372
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
224 B 139ms
32ms XHR
text/plain 52.210.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=5.20.3&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-1436850350386-0%22%2C%22callback_id%22%3A%22255090db901a5c8%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C70%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%223051577112038154251%22%2C%22gpid%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%7D%5D&page_url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&bust=1671476215585&pr=&scrd=1&dnt=false&description=Today%27s%20Google%20Doodle%20is%20celebrating%20the%20start%20of%20the%202022%20World%20Cup%20Quarter%20Finals%20with%20an%20animated%20image%20for%20the%20upcoming%20matches.&title=2022%20World%20Cup%20Quarter%20Finals%3A%20Google%20celebrates%20with%20Doodle&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.121.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-121-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://9to5google.com
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 91ms
83ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://9to5google.com
date: Mon, 19 Dec 2022 18:56:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
939 B 20ms
7ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

62091fc4af4136584b36e164aceba3e122de5b945496a013ef4a835cdccb34b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:55 GMT
AN-X-Request-Uuid: ec173549-f5df-45d1-9e6b-8c3a930e91a9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://9to5google.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 264ms
87ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a6018080b98f8cbe0f535e005c&pos=8a96907a0182825f8075610fe67f000d&cmd=bid&secure=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5f01e094583330707a4ea2c70fea7dcbc47b34c6b4417682300e529c2bdd0bcf

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://9to5google.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
396 B 17ms
16ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: fb05f5554ba786ff7605f6d915dd9d8329f7828a85465c86433fa7e5329cdb84

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

GET
H3 200 arj Show response
nineto5mac-d.openx.net/w/1.0/ 73 B
101 B 31ms
21ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nineto5mac-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8430fd1c-b2f4-43e7-8e94-dfb0e683a160&nocache=1671476215588&aus=728x90%2C970x70%2C970x90%2C970x250&divids=div-gpt-ad-1436850350386-0&aucs=%252F1049447%252F9to5google-728x90-TopMain-R&auid=557730553
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e5206328d2cc2308fcaeac42be6ea00a48a1787053f6581b97fffee6182a57f2

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://9to5google.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
672 B 124ms
123ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUOZ495Q
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 724d61fa7d340da039b94c78c4ec5c27ac64a3f66f91e9ffbb237dccf3f42e3d

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://9to5google.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Mon, 19 Dec 2022 18:56:55 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
313 B 69ms
69ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=860681&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22389f843e28ad25f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.3%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2239e411acdadbb73%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A70%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22970x70%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22860681%22%2C%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1049447%2F9to5google-728x90-TopMain-R%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f9eff12f189b8028b34b719fd3537f6dba53184404bda65358122a394920458

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hI%2FQyp8NcBeGtGtxN%2FIYojX4JIdG7MvI7wQEhmgEdxVHCWfFHnKQyD9aF7DRFZa94KHLXbEedv%2BR1KFvi5vLmvR8KxOaWm3s5UzChP2QFjSbgy711raoYbdWSp1GpH7V2lisSQC"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c6b7f159bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 rules-p-18TTuBOnUhD7c.js Show response
rules.quantcount.com/ 160 B
634 B 58ms
14ms Script
application/javascript 2600:9000:206e:ac00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-18TTuBOnUhD7c.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:ac00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d99c54706e25070dbe3551052474c0ea16b30bc5ed0cd908ae0cbbf903723706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:41:25 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 970
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:17:51 GMT
server: AmazonS3
etag: "5bf9ece14f1402b9d9ef75c1c1280a16"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: kJDnmkTkQ_bui3-tvwVCbY1vKpkwFtkXS2a4TnGRJ4Q9jAxpTTR-Zw==

GET
H2 200 pixel;r=742393757;source=gtm;rf=0;a=p-18TTuBOnUhD7c;url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F;uht=2;fpan=1;fpa=P0-1745842635-1671476215599;pbc=;ns=0;ce=1;...
pixel.quantserve.com/ 35 B
372 B 10ms
10ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=742393757;source=gtm;rf=0;a=p-18TTuBOnUhD7c;url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F;uht=2;fpan=1;fpa=P0-1745842635-1671476215599;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=9to5google.com;dst=0;et=1671476215659;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Google%20celebrates%202022%20World%20Cup%20Quarter%20Finals%20with%20animated%20Doodle%2Cdescription.Today's%20Google%20Doodle%20is%20celebrating%20the%20start%20of%20the%202022%20World%20Cup%20Quarter%20Fin%2Curl.https%3A%2F%2F9to5google%252Ecom%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%2Csite_name.9to5Google%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2F9to5google%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F4%2F2022%2F12%2F2022-world-c%2Cimage%3Awidth.2000%2Cimage%3Aheight.1000%2Cimage%3Atype.image%2Fjpeg;ses=881451cb-2ff7-4dcb-97c7-74a977e98901

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F4AE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

44ms
43ms

XHR
application/json

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI

Protocol

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eababf4afd2924cfc0cba11500343add64fb99525280f5161770771ed7ab25dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Dec 2022 18:56:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F4AE 29 B
587 B 87ms
23ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:54:49 GMT
x-content-type-options: nosniff
age: 126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Dec 2022 19:09:49 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 22ms
15ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 19 Dec 2022 18:56:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F4AE 66 KB
30 KB 38ms
20ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1dbb3a32e5b356a89348fe8b50dbb0f484a699821c4389976691ad35871dece4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30955
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame F4AE 0
19 B 43ms
43ms XHR
text/html 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=81sBg5Ad5De4EP5e&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24289310%2C24292955%2C24391578%2C24406621%2C24415864%2C24416290%2C24434208&cl=495406532&seq=1&event=streamingstats&docid=6Ui1LxiAodc&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20221214.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
X-YouTube-Client-Version: 1.20221214.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtKNVJsczBlY2tvcyj354KdBg%3D%3D
X-YouTube-Ad-Signals: dt=1671476215708&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C506&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/ Frame F4AE 26 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022f474afc5749850b98dd19ed71a3ef48a8ac19a0bed7dff972fd611d6b23fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8313
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:44:43 GMT

GET
DATA 200
OK truncated
/ Frame F4AE 349 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1deaa03f122134171a83e1be4317c847d083806c424b5f431ff0b1c3bb651bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 0
0 12ms
12ms Fetch
text/html 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:51:46 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 25514
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 0
x-amz-cf-id: DthRwmm-YIy665qP9g3UuvINnWEI6FIOdlhCBBiqT2dhuA8zdQVvQA==

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 0
0 12ms
12ms Fetch
text/html 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:51:46 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 25514
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 0
x-amz-cf-id: lcx5GKfoF7zp9y9K6wNxgIOuRflFgUx8_zVPCL01QeBzzqW5rc7F0A==

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F4AE 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5ba4a8718a66639260ed764a4861c99084dfbbe0a7825307b380c9b30976e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
16ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 19 Dec 2022 18:56:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 85ms
43ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9to5google.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9to5google.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAE5 25 KB
11 KB 516ms
516ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca5a31ede3d5ef9e6dfb31906ae6d185de38cdc462b19d9a24ae15a011cc0c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11593
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Mon, 19 Dec 2022 18:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
12 KB 488ms
447ms XHR
text/plain 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3125609526377573&correlator=2882831423820511&eid=31070873%2C44780792%2C31071010&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=1049447%2C9to5google-728x90-TopMain-R&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x70%7C970x90%7C970x250&ifi=4&adks=3714748339&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&abxe=1&dt=1671476215949&lmt=1671476215&dlt=1671476214576&idt=873&adxs=436&adys=250&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&frm=20&vis=1&psz=1600x270&msz=1600x250&fws=4&ohw=1600&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3104826c0db9cba87eb425f81a5c3e8b40c6784d52682df5d55a98fa53840b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12517
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9to5google.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
46d6752f02cf0d7809a59939cffd9482.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3173 6 KB
3 KB 165ms
16ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://46d6752f02cf0d7809a59939cffd9482.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Tue, 19 Dec 2023 18:56:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads.js Show response
static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ 253 KB
78 KB 26ms
7ms Script
application/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ads.js
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b2f7b6966578c6f9e6234354d01dc2c54a215f8f0ce04f5d634aa963e4029bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: UjDLaDlD.3Y1YdJEzxvDsU6zzNEdHjqB
content-encoding: br
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
date: Mon, 19 Dec 2022 03:59:54 GMT
last-modified: Tue, 06 Dec 2022 15:00:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 53825
x-amz-server-side-encryption: AES256
etag: W/"cd3544eb7acc7f8052a600cfe1cc869e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 36RfqRrRDte8tT70Qa3XItNYJMMux4ZNmGh5Pf9FkGG8BDLEGK7xeQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 371ms
344ms XHR
text/plain 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3125609526377573&correlator=2580440873452405&eid=31070873%2C44780792%2C31071010&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=1049447%2C9to5google-300x250-TopSidebarMain-R&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C728x90%7C970x90%7C970x250&ifi=5&adks=890492897&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&abxe=1&dt=1671476215966&lmt=1671476215&dlt=1671476214576&idt=873&adxs=650&adys=4057&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&frm=20&vis=1&psz=1600x270&msz=1600x20&fws=4&ohw=1600&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51e8aee9d4eb904809e88e482ec260b16105cd6bab430b904ccbaa6dae278caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20308
x-xss-protection: 0
google-lineitem-id: 4566322202
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138224231154
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame D3D2 22 KB
8 KB 120ms
42ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUOZ495Q&prvid=2034%2C2011%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C2025%2C237%2C117%2C3014%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C261%2C141%2C222%2C201%2C3007%2C246%2C301%2C4%2C203%2C225%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

372fc730e05b0b6d815d9e5dfae29102d1eced70f30f8805644e8c97ad8332e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8185
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Wed, 21 Dec 2022 18:56:56 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D33B 52 KB
17 KB 44ms
8ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 84814
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 19 Dec 2022 18:56:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 652467
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220029-HHN
X-Timer: S1671476216.013163,VS0,VE0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame F2C3 22 KB
8 KB 155ms
80ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

372fc730e05b0b6d815d9e5dfae29102d1eced70f30f8805644e8c97ad8332e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8185
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Wed, 21 Dec 2022 18:56:56 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 60B1 16 KB
6 KB 10ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=32822
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 19 Dec 2022 18:56:55 GMT
expires: Tue, 20 Dec 2022 04:03:57 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AEE8 281 B
554 B 79ms
19ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Dec 2022 18:56:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame E416 3 KB
1 KB 77ms
33ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 694
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 77c25c6e29b09b86-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Mon, 19 Dec 2022 22:56:56 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 3114 0
91 B 26ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 19 Dec 2022 18:56:55 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A043 16 KB
6 KB 10ms
10ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=32822
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 19 Dec 2022 18:56:55 GMT
expires: Tue, 20 Dec 2022 04:03:57 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 4A26 0
80 B 25ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 19 Dec 2022 18:56:55 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 8D57 3 KB
2 KB 64ms
25ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 694
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 77c25c6e29b39b86-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Mon, 19 Dec 2022 22:56:56 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3A8A 52 KB
17 KB 34ms
8ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 84814
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 19 Dec 2022 18:56:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 686329
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1671476216.012858,VS0,VE0

GET
H2 200 ads.css
static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ 7 KB
2 KB 8ms
8ms Stylesheet
text/css 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ads.css
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_rVSSRN5u
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d85a43f2d2cd51faa1171e6cdc1b99bcdd63636b4f8bb99a5f99f781f9c818c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 2gdNV8b9sA0JXxKGPfB9rWYv6m3COAXt
content-encoding: br
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
date: Mon, 19 Dec 2022 02:06:27 GMT
last-modified: Tue, 06 Dec 2022 15:00:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 60631
x-amz-server-side-encryption: AES256
etag: W/"14f23577c40eb1cda328fe24ec5f2e9f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 6RbM6JxeTNAqQAa3jNvOyg-9UZJiBah5Qv2l1ujUbgU6t-7WLrEuJw==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 60B1 2 KB
3 KB 68ms
22ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91562656&p=161751&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 5e31d3f038dd3a316461bcbf6f70ccc72575854f03f3c7cff2dd16dc2555754c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

OPTIONS
H2 200 v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rVSSRN5u/ Frame 0
0 101ms
101ms Preflight 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rVSSRN5u/v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method: GET
Origin: https://9to5google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://9to5google.com
access-control-expose-headers
access-control-max-age: 86400
content-length: 0
date: Mon, 19 Dec 2022 18:56:56 GMT
server: fasthttp
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
x-amz-cf-id: stTKvUOMsBVHJW8VD3tADH7w9MBzKl_hdDPUMkiitJwxA9iTXIiChQ==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H2 200 v2 Show response
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rVSSRN5u/ 15 KB
3 KB 283ms
283ms Fetch
application/json 65.9.66.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_rVSSRN5u/v2
Requested by: Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-106.fra56.r.cloudfront.net
Software: fasthttp /
Resource Hash: c231bfcfd68264a6eaa590be714304b7fa852de588ebf09cd5892f1845f5c740

Request headers

x-guid: b114f83e-33c7-49e3-9cc9-0035b321c567
x-post-id: no_post
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-spot-id: sp_rVSSRN5u
x-spotim-page-view-id: aef0aaac-6a49-4eea-82f3-77170f89f8fb
Referer: https://9to5google.com/
x-access-token: null

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-request-id: e8cb67b8-7fce-11ed-a61a-36721a176e3a
server: fasthttp
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://9to5google.com
access-control-expose-headers
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id: rOfcRv9Ybf41lheZYaiMjfUGa7TIzvm7WpQ0egS82ekshEUunhavLw==

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 3A8A
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
926 B

8ms
8ms

Script
text/html

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
AN-X-Request-Uuid: 7cd76776-4258-4282-861e-314faf788959
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
AN-X-Request-Uuid: 1a3ca6d9-2993-4676-9bb0-880d42d0c189
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D33B 0
854 B 12ms
11ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
AN-X-Request-Uuid: 80b908d0-b899-4539-8e78-1d860a68695f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AEE8 34 KB
10 KB 17ms
17ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 499ce9c057786f40c6af08d066165b1aecdcd5fe7959a98247d0b13726a3c4bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Dec 2022 15:42:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74739
Connection: keep-alive
Content-Length: 10066
Expires: Tue, 20 Dec 2022 15:42:35 GMT

GET
H2 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 9C6E 9 KB
5 KB 99ms
22ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1671476215&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215212&bpp=2&bdt=635&idt=361&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TNgTY2CXeX&p=https%3A//9to5google.com&dtd=365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:19:26 GMT

GET
H2 200 7156fe4112f2feb03ce9929e9538bdd6.js Show response
www.gstatic.com/mysidia/ Frame 9C6E 135 KB
50 KB 100ms
23ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7156fe4112f2feb03ce9929e9538bdd6.js?tag=video_mra/web_raspberry

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00195eb5fe46ae87b04ad439e037289454b69bf24fab633e82e478d836888e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51085
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 22:27:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9C6E 8 KB
895 B 34ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:15:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9C6E 13 KB
970 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:12:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9C6E 2 KB
765 B 23ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9C6E 23 KB
10 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9C6E 3 KB
1 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 16:57:51 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 9C6E 67 B
91 B 24ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:08:41 GMT
x-content-type-options: nosniff
server: cafe
age: 46095
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 20 Dec 2022 06:08:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9C6E 18 KB
7 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C6E 153 KB
47 KB 107ms
63ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 9C6E 34 KB
14 KB 67ms
22ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 12:26:41 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8476
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

51ms
45ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaee6e8c2b17d5f584011496de9b66442c3699a0785a1cbf20be4eb356c44533

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c25c6f3da19128-FRA
content-encoding: br
content-type: text/html
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F48GD%2F0lSCeTXFXIuNRAiR5PFScaBoua4qoQ5Wje5ATtNCNJYbiu1PkrpB3NL2bypQLMpIOeUAf7uVl%2Fx8nm2yjA3%2F%2BHjIn6ETr19MOyCKgcD6p0CKNaiRn%2Fi18M2Z9K9gxHjNqHupKM4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c25c6efda8918c-FRA
content-length: 0
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ofaiwv8Iqo8kuMVq5Qy%2F2o73JJzjUUQAJEMAVpo8HSZDG%2BfzKk1gh%2FYnGhQD01%2F4B7UlmcFIcIOfjJbEMzffBSxm8ML7OG1KY769bCdCCJ9Ecw1TLRyHJaVQAupS0T4UL%2FAubuK12%2BB16g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 23FE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

72ms
61ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a43ddd1656b28d29f6e08b72f8d71a54a3e346074c31c51637a2839b9a7ff2f

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c25c6f3d9a9128-FRA
content-encoding: br
content-type: text/html
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B6KVJC%2FAsmCvCYzTPBhsgsoOPbK4ouxPnO%2Fy06FAkr66TQasojYprNgm7%2FIxkzUoeumakLuUZRp9RKmHEcTbx6B0a9yuxKeulTbuhDDTYrQnMoK56CTlZxJbDduRZShiNwhPZqSzaoXUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c25c6efdac918c-FRA
content-length: 0
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh77rKNRirBnsjXzjUfSPWiBgROQ7iN7IsiEM%2FgpleBjyu3h%2BVHzsTn%2FrjX2J7Qt9ueTqNOAvLmLnpMuyeDMlOeB3SYu7MwIgYumkWQtnGVHA7cERVJoZIrYP2Y6dmlrf%2FVHqj1MiTkfUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B16C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d30663a0-b3f8-4800-8386-c9b16b03db35&gdpr=0&gdpr_consent=

42 B
557 B

79ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d30663a0-b3f8-4800-8386-c9b16b03db35&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 19 Dec 2022 18:56:56 GMT
Expires: Mon, 19 Dec 2022 18:56:55 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 254 34fcae8 master zrh-pixel-x10 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d30663a0-b3f8-4800-8386-c9b16b03db35&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 933E 43 B
363 B 90ms
18ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Mon, 19 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 617389
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 78E8
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1265204569685843185

42 B
274 B

76ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1265204569685843185
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1265204569685843185
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 5A4C
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

218ms
185ms

Document
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 19 Dec 2022 18:56:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 3H5MJTH7ZX4XTCS1TQ9V

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 19 Dec 2022 18:56:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 9M1X41WS4G4J1SQGV4D2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B826
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2643881268435628356&gdpr=0&gdpr_consent=

42 B
219 B

123ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2643881268435628356&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 32ebfaf5-9c9b-48ca-999b-c9f1a94b57b1
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Dec 2022 18:56:56 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2643881268435628356&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eX8CXQdATW2FTZiaST6cOA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

57ms
55ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=32821
accept-ranges: bytes
content-length: 5554
expires: Tue, 20 Dec 2022 04:03:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 60B1 95 B
382 B 69ms
34ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=797F025D-0740-4D6D-854D-989A493E9C38
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 77c25c6f4816926e-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 60B1 49 B
264 B 105ms
29ms Image
image/gif 34.252.235.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.1
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 60B1
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=350426392
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=797F025D-0740-4D6D-854D-989A493E9C38

0
277 B

46ms
17ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=797F025D-0740-4D6D-854D-989A493E9C38
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
via: 1.1 google
last-modified: Mon, 19 Dec 2022 18:56:56 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=797F025D-0740-4D6D-854D-989A493E9C38
date: Mon, 19 Dec 2022 18:56:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 60B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzk3RjAyNUQtMDc0MC00RDZELTg1NEQtOTg5QTQ5M0U5QzM4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

18ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 60B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKKMce80hgNkOb7h3m0CLAM&google_cver=1

42 B
526 B

53ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKKMce80hgNkOb7h3m0CLAM&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:54 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKKMce80hgNkOb7h3m0CLAM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 60B1 43 B
612 B 59ms
14ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 18 Dec 2022 18:56:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 60B1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8009231631805409972

42 B
218 B

20ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8009231631805409972
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8009231631805409972
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 60B1 70 B
265 B 106ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
DATA 200
OK truncated
/ Frame 9C6E 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 9C6E 0
318 B 357ms
120ms Ping
image/gif 2607:f8b0:4009:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lbv5s6nm&c=824137568202&slotId=412068784101&qqid=CPH91ZCuhvwCFTgFewodOXkITA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7156fe4112f2feb03ce9929e9538bdd6.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4009:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9411314677150886406/ Frame 9C6E 85 KB
85 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9411314677150886406/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6577de6e53d5c8ca68b7a470f32cb118dcfcfdd82140c253d5dd93796f082cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:50:34 GMT
x-content-type-options: nosniff
age: 126382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87467
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 07:50:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C6E 0
0 62ms
62ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ccow-97OgY7GmJ7iK7AO58qHgBMmWuPZs4dSnuPEP2tkeEAEg6LaaYGCVgoCAuAegAee3oJUDyAEJqQIOq2M6ycuxPqgDAcgDywSqBPsBT9B_aYyyWNm4fIJXeoICiOobTJKDMiIkBA6yOxEZTYsZPRdSYgK_0gwET7KqFSkrHfnD3gwDiQki7cz4MdX6NFlDlcB_revRJtIU1sDlby5bO5K6n7GZlePfvY5dwKFYN-BG2y4VJXM2m0tUXHYHXOSb0-0K8EZ7umHLG23UbKhpS5ekhPAwQ86nldy60sq7JUk-I_G8TywGRCzwqtyxxnSeY0JK_H2c1wer9WZKeg1Dhogvr5K3fndazH_GJkE2AwgYpmAD8XwZo2ndX8VaKPfVW2hGbhqN_LUXiVtAmaGJEWo79FWM2B7-le2XqlFW25GlOsy0GsrKKj3ABIHe7rfhA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeByN9qqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvc4V0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E5wb2BMNiBQB0BUBgBcBshccChoIABIUcHViLTQ3MTA4NzQ2NjYwMzE2NDgYAA&sigh=dih2yHIkutA&uach_m=[UACH]&cid=CAQSGwDq26N9rrnl1UuGcjTMA2IvLr6lwmjfmvGGRxgBIBM&template_id=3484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1671476215&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215212&bpp=2&bdt=635&idt=361&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TNgTY2CXeX&p=https%3A//9to5google.com&dtd=365
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 18:56:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8476 70 B
264 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8476
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB&dcc=t

43 B
855 B

114ms
114ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PBC61Q4DEN2TB9HZZJ94
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W2FXQ9E3T2126JJRQ5JS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8476
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6Cz.CMpmf-7dqS5gi7HZwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 8476
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Cz-NCZj27YbHhI-atyawAAFB0AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1

43 B
850 B

38ms
37ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cyk%2FDl6cg%2FCtpbbailtjEJrHCPWrszI8vHV5oZpAxsdUH5bcGzUizC8Xgagby9gMdhHO3Es6et2R%2BLLV5XPBJKjCZbkyqI3BXxPbE%2FRufydKtGTiwGeBy%2FJwGYXxWUc%2FJJzSc9ep3sJS9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c715abc9128-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 8476
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d30663a0-b3f8-4800-8386-c9b16b03db35

43 B
766 B

51ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d30663a0-b3f8-4800-8386-c9b16b03db35
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d30663a0-b3f8-4800-8386-c9b16b03db35
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 19 Dec 2022 18:56:55 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame 8476
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2643881268435628356

43 B
869 B

92ms
44ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2643881268435628356
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H31cIbdAfffVaOJx2PzLYr7j8z90%2FZlEhnLZXSDt9XdhBEgmJeE5TM8s2eTdMKsHGjc19MJiMqpFa0elwH6Gv2rDOzTqTGBndstEhJ9FMbopHsPBl1WZFSGL07b4lb03ekHjmIAs"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c704fca9b64-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c2dff8a2-4ff5-40d8-8516-19c2af4feba0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2643881268435628356
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8476
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2996585902459466121

43 B
766 B

18ms
18ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2996585902459466121
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2996585902459466121
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

rum
dsum.casalemedia.com/ Frame 8476
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=67108a8d-15c7-4030-af8c-e6963664db99
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=67108a8d-15c7-4030-af8c-e6963664db99
https://x.bidswitch.net/sync?dsp_id=4&user_id=1aa6f054-6bb4-49d1-be82-023269d0df33&ssp=index&expires=30&user_group=5&bsw_param=67108a8d-15c7-4030-af8c-e6963664db99
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=

43 B
839 B

47ms
47ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1RRt6Osu7UTZkSgPtAb1vEJCTgljpZaMG%2FPjnqdXarTV%2B0LuOHBe1NivHAA7puu4TnZPoDFRWbdQV1vwk7c1E0WEmwl1w3gUDY1DlGxWTTSKyDWsxP4SwZ%2BDe%2FBVSYmCVmCO%2Fa6"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c7388319b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 8476 43 B
102 B 91ms
19ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y6Cz.NCZj27YbHhI.atyawAA%265149
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 73698
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c25c70488cbb56-FRA
content-length: 43
expires: Tue, 20 Dec 2022 18:56:56 GMT

GET
DATA 200
OK truncated
/ Frame 9C6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a8a4d1e289122d059474c4f5ddde656a8d7dd19bda5cc4643ef1ab8df573377

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-4g5lzne6.googlevideo.com/ Frame 9C6E 1 MB
1 MB 72ms
10ms Media
video/mp4 2a00:1450:4001:12::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1671505015&ei=97OgY_fGPIyC7QTexaWQAQ&ip=2a01:4a0:2b::8&id=f0cdb6331b929bfe&itag=18&source=youtube&requiressl=yes&mh=A4&mm=31&mn=sn-4g5lzne6&ms=au&mv=m&mvi=1&pl=43&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=27.213&lmt=1664517931257637&mt=1671476007&txp=4530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAJ-x-RCy1TobapqTPIQTGQNTuOe-_bM4GD_XJu2OkMxpAiA5Y_IyiHVUbldpwxjdkazPtTaDmChbfSkZeOUjeR0zcA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgdYNgxSm5t9hBdHCZFSsfss_axB8E59zg5UJbYyHxwZwCIEIeA_wjcL8ZbwHBASOCJlv0rLL1KuyOa6Jkv1kwfRnj&cpn=1IVmAVAElW08AeGE

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:12::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7615d2774c449667a6727f21c5df0adafcde9abbe765c09c8b81a452feae7e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Sep 2022 06:05:31 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1521627/1521628
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1521628
Expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 23FE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&dcc=t

43 B
855 B

114ms
114ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TDM4NQ4BBPDWH2AZTSAM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6HDSXA63N35DRDZ2JZEA
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 23FE 70 B
264 B 33ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 23FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1

43 B
845 B

31ms
29ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUA5Bm5GdUDfAtiwtY8ZFkf3Lykv9qqh7gvQZDArjN3r0bPU1rv%2BniXgHNdqKRouxz9%2B9FeBwLUeGMzt72NOe8bpF4Epf0o7kVzHI51jQZzzfoyegn0qdeTVRr8%2FG1YmvLmXpF7c3yhjKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c7119e99128-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED15JLTtCbCO9hi4TQayd3c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 23FE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6Cz.CMpmf-7dqS5gi7HZwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS6LoN_8cPmzO4JLC0etU8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 23FE
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=cd727a19-89a7-46b0-afe8-358662ef6100-tucta9a3978

43 B
766 B

13ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=cd727a19-89a7-46b0-afe8-358662ef6100-tucta9a3978
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=cd727a19-89a7-46b0-afe8-358662ef6100-tucta9a3978
date: Mon, 19 Dec 2022 18:56:56 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13388

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 23FE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6046524278057156256&expiration=1672685816

43 B
766 B

44ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6046524278057156256&expiration=1672685816
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6046524278057156256&expiration=1672685816
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

rum
dsum.casalemedia.com/ Frame 23FE
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_e4d78e48-0720-472b-9b41-d81b41cdca43&bsw_param=67108a8d-15c7-4030-af8c-e6963664db99&expires=10
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=

43 B
874 B

49ms
33ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQkZBhyasKwSOVPVFO5SQk5PUtR6RLh3ENV3OMgVoIVsflZqhgDJ2wNsl9EmdUJUethw%2B8V2D%2BHmVdKHiXakbM79hDeVN%2B%2FBXO5VUbH2zokxaQyOFCSbLMRdHoc1S4DN0Q0gsWMO"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c713a9c9b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 23FE
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0e53287c-0962-4815-b673-4c302273e554

43 B
766 B

15ms
14ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0e53287c-0962-4815-b673-4c302273e554
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=0e53287c-0962-4815-b673-4c302273e554
date: Mon, 19 Dec 2022 18:56:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 23FE 43 B
353 B 81ms
18ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y6Cz.CMpmf-7dqS5gi7HZwAA%261189
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 73698
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c25c70488fbb56-FRA
content-length: 43
expires: Tue, 20 Dec 2022 18:56:56 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame AEE8 70 B
264 B 37ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AEE8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wnjiKT0MQlyaZ7KtxGRBLQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wnjiKT0MQlyaZ7KtxGRBLQ

43 B
479 B

105ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wnjiKT0MQlyaZ7KtxGRBLQ

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T7B9KPGWQR9ZMZV7DNDB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wnjiKT0MQlyaZ7KtxGRBLQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame AEE8
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBV5S65K-1H-COW3

0
707 B

214ms
159ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBV5S65K-1H-COW3
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6B76D2AC586E45A6B60832384BCBBAE1 Ref B: DUS30EDGE0909 Ref C: 2022-12-19T18:56:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwMuIjBM+iTbsnhsQF3g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBV5S65K-1H-COW3
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEE8
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame AEE8
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=y0Fr4UxDTGOKeaTMkCqDSA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=y0Fr4UxDTGOKeaTMkCqDSA

43 B
720 B

106ms
105ms

Image
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=y0Fr4UxDTGOKeaTMkCqDSA

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

HTTP/1.1

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M24A4GS28AB1N2AXKK1D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=y0Fr4UxDTGOKeaTMkCqDSA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEE8
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjE1YTM3ZGFmNTY0ZjBhNzllMzBjY2MxYWJjNDExMTBlOWNhYzJlNg

170 B
188 B

143ms
143ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjE1YTM3ZGFmNTY0ZjBhNzllMzBjY2MxYWJjNDExMTBlOWNhYzJlNg

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjE1YTM3ZGFmNTY0ZjBhNzllMzBjY2MxYWJjNDExMTBlOWNhYzJlNg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AEE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRvB9kcFBzw213Sf8mVqLA&google_cver=1

0
239 B

43ms
11ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRvB9kcFBzw213Sf8mVqLA&google_cver=1
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIRvB9kcFBzw213Sf8mVqLA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AEE8
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/jvOb4e3uGb2Oz12mrKgCWsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hTkdU4hE2oLmPeOYjsdz.mwiQ1XfHlvKK3V2ig--~A

0
239 B

12ms
12ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hTkdU4hE2oLmPeOYjsdz.mwiQ1XfHlvKK3V2ig--~A
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hTkdU4hE2oLmPeOYjsdz.mwiQ1XfHlvKK3V2ig--~A
content-length: 0

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 9C6E 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=466652548&adf=2529329910&w=336&fwrn=4&fwrnh=100&lmt=1671476215&rafmt=1&format=336x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&host=ca-host-pub-5506057612223327&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215212&bpp=2&bdt=635&idt=361&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=944&ady=1288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TNgTY2CXeX&p=https%3A//9to5google.com&dtd=365
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 09:20:57 GMT
x-content-type-options: nosniff
server: cafe
age: 34559
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
expires: Tue, 20 Dec 2022 09:20:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A1B 0
0 58ms
58ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLJ9BdzSxMBiillyFi1R4fNcHR5ZQfrC9QDSTLzPJKMEhMuzmHyLAGeranaNaIGirJJYD2SHTsUwS8wrqNTt5ySf2vkRmMuSUOJA2JL8kFEoLByr6OFeHos9hIDvdDwDjIPWPS45nR_Qf6MidrMG9f1bixSfN36GxXvxg7m738h4WJRelktL9LFE_vCgqqj2W1dnrwFKoL7swie9jt3_1KajMnhddrgtsNZdlLGCDVFxy92cQ5jHScM1wHtrFJ5QbFzOTJdJBxNtJKV74ExaAt8Jhv-vhVypYJCVV_tmUoUkK3T9dZbnnh1LMu1zxD3qYnBLK6ULMTKk9pezmh0vp17zqFqZPD8bV2cN7lkvlWKK9R-Q&sai=AMfl-YT9HwSXHuSkw_N5t6-tso694Pn1JkF_AqVyPee3PWpf0EgiYdvWtkizM2MXeS9RhF09FG2-tau92hLZSxwS8Cy5rNn8zFhfE1U4FNT_wKL48ZYwKjh1pVu5DNgf1hDj&sig=Cg0ArKJSzHtNFE8OrP8REAE&uach_m=[UACH]&adurl=

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6A1B 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6A1B 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 16:57:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6A1B 0
0 51ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWYuDVNWeZJWE0UAxWX0T7ViEOW62VKWVYReRjPubpHlMCVyuQ3xtQtETcKUtkkFeHxFjG
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A1B 153 KB
47 KB 68ms
67ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H3 200 1716525162955997834
tpc.googlesyndication.com/simgad/ Frame 6A1B 85 KB
85 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1716525162955997834

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba9dcefe6101007bf3517f82ac805d93f76e4cde35a5d04285294323e34b051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 19:57:54 GMT
x-content-type-options: nosniff
age: 514742
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87450
x-xss-protection: 0
last-modified: Thu, 01 Feb 2018 18:09:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Dec 2023 19:57:54 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9C6E 28 KB
28 KB 24ms
23ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 425934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:38:02 GMT

GET
DATA 200
OK truncated
/ Frame 6A1B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e24e98a2bcddd626aa2c09bdd60195eadeffa828586c2af865785781a44cda39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EAE5 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 16:57:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame EAE5 18 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EAE5 0
0 25ms
17ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeRMLiXK0VmixH3YIGZDFpNUOURdjeQN3Mka3Z5j-PL1_8bJOd57Edv7NDq96pImcD8KUDJd-P3x-1c94CeYFlWLYAOg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAE5 153 KB
47 KB 83ms
83ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 5D38 221 KB
61 KB 52ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Dec 2022 13:03:38 GMT
age: 366798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 15 Dec 2023 13:03:38 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5D38 14 KB
5 KB 63ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Dec 2022 00:07:13 GMT
age: 154183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 18 Dec 2023 00:07:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5D38 94 KB
28 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 19 Dec 2022 03:15:31 GMT
age: 56485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 03:15:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5D38 5 KB
2 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Dec 2022 13:38:30 GMT
age: 105506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 18 Dec 2023 13:38:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5D38 40 KB
13 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 18 Dec 2022 13:46:16 GMT
age: 105040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 18 Dec 2023 13:46:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5D38 8 KB
895 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:46:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5D38 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 49742
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 20 Dec 2022 05:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5D38 295 B
319 B 11ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 32653
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 20 Dec 2022 09:52:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5D38 0
0 38ms
18ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC9c8ARYZS-BMhQrmcS2I-c5xn_j7-pTIIpd-FuisLWocqoQTl2U-LI7gPJFAwifYp9hoc
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5D38 0
0 68ms
67ms Image
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUT33-LOgY9nXAomlgAf79YaoDvOyxudtsryx5JAR2tkeEAEgzc_9HWCVgoCAuAegAd-n2vkCyAEJ4AIAqAMByAMKqgSNAk_QfF82qJ5vLbd7tsBxFR6dqy-h9Uh974gSzrgrCsAITa-ikC5-TjEG3ClfkYIexg8oWzC4QC7L7J_PoXAgJ5tYQ7fH_OREgiHY75RRG4DMMvBKnv86ty6d12RE4OpMfB9lX3k2f4t9cGaw_ogEPV8pE3s3je-ptDPmVDjBK_SPz0trLgQ1S2cMV9_4Ow1RnLFYLJOOhv96QG0NcjhYP-rvOXO6x55gnRkeGjDbegHELEZqVz4jP20ac2_j-qUEFqF6Gdnji1EMox0G9D2DFy1AOfpyVTVOZ4qWyd1gXvb1UaQUxZkSb21r7EtGFbFAyPBW2ly1HqDNGptStRzTCztvky4HlsxV7pcNKrf2wATroITclwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHidilhgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCm4Q7SCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0wOTkzMDI1NjIzMTE2MzI1GLfBCA&sigh=AQifr0S96-k&uach_m=[UACH]&cid=CAQSOwDq26N98XhSBuPV3npCXdMkIiS2FBxJ9orAUxOYurQu4G0ucpncppGcOf52Luf1yCMqWrUrXqM2uniUGAEgEw&template_id=5000
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EAE5 0
0 59ms
59ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZYA097OgY-HSOsCSiM0P7K6T2AjJntKxXPXqoYaIAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NzEwODc0NjY2MDMxNjQ4yAEJqQIOq2M6ycuxPqgDAaoE6QFP0NvDCcUtDHPqM4-8i2CD8TOHnHnc0G1iTldfgf07VCIKNbCcNpIE9lGpHvXDEH1ldTexz2rskEOLJVPEJvuQgxicW4Y_Ltx_yQ0-aaz-c-GMnuzFJ6-tqeC-y38FGl7UbX67IPz43Pjkk-SB_z2djV0Jh3u7pBcFFwo7Hq8d23-Ij82LECqbkZpskM9K93xj-9T7UdEMMSFOzK149nMU4mDWu5RQRYOf0KQMP5mzGbe2Mxrv9GYFYrJzoC0k8vOvKTgi-BOVbP7CU1RYHsgdTs2SmwFWumbLnFNR71KhYSB2e2mpJ0B8T4AGrYWer8P_t94noAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NzEwODc0NjY2MDMxNjQ4GAA&sigh=_dnddaEuOV0&uach_m=[UACH]&cid=CAQSOwDq26N9iLlR3F0RS9O4T5qYjnNuMtgc8M6lyIJQa7sVJsj4H0NlA-2dCvFnSU2Pl8sUtxBcknM81r-1GAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 18:56:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame EAE5 0
0 73ms
23ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLiwFcz6RO4FmAKdg2ICAgAAADqWX1neF6WiEPezoGMHrSInTtd_y-oebgASAAA&wp=Y6Cz9wAOqWEDoglAAATXbHFq5wim96H_an0Zfw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 212951
content-length: 0

GET
H2 200 afr.php
ads.eu.criteo.com/delivery/r/ Frame EBB4 160 KB
0 144ms
105ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Cz9wAOqWEDoglAAATXbHFq5wim96H_an0Zfw&u=%7Ct8IM4boGToc%2FWZy0lCMtUvrj7Ou1rV83ymx1jVqqD9w%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sYvPAi6t_FNE10WDbUTJ-LA_1iQInZ-Oc8qx5k7yIph0sWQFFnOia1qwLrg48_FWuPQvRyL8RHCfdnA_p_y0b8xcBdtbSZoObPRYsmSz54TA-1WxdfhH8W75d-CLJixfMIa5NzhQ9X4r0S6sIL3w7wM5irMoR8ua8oBcN8-2oPPV9HAVNC7KgQGylVHo9uQf1asA6ET0skTFWheLe1sX0hPZg7jp_6YHhn2-sfwFboEFr5Ns_9VYd-ud2vKs882bV9-4mPzqQ1XnFg4Ppz99eBAJ4F0G2cAmng_ol5PEaabRHwMnQ3q45o2PJ8XPsdg1b4Bf8pLjTMEXdkNOJpboMch639mF3Fs_4dB22cWIbPEev6YIFlpECm7cdgek6ey5IV80lsQhmAooROczt5bKQaWjblgcqLTt1OJ1rmGPZ1zVMJYFmEjEClt3fxqUur2sKesnj38yko2rOXbIZcS0ZwbXqI-w_TkSl-Xtsa5nVD4yiedm8YP85_zCNlgz3DZXjwgJEYrtNpjC2EghFjDrD3t3LGg5SwtfmP8MQpys1n-Y8os2VJkWH4gf2fi2Hd7bqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCegOq97OgY-HSOsCSiM0P7K6T2AjJntKxXPXqoYaIAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NzEwODc0NjY2MDMxNjQ4yAEJqQIOq2M6ycuxPqgDAaoE7AFP0NvDCcUtDHPqM4-8i2CD8TOHnHnc0G1iTldfgf07VCIKNbCcNpIE9lGpHvXDEH1ldTexz2rskEOLJVPEJvuQgxicW4Y_Ltx_yQ0-aaz-c-GMnuzFJ6-tqeC-y38FGl7UbX67IPz43Pjkk-SB_z2djV0Jh3u7pBcFFwo7Hq8d23-Ij82LECqbkZpskM9K93xj-9T7UdEMMSFOzK149nMU4mDWu5RQRYOf0KQMP5mzGbe2Mxrv9GYFYrJzoC0k8vOvKThg-jIH63FeQOvECmvNc2tqkhVcDGzlhNHlJ28Hk59oV3EsjcRv8LiE64AGrYWer8P_t94noAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3LQdnxOe-4PpdpcU9t_prFegDuxw%26client%3Dca-pub-4710874666031648%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cEs3GZCamUDunZ9D_ZIvdo559K_68VAzJekrolagQwQScx7-ASLQsmvwknlM45aO8FlQ6UxuZNTLBWHpAqUg-dW__Ldq60KM9QUy7s4dVFXAqropz0r7wy-GL7HGy1It4xshV_1JGCE64T4fb5YcV3ooP2GCPR8GlOyDp5pi4ZiHnCSCajPmZIu2InnDl-U-UFr4fixO1ame3ci2JoTrqp6poO5NBI0-ZT0vMwwEbxCabkX0Tp5aKRoPe9ddR2Rkz99Urevii7BNd3e8"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 89155241
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9638 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Tue, 20 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14186587267825005275/ Frame 5D38 23 KB
23 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14186587267825005275/14763004658117789537?w=600&h=314

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

648c11cf4f2c07dcf135d9f452ad326c14c9369c6b25c8ab5383832e2cae14f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 13:27:34 GMT
x-content-type-options: nosniff
age: 106162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23606
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 16:42:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 13:27:34 GMT

GET
DATA 200
OK truncated
/ Frame 5D38 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5D38 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5D38 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c960b90a9b3bce2ca7ad74bef03b443732b397b256f8ef06469b985bfefd39f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8778 36 KB
16 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5D38 28 KB
28 KB 23ms
22ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9to5google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 425934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:38:02 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E659 16 KB
6 KB 10ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=32821
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Tue, 20 Dec 2022 04:03:57 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.spotim.market/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2643881268435628356

0
383 B

292ms
144ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=271858&extuid=2643881268435628356
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Adtelligent
Etag: 539fd319b76c4347
Content-Length: 0

Redirect headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e9f5e655-21cd-4bcb-8759-a667d4f2fea3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.spotim.market/csync?t=a&ep=271858&extuid=2643881268435628356
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=211945
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=e8e87c6d-7fce-11ed-a673-199e6d820306

0
589 B

13ms
13ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=e8e87c6d-7fce-11ed-a673-199e6d820306
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 120
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?source=211945&__user_check__=1&sync_id=e8e87c6d-7fce-11ed-a673-199e6d820306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 78
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

csync
sync.spotim.market/
Redirect Chain

https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-1UPkuj1E2uErlz1dhE9fCwtfpPqhVOzy~A

0
400 B

106ms
33ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-1UPkuj1E2uErlz1dhE9fCwtfpPqhVOzy~A
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Adtelligent
Etag: 539fd319b76c4347
Content-Length: 0

Redirect headers

location: https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-1UPkuj1E2uErlz1dhE9fCwtfpPqhVOzy~A
date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

/
sync.spotim.market/csync/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=e8e8e766-7fce...
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=e8e8e712-7fce-11ed-9376-15758c630406

0
400 B

100ms
35ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync/?t=a&ep=301276&extuid=e8e8e712-7fce-11ed-9376-15758c630406
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Adtelligent
Etag: 539fd319b76c4347
Content-Length: 0

Redirect headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync.spotim.market/csync/?t=a&ep=301276&extuid=e8e8e712-7fce-11ed-9376-15758c630406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 132
Connection: keep-alive
Content-Length: 0

GET
H2 451 710530.gif
di.rlcdn.com/ 0
98 B 71ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/710530.gif
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A1B 0
0 97ms
54ms Fetch
image/gif 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJQZN1zGlRGuF9BAUJO5Q8FZLtTgA313AbG28x_EY7EYB-0Gi7fzM8AHqDWkIGykQq4TqFrlbN-2kyTyMpeWu70JeyDlWLiLMPOo1rC1qcbJJ5-IUUKcFCJQ0GHEKAVOK2VS1FD2NDAtpR-bs4qo6mIa4zIKK9NubyyfiO6aUTgHLC2EvRB2lwQPytgMSpel9hhrRCHkYP9eDcXvxfsivwSQisV7evJIwbTAWdXNGI0WbX42baeJwZnh20klIK0hBqqFa7UT5RWJJeI8b6JTrgEZajAlP3iDG4-ocW6uc_1iiZjn_IaOaFFz_7ur5iLAvJjxgxEB36J9GeI-PCmgIgLUuWgd6L1w&sai=AMfl-YTkNSoN_UAcVpiFQOdlAnoDvUCa0kaqvuTk4kKP8b96Sfq7pkiDRdBr7E_OQphdy4y2RnR1awoGRX2JHazaPE_gGAdFcQpftL3mJcjsOnmPYgQIQoiN5_d4rvkucolr&sig=Cg0ArKJSzJanbMRiIP2VEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H2 200 ad-choises.png
publisher-assets.spot.im/yad/ 4 KB
5 KB 24ms
7ms Image
image/png 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://publisher-assets.spot.im/yad/ad-choises.png
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 01:47:08 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jul 2018 15:08:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 61789
etag: "643378ef8a85df26380de21f9beb58ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4550
x-amz-cf-id: H-cb0wq7vdeB5Sq-QOPJ-FezKoLgL4kJVOJacbcbH1vE0MRRkN0cvw==

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9638
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBoOtnz4POW_Yei4cDA8c_g&google_cver=1&google_push=AavPq0Mr0i6TicDOeZRww4yzvItpaI7tcCOrrpa0NvszAmXaMtCbN7GySW-G5iHbGrb-96WIcQnYV8QoYn7bDG2kkniiFa2BL47ocQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk5NjU4NTkwMjQ1OTQ2NjEyMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHXKIKEgqIbdWmhxJcVflp8&google_cver=1

43 B
398 B

19ms
19ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHXKIKEgqIbdWmhxJcVflp8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:55 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHXKIKEgqIbdWmhxJcVflp8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9638 70 B
264 B 35ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECnqJkIf1MpdmjT8VA2PJgM&google_cver=1&google_push=AavPq0PsUKbMo1rhUnD9HuyEMHj230ylbgTlBZAOzLMWNTY1GkIPumANNhkJ6KivA1hxhJrAVxHiWrsBE8U6R-EJ3dyp8921shPD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9638
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED6Q3YXgmWZo-qOPR2-9DGM&google_cver=1&google_push=AavPq0NlNXZv6w-sWcVk7peBUwtwFZjgdDJKd6Calv5mCJW-fPpEStFTqOrrveukm9XWmE-vIaYiQBDEgCbtefuCutmNC4c...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NlNXZv6w-sWcVk7peBUwtwFZjgdDJKd6Calv5mCJW-fPpEStFTqOrrveukm9XWmE-vIaYiQBDEgCbtefuCutmNC4coyfWDeQ&google_hm=eS1YYXViVE5oRTJwSGhS...

170 B
188 B

142ms
142ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NlNXZv6w-sWcVk7peBUwtwFZjgdDJKd6Calv5mCJW-fPpEStFTqOrrveukm9XWmE-vIaYiQBDEgCbtefuCutmNC4coyfWDeQ&google_hm=eS1YYXViVE5oRTJwSGhSMlFuYmh2bHVWMjFnOEp6RkRFcH5B

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NlNXZv6w-sWcVk7peBUwtwFZjgdDJKd6Calv5mCJW-fPpEStFTqOrrveukm9XWmE-vIaYiQBDEgCbtefuCutmNC4coyfWDeQ&google_hm=eS1YYXViVE5oRTJwSGhSMlFuYmh2bHVWMjFnOEp6RkRFcH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9638
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKUFo83-7RunzM2UPie9WK8&google_cver=1&google_push=AavPq0O1qiKYWAJQAEucrERVL-_qkeOgp6rj1rQJQj0FMhiISrKys_vFZVA8QNEcDNVnQVTPCb1tXTPq...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NjUyNDI3ODA1NzE1NjI1Ng&google_push=AavPq0O1qiKYWAJQAEucrERVL-_qkeOgp6rj1rQJQj0FMhiISrKys_vFZVA8QNEcDNVnQVTPCb1tXT...

170 B
188 B

142ms
141ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NjUyNDI3ODA1NzE1NjI1Ng&google_push=AavPq0O1qiKYWAJQAEucrERVL-_qkeOgp6rj1rQJQj0FMhiISrKys_vFZVA8QNEcDNVnQVTPCb1tXTPqQh2DCur6HAoQz-kQtHxY5w

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA0NjUyNDI3ODA1NzE1NjI1Ng&google_push=AavPq0O1qiKYWAJQAEucrERVL-_qkeOgp6rj1rQJQj0FMhiISrKys_vFZVA8QNEcDNVnQVTPCb1tXTPqQh2DCur6HAoQz-kQtHxY5w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9638 43 B
350 B 75ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFsbWOQNV_l87njiden08z8&google_cver=1&google_push=AavPq0NmLWKYuZLVRGxa6GR7ComybDL5xscu4kysraGZqSCmt1M5livcAnePiONYo38zH9WRowyGhlFb4wCEF0SkSWwl3Dy0jFnRqA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n8cjtrh46u3c042kaotd36mnsor4vs7a

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9638
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDgGPD65r7Jghgcd8xeK66w&google_cver=1&google_push=AavPq0PHkk4EIes1AbTpNwpogCfUMNwv4l4y8VrvBLCISYmFhp5rseGHlaWD95f2YoqxuXAyu1_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==&google_push=AavPq0PHkk4EIes1AbTpNwpogCfUMNwv4l4y8VrvBLCISYmFhp5rseGHlaWD95f2YoqxuXAyu1_g1vrZ0zF5do3sWzK5bvSHS665GQ

170 B
188 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==&google_push=AavPq0PHkk4EIes1AbTpNwpogCfUMNwv4l4y8VrvBLCISYmFhp5rseGHlaWD95f2YoqxuXAyu1_g1vrZ0zF5do3sWzK5bvSHS665GQ

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWNVM2NUstMUgtQ09XMw==&google_push=AavPq0PHkk4EIes1AbTpNwpogCfUMNwv4l4y8VrvBLCISYmFhp5rseGHlaWD95f2YoqxuXAyu1_g1vrZ0zF5do3sWzK5bvSHS665GQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 9638 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9638 0
12 B 73ms
72ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTaTrJhW8FqOI2uRURKvQAof3kOioq4fmncseyhTk9QkAQyqtReaZvX-z1eILTtpda_faNxg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame BBCD 12 KB
5 KB 68ms
7ms Script
application/javascript 2600:9000:206f:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by: Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:12:01 GMT
content-encoding: br
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-version-id: zOexu8ImXfu9US6ZMH6htYdwGWNs1uWh
last-modified: Tue, 06 Sep 2022 10:54:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2696
etag: W/"8ad2beee52c2abad4a49b927b72d3048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id: LSA_i-Hw3YhvQI5xMy2gVCQ6AvJMYQEb5j_ibryO5-KijqcZ5ML-Vw==

GET
H2 200 hb_270443_15693.js Show response
player.spotim.market/prebidlink/464298/ Frame BBCD 402 KB
121 KB 42ms
7ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.spotim.market/prebidlink/464298/hb_270443_15693.js
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: fdae10efea5b8c813a5bc81f17ea34d979d463281128b470f811c0532df8d92b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 21 Dec 2022 18:56:56 GMT
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 08:58:40 GMT
server: nginx
etag: W/"63999040-64791"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BBCD 80 KB
27 KB 66ms
66ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1425 / 222 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H2 200 wrapper_hb_270443_15693.js Show response
player.spotim.market/prebidlink/464298/ Frame BBCD 2 KB
1020 B 59ms
24ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.spotim.market/prebidlink/464298/wrapper_hb_270443_15693.js
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0705e68b0d683a47860f704a7f77ad5270c61e6d8295b9867fd72c872453833d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 21 Dec 2022 18:56:56 GMT
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 10:12:03 GMT
server: nginx
etag: W/"63a038f3-681"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ Frame EAE5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1827eefb3df44cc5e7eebca0a9ab007c087d448dd622f0e4f6a5a70ef27c785d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EBB4 2 KB
1 KB 68ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Cz9wAOqWEDoglAAATXbHFq5wim96H_an0Zfw&u=%7Ct8IM4boGToc%2FWZy0lCMtUvrj7Ou1rV83ymx1jVqqD9w%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sYvPAi6t_FNE10WDbUTJ-LA_1iQInZ-Oc8qx5k7yIph0sWQFFnOia1qwLrg48_FWuPQvRyL8RHCfdnA_p_y0b8xcBdtbSZoObPRYsmSz54TA-1WxdfhH8W75d-CLJixfMIa5NzhQ9X4r0S6sIL3w7wM5irMoR8ua8oBcN8-2oPPV9HAVNC7KgQGylVHo9uQf1asA6ET0skTFWheLe1sX0hPZg7jp_6YHhn2-sfwFboEFr5Ns_9VYd-ud2vKs882bV9-4mPzqQ1XnFg4Ppz99eBAJ4F0G2cAmng_ol5PEaabRHwMnQ3q45o2PJ8XPsdg1b4Bf8pLjTMEXdkNOJpboMch639mF3Fs_4dB22cWIbPEev6YIFlpECm7cdgek6ey5IV80lsQhmAooROczt5bKQaWjblgcqLTt1OJ1rmGPZ1zVMJYFmEjEClt3fxqUur2sKesnj38yko2rOXbIZcS0ZwbXqI-w_TkSl-Xtsa5nVD4yiedm8YP85_zCNlgz3DZXjwgJEYrtNpjC2EghFjDrD3t3LGg5SwtfmP8MQpys1n-Y8os2VJkWH4gf2fi2Hd7bqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCegOq97OgY-HSOsCSiM0P7K6T2AjJntKxXPXqoYaIAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NzEwODc0NjY2MDMxNjQ4yAEJqQIOq2M6ycuxPqgDAaoE7AFP0NvDCcUtDHPqM4-8i2CD8TOHnHnc0G1iTldfgf07VCIKNbCcNpIE9lGpHvXDEH1ldTexz2rskEOLJVPEJvuQgxicW4Y_Ltx_yQ0-aaz-c-GMnuzFJ6-tqeC-y38FGl7UbX67IPz43Pjkk-SB_z2djV0Jh3u7pBcFFwo7Hq8d23-Ij82LECqbkZpskM9K93xj-9T7UdEMMSFOzK149nMU4mDWu5RQRYOf0KQMP5mzGbe2Mxrv9GYFYrJzoC0k8vOvKThg-jIH63FeQOvECmvNc2tqkhVcDGzlhNHlJ28Hk59oV3EsjcRv8LiE64AGrYWer8P_t94noAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3LQdnxOe-4PpdpcU9t_prFegDuxw%26client%3Dca-pub-4710874666031648%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 18:56:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame EBB4 2 KB
1 KB 65ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 18:56:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EBB4 308 B
636 B 38ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 14 Dec 2023 18:56:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame EBB4 293 B
621 B 36ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 14 Dec 2023 18:56:56 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame EBB4 43 B
348 B 100ms
28ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=cey_kuKAD6N6Ce_WFuSZ-z5x6QWm99G2tGuyC-OTcXjG3XCPEQh7B8OP71cokAE20AlhO45awc5yJRjKnBc1O7uLTvBXfls27dbxW5AYVBZsn3dC_PKzlEu6k9a_eNG66o5GEvwBPuRm7xGnCMSHScRgaW8iN89LX55HDxtyVLITTT9nryq4yL-CsB8addHDSKq-l_ptwQrnXa5kO3gaLZVHm0EFIRN6qkKCBLgNrGB3XQybkBVFNxGpWlj60Sv1X7Dt5bem-jr7Dgt8zlOPM4J7Shgf3CMe6EYU5g8VH0I6kwcoUWQKqgLlLaHNMy9hT8287jwUFRKZqw0XBHgeH0E_tI2KyNFaTg6vysgS73bMPppw0FVq52_AYY8uHoFCanoljzfvA2xCTQk6pbUzOE20yjKqPVvei2Q1r3B-mlpws7Oe5cKHCxYsny2bafetDd7qKA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2875742
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5D38 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 05:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 49742
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 20 Dec 2022 05:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5D38 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 32653
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 20 Dec 2022 09:52:43 GMT

GET
H2 200 hbw_master_270443_15693.js Show response
player.spotim.market/prebidlink/19345/ Frame BBCD 92 KB
32 KB 7ms
7ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.spotim.market/prebidlink/19345/hbw_master_270443_15693.js
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/464298/wrapper_hb_270443_15693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 532aa449facfa11f75e5f6752b222ec103a49cf14cc02767a9756da24a269c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 21 Dec 2022 18:56:56 GMT
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 10:12:03 GMT
server: nginx
etag: W/"63a038f3-16ed7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame BBCD 443 KB
150 KB 8ms
8ms Script
text/javascript 2600:9000:206f:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80bc818ec50809bc30e39f4944bc7b4919371a2bb49babb6f9a803bf1d52656d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:12:01 GMT
content-encoding: br
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-version-id: koLWZSgK_lvy8ZwHCO8lfCI5ZTXJZbdN
last-modified: Mon, 19 Dec 2022 17:42:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2696
etag: W/"453a73a9d1b1f0f6d733bb446a8f6966"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: WpGInqs2zwjKFdf5-TYtZdos4Yc1fmD2BC_4HggxZP58ZIMGAw4xdA==

GET
H3 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BBCD 380 KB
129 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Dec 2023 15:08:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame BBCD 162 B
116 B 53ms
52ms XHR
application/json 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=9to5google.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d320910eb20c3179d95a6110f64c2eb0c949b1cb0738d841fbe50cf3769aba15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 28 KB
10 KB 125ms
16ms Script
application/javascript 2a02:26f0:f700:2a0::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by: Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v21.10.4/ads/ads.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 737ceee65416e47d5edb3665cd3f2c89716a689ea2a53ce59d334a2a9191c3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsVqD5zwxTScUKcR0dmEH2aMp5J4QQ4bhvqtGUXzHIqCvpZAiS_Sji4I1UZg-pdU1BvCzGpr_Ty1Aisn9GFJ5FD7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 10000
last-modified: Tue, 13 Dec 2022 08:13:32 GMT
server: UploadServer
etag: "fa614ee9774436904aab1698d4b577f2"
vary: Accept-Encoding
x-goog-generation: 1670919212609787
x-goog-hash: crc32c=l1Oj2w==, md5=+mFO6XdENpBKqxaY1LV38g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 10000
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 19 Dec 2022 19:06:56 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 336ms
92ms Image
text/plain 3.224.190.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=5f32b7c30da21b38b02cac99&e=playerLoaded&cb=1671476216765&r=https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.190.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-190-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EBB4 12 KB
5 KB 54ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 345943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCeuAlKI7Yq0qPoqYhExprvLP3puBLzecESzGaTwRNuLLMU2E600UJp6nDk4GMzXBw6MOqs2du1YSULLOOx%2FyyX4Cx3NstyzCUIPV8hN4zM8Bas4Q8GCHFSEQPV%2B2pH%2BLvYxSTkb%2BHspfr5LsNvBSyW3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77c25c7319d59158-FRA
expires: Sat, 09 Dec 2023 18:56:56 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame BBCD 178 KB
45 KB 9ms
8ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/19345/hbw_master_270443_15693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:38:32 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 1105
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: UAtwRpQhe-lu0VR8JuT1CGZ-4aABibaeKh9rXhq5dqnlT35y5i42HA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame BBCD 443 KB
150 KB 10ms
9ms Script
text/javascript 2600:9000:206f:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/19345/hbw_master_270443_15693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 086142ce519bef56a9e6f1eb072c674727ff0bf0518eedc3dd85ffc796d82dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:12:01 GMT
content-encoding: br
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-version-id: c3O2YXSXO9m8TiTbkJ1wvCTXvImRdmhR
last-modified: Mon, 19 Dec 2022 17:42:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2696
etag: W/"cb6e8883bef5de05aee301245002431b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: xTayYu_DQelvPXoEG_vuKrGn-ieufJyf5h4dKNa0rj4oyaJOnLW83A==

GET
H/1.1 200
OK / Show response
ghb.spotim.market/geo/ Frame BBCD 134 B
404 B 201ms
18ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.spotim.market/geo/
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/19345/hbw_master_270443_15693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 660c21b5a53adcf2846c16bac3e07831e9e931d89049d7c67ff308b25a5f1dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://9to5google.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 134

GET
H/1.1 200
OK tracking Show response
ghb.spotim.market/adunit/ Frame BBCD 43 B
305 B 201ms
19ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=15693&pbjsv=v6.25.4&full_page_url=https%3A%2F%2F9to5google.com&adid=v5s73g.ys&features=81952&vpbv=N108&tte=246&lifecycle_tte=285
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/19345/hbw_master_270443_15693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://9to5google.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 j.html Show response
p.deliveryapis.com/prebidlink/19345/ Frame B1C7 1 KB
888 B 125ms
8ms Document
text/html 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.deliveryapis.com/prebidlink/19345/j.html?i=11597
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=172800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 18:56:56 GMT
etag: W/"620bee41-43d"
expires: Wed, 21 Dec 2022 18:56:56 GMT
last-modified: Tue, 15 Feb 2022 18:17:37 GMT
server: nginx

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279896/ Frame BBCD 2 KB
1 KB 70ms
7ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2F9to5google.com
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/464298/hb_270443_15693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a8908db9d761ede163b76f88fe9bf855a1b8fd41d6b2e52c49fa06714d5e2f1

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

expires: Wed, 21 Dec 2022 18:56:56 GMT
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 12:01:10 GMT
server: nginx
etag: W/"63a05286-846"
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame BBCD 761 B
1 KB 8ms
8ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F9to5google.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e617dd94a93607ffbb8b53daab21e48935f78c14d3ff290be6d7ef651220ddca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 17:48:00 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 4136
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://9to5google.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 761
x-amz-cf-id: 2U9chjI7qDhk62btJh1hck5Df2rIi2hrTxT7g9UH5oJsbiehEf_pMg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame BBCD 23 B
460 B 100ms
99ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&pid=I1IgiZOVKKWVo&cb=0&ws=336x280&v=22.1212.1511&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1653402847318-0%22%2C%22s%22%3A%5B%22320x250%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F39694909%2F%2C1049447DBV%2FDBV-9to5google%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_bsinqXFT%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: BYNBWVP7QATDE8W8PTGD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://9to5google.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: b9VvyI1wvebw-MaFabUSL-KzHmABcg49x4Jy_Yc_JEW4FY88YIbIAw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BBCD 6 KB
3 KB 8ms
7ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
date: Mon, 19 Dec 2022 03:08:40 GMT
x-amz-cf-pop: FRA56-C2
age: 58105
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: FFYkrB9o-Kyn2ZnYESQFkO4LLvd9npvt-t8WarJ3QfaX59vaYQv7HA==

GET
H3 200 css
fonts.googleapis.com/ Frame EBB4 4 KB
655 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CRoboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1156f689ab71b8caaeee48f1cbd51a0cd23b09971245125bb1682c25747740c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 18:56:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ Frame BBCD 511 KB
138 KB 183ms
143ms Script
text/javascript 2606:4700:10::6816:37e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=9to5google.com&ver=1.2

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:37e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ef61c2b1dfe2fcd85125254cd1180da2cb931c64032cf10ddc436f465df7b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=604800
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
cf-ray: 77c25c73cef3bbc2-FRA
expires: Mon, 19 Dec 2022 19:26:57 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame EBB4 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400%7CRoboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:18:08 GMT
x-content-type-options: nosniff
age: 333528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:18:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EBB4 15 KB
15 KB 19ms
19ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 429836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:33:00 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame B9D0 427 KB
115 KB 16ms
16ms Script
application/javascript 2a02:26f0:f700:2a0::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsBt6OB0TZ8Wjvwq3Uqfgpb2iNMLCsWccGcAI_3OER8amHZ22esP0YhWmlJ8xVBw3cXJpDIRTHPVuqXS315Oihk2Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 116981
last-modified: Tue, 13 Dec 2022 08:13:32 GMT
server: UploadServer
etag: "cd25de2ec0c4a951c47404fd1d56f1fb"
vary: Accept-Encoding
x-goog-generation: 1670919212449657
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Uhd+iA==, md5=zSXeLsDEqVHEdAT9HVbx+w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 116981
accept-ranges: bytes
expires: Mon, 19 Dec 2022 19:06:56 GMT

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 47 KB
5 KB 685ms
445ms XHR
application/json 54.197.177.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_rVSSRN5u&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=aef0aaac-6a49-4eea-82f3-77170f89f8fb&AV_CDIM5=Zu8i20yajIm50OMDfu-wZPJ3lca-iAkOI6kRiw336B_1XzN_KgRxaIU5cHHzw5BU&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=1049447&AV_CDIM10=v21.10.4&AV_CDIM12=false&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_bsinqXFT%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f32b7c30da21b38b02cac99&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=9to5google.com&AV_DADPOS=3&d36=6.2.68&responsive=1&sver=3&avtoken=216982&omv=1.0.1&clsid=e966c115-23a9-4b82-9c0d-4847eb8bab7a&rando=20&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1671476216984&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.177.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-177-246.compute-1.amazonaws.com
Software: /
Resource Hash: 16e6d2378047a3e52af85af5430cf58aa90836de14c81087771f109a1832bef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 08 Dec 2022 05:10:17 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 116ms
93ms Image
text/plain 3.224.190.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=9to5google.com&sn=&cd1=sp_rVSSRN5u&cd2=Desktop&cd3=pitc&cd4=aef0aaac-6a49-4eea-82f3-77170f89f8fb&cd5=Zu8i20yajIm50OMDfu-wZPJ3lca-iAkOI6kRiw336B_1XzN_KgRxaIU5cHHzw5BU&cd6=stable&cd7=row1-column1&cd9=1049447&cd10=v21.10.4&cd12=false&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.68&apppkg=&fv=3&proto=https&clsid=e966c115-23a9-4b82-9c0d-4847eb8bab7a&rando=20&pid=5e0e296628a061270b21ccab&cid=5f32b7c30da21b38b02cac99&stagid=&stplid=&e=inventory&vi=0&cb=1671476216983
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.190.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-190-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 hbw_master_307825_11597.js Show response
p.deliveryapis.com/prebidlink/y19345/ Frame B1C7 82 KB
28 KB 12ms
11ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.deliveryapis.com/prebidlink/y19345/hbw_master_307825_11597.js
Requested by: Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/19345/j.html?i=11597
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 43461d0b3aef6325ea092c91fe40a03446f7e877ba5c3eeeae1d775e000bb14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.deliveryapis.com/prebidlink/19345/j.html?i=11597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 02:28:31 GMT
server: nginx
etag: W/"63914bcf-148d8"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Wed, 21 Dec 2022 18:56:57 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame BBCD 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9to5google.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BBCD 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9to5google.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BBCD 25 KB
11 KB 348ms
347ms XHR
text/plain 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3787733625994484&correlator=684567363116018&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=39694909%2C%3A1049447DBV%2CDBV-9to5google&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x250%7C300x250%7C336x280&ifi=1&adks=588423895&sfv=1-0-40&prev_scp=pitcSpotId%3Dsp_rVSSRN5u%26source_version%3Dv21.10.4%26topSpotId%3Dsp_rVSSRN5u%26source%3Dpitc%26pageViewId%3Daef0aaac-6a49-4eea-82f3-77170f89f8fb%26isStickyAdUnit%3Dfalse%26slot%3Drow1-column1%26assetGroupId%3Dstable%26amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=5&sc=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&cdm=9to5google.com&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&abxe=1&dt=1671476217031&dlt=1671476216548&idt=294&adxs=300&adys=4449&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=k12r1ax6mn79&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=9to5google.com&loc=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&top=9to5google.com&frm=23&vis=1&psz=336x280&msz=336x250&fws=260&ohw=336&ea=0&ga_vid=1782646198.1671476215&ga_sid=1671476217&ga_hid=90985660&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cda7f8b67ca2c5680ef4fcce9f0c616f5d987b4025709ce39e5d53d8df271f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11713
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BBCD 14 KB
11 KB 72ms
56ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a15dcf6a50f8c291115ab007e9192b9e15a5c194ba622bcde312f51a9756460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11141
x-xss-protection: 0

GET
H2 200 container.html Show response
aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 765A 6 KB
3 KB 100ms
15ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: Tue, 19 Dec 2023 18:56:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK csyncs Show response
ghb.spotim.market/ Frame BBCD 2 KB
743 B 18ms
17ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.spotim.market/csyncs?aid1=730717&aid2=744459&aid3=767137
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/19345/hbw_master_270443_15693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ce2544234969d896b213fea4a0e1d93c1b6476e45a5a2ae66bdfb47ec2768baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://9to5google.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 434

GET
H2 200 hb_307825_11597.js Show response
player.adtelligent.com/prebidlink/ex19346/ Frame B1C7 279 KB
86 KB 25ms
8ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19346/hb_307825_11597.js
Requested by: Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/y19345/hbw_master_307825_11597.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: a852da08427e4508497c2ed1592238052cd7329c11e387df8d904cd9697c5741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.deliveryapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 21 Dec 2022 18:56:57 GMT
date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 02:28:31 GMT
server: nginx
etag: W/"63914bcf-45d56"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ Frame B1C7 134 B
408 B 60ms
17ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/y19345/hbw_master_307825_11597.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 660c21b5a53adcf2846c16bac3e07831e9e931d89049d7c67ff308b25a5f1dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.deliveryapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://p.deliveryapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 134

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ Frame B1C7 43 B
435 B 60ms
18ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11597&full_page_url=https%3A%2F%2F9to5google.com&adid=v5s7a0.es&features=16416&vpbv=N104&lifecycle_tte=218
Requested by: Host: p.deliveryapis.com
URL: https://p.deliveryapis.com/prebidlink/y19345/hbw_master_307825_11597.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://p.deliveryapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:56 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://p.deliveryapis.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame BBCD 0
191 B 54ms
13ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D}&gdpr_consent={&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame BBCD 0
239 B 12ms
11ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr={&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}}&gdpr_consent={&us_privacy={us_privacy}}&us_privacy={}
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame BBCD
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=openweb
https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1671476217118
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5367475200

70 B
264 B

33ms
33ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5367475200
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
etag: RX70ee44649a72406399f3700ac9374a2a003
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5367475200
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1 200
OK csync
sync.spotim.market/ Frame BBCD 0
368 B 154ms
153ms Image
text/plain 62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=734125&extuid=$UID
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:57 GMT
Server: Adtelligent
Etag: 539fd319b76c4347
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3A8A 0
854 B 7ms
7ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
AN-X-Request-Uuid: b528ea79-ca76-4506-8d86-df844226d19e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D33B 0
854 B 7ms
7ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
AN-X-Request-Uuid: 54fbd2eb-ffdf-4572-bc0b-d2bdfa9e650f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame 03EC 22 KB
9 KB 313ms
313ms Document
text/html 2606:4700:10::6816:37e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAX413QP4&fv=1&fy=37&ke=1&suylg=222%2C195%2C213%2C3010%2C367%2C82%2C175%2C3007%2C325%2C306%2C282%2C141%2C108%2C109%2C178%2C159%2C263%2C368%2C97%2C3012%2C38%2C264%2C214%2C203%2C225%2C3014%2C219&yvVbqf=1&uhiXuo=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=9to5google.com&ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:37e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b23bd7d81f3fd69f8035ace07ed9633ce15f6fc12cad8999f8e7411f5192aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=90042
cf-cache-status: DYNAMIC
cf-ray: 77c25c751a48bbc2-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: Tue, 20 Dec 2022 19:57:39 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: cloudflare
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 pxusr.gif
c.aaxads.com/ Frame BBCD 43 B
186 B 41ms
40ms Image
image/gif 2606:4700:10::6816:37e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:37e8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: cloudflare
age: 153719
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=375732
accept-ranges: bytes
cf-ray: 77c25c751a4dbbc2-FRA
content-length: 43
expires: Fri, 30 Dec 2022 14:41:14 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ Frame BBCD 43 B
323 B 118ms
17ms Image
image/gif 104.96.145.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.101 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:57 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=354993
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 23 Dec 2022 21:33:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BBCD 17 KB
6 KB 692ms
692ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 18:56:57 GMT

GET
H/1.1 200
OK log
l3.aaxads.com/ Frame BBCD 35 B
296 B 85ms
16ms Image
image/gif 104.96.148.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=157&dgw=desktop&flg=AAX413QP4&fw=NURNBERG&ff=DE&xjg=4&dss=0&skw=280&slg=8PR6YK195&gq=9to5google.com&vhuyqdph=ssp-serving-54794f6b58-wxzvx&vyu=121511_501_121410_471_ssp&vf=BY&yhuvlrq=4&yk=280&yz=336&yvlg=&ylg=00001671476217113012164937143087&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=156&fhqg=21&hqg=53&gvwduw=21&fvwduw=20&vwduw=21&uhtxuo=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&nzui=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.148.107 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-148-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 19 Dec 2022 18:56:57 GMT

GET
H3 200 container.html Show response
aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37D3 6 KB
3 KB 34ms
11ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: Tue, 19 Dec 2023 18:56:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 37D3 443 KB
150 KB 10ms
10ms Script
text/javascript 2600:9000:206f:1e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80bc818ec50809bc30e39f4944bc7b4919371a2bb49babb6f9a803bf1d52656d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:12:01 GMT
content-encoding: br
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-version-id: koLWZSgK_lvy8ZwHCO8lfCI5ZTXJZbdN
last-modified: Mon, 19 Dec 2022 17:42:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2697
etag: W/"453a73a9d1b1f0f6d733bb446a8f6966"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id: PVXAb6-kVKMEpXp_iDSuIs39LQmPflxBEC0bfX-y6bE1Jv1WBUCEDQ==

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 03EC 35 B
296 B 378ms
315ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3144778175555549000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX413QP4&fv=1&fy=37&ke=1&suylg=222%2C195%2C213%2C3010%2C367%2C82%2C175%2C3007%2C325%2C306%2C282%2C141%2C108%2C109%2C178%2C159%2C263%2C368%2C97%2C3012%2C38%2C264%2C214%2C203%2C225%2C3014%2C219&yvVbqf=1&uhiXuo=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 19 Dec 2022 18:56:57 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 37D3 0
96 B 305ms
99ms XHR
text/plain 54.161.158.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.161.158.114 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-158-114.compute-1.amazonaws.com
Software: nginx/1.20.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 18:56:57 GMT
server: nginx/1.20.1
x-powered-by: Express
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 37D3 0
0 64ms
63ms Fetch
text/html 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJY1U-bOgY8CnBaL5gAf2rJvQBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItNTYxNjA0NjE4NzU0NTAxOcgBCakCDqtjOsnLsT7gAgCoAwGqBO4BT9DiMKivBJERTbIQQRAxe0d_TFOrlXfH1sSxav2iDEV6zLsiidRbHT7rraMYLZzjpqTn6M9YRT24qyOpP0xpLGjZjVet0XJnx8dviHxQlQS6hpcSvV5d1t4LxvnFSU-H-xUwMbYtIJaTgloSK77jHRZ9K12HG6Hql-sXzYr7TrlDrc4cvk6Zwrax_MhREP4CcKDvIOAAV_om_NxDyhGlUqjtqn3J3au8s99srOKwjHrbREaJvYA_JRaEXX6GHeb-DOpCVmrwmKBlqjy1kCuhJEyrFUwis57H-zFanJxG3DZYZEtjQYnUHoB98FvHX-AEAYAGm7CK0rTAksWiAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTYxNjA0NjE4NzU0NTAxORj1zB8&sigh=6JUgdyB2Z60&uach_m=[UACH]&cid=CAQSOwDq26N9IeSWbt1qPq95GnuEhb2tcXK8xeU_m07xe129zjVsFQYvts6oHIrGtPjXaG-CTacCu85YtRoYGAEgEw
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 37D3 0
0 71ms
23ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k-nfFL23ZqwC-gGdg2ICAgAAAHTjTmSgQ-2tvpLkCTxs_lkQ-LOgYzlO_J4s1msPqHUhABIAAA&wp=Y6Cz-QABU8AK4DyiAAbWdrFB9SqHRbNEtnbEFw

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 302308
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3621 51 KB
20 KB 27ms
27ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Cz-QABU8AK4DyiAAbWdrFB9SqHRbNEtnbEFw&u=%7Cty1c20ymhZYgDlhT44ZY038G%2BfOg4mrdA7IFP4RlPlM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVIaZePdi05XJGt40gHhDKgwG0rtMk-frnoTkQgvGRR9m_uCBQ9cYehw7n71dMaMPYFF7_cwogzPkA_P6otxONC6jvELmiRXEB8dh_nLr6ZE5DNSuDSEIQhYI9hr07sMFEcy_3bYnycgjuWAlLN93dCsyDPGb3hHFVY-_Cfmr91wLemz6Ly_BAJaMqJ014j8G_lNFGg0w3kJJ_EfI7MApKCSJw8-UuN79ZLI5aby59pTxmDjhhLUP3vvHY0jKQKQLwZJTbmUPmLnS-lg-ANhDnngsxgfbfngrubRD8HGpw_SDaoHrber3pKzLqmuYGDWbF_MWdOoBYyzSfzJPHo8KxYWZNQ35-Xg8vXahRmjqetaGsYIBgMEtpKU1nKZu7EDy3Xenj90PzDWzu18O0-3cUP4hHFnq2nimPzQPFdHKq75R0yxgZ4Bn_aMnJVLDoE0QnlNlkCo24zhJu-KOZQdmihCtuSQddiD3cXYn4ej3xqqCO4xcg9G-Zc1LvAZ7Mz1i4nfc4GVxsSNhuk55XKD2EiXq15N0hfIbaajTbJCOWdhFXJL7Z7TM30R&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEkgo-bOgY8CnBaL5gAf2rJvQBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItNTYxNjA0NjE4NzU0NTAxOcgBCakCDqtjOsnLsT7gAgCoAwGqBPEBT9DiMKivBJERTbIQQRAxe0d_TFOrlXfH1sSxav2iDEV6zLsiidRbHT7rraMYLZzjpqTn6M9YRT24qyOpP0xpLGjZjVet0XJnx8dviHxQlQS6hpcSvV5d1t4LxvnFSU-H-xUwMbYtIJaTgloSK77jHRZ9K12HG6Hql-sXzYr7TrlDrc4cvk6Zwrax_MhREP4CcKDvIOAAV_om_NxDyhGlUqjtqn3J3au8s99srOKwjHrbREaJvYA_JRaEXX6GHeb-DOpCVmrwmKAnqB0nF6Q9N_M3Ae_yjjg_8iVQKpZoxLTsrHbFszbKMpj4Wt_U4G5ZTeAEAYAGm7CK0rTAksWiAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MCNhaXeb7qbCLqk2TfYdJMt5Fzw%26client%3Dca-pub-5616046187545019%26adurl%3D

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a782395ad2b773815f8a537f9596ba274fe0b01b2d69b5d8506643bbccb2899d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mXp6xZCamUDunZ9DqNwX1JKuH1JTpyW-ONpyy8pANzMFNcWJnmHAoY55A9H-hm2TSxYC9oV2ORCgYCT_S79hzwxmSGaoeGdUvjIpEoebuUWE-NTy-Lcj2dUslF5Avq3SsD-hILOvmgZs3vedMlBs3Y8cdNpshlklkeb9RWLEjobc8viuHzNnrdAUs-v9z1JXGn0EkuuEzIr-FAh78-a0hLH1BePKJVhc0gLXAeb5HozL7OvpK7tULq05DVonQt8t8gI_6fCkFRG4o9yt"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 6078937
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 37D3 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 16:57:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9AB3 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Tue, 20 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 37D3 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 37D3 24 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Dec 2023 15:15:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37D3 153 KB
47 KB 58ms
58ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 18:56:57 GMT

GET
DATA 200
OK truncated
/ Frame 37D3 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a94c9b495cb39335b35fa79e8c852ef925530b758db9f328a16a463642f7fc2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9AB3 0
104 B 83ms
31ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGqYbXhmk1fbBNtOAv_247I&google_cver=1&google_push=AavPq0MgKFjGzNQ7bnLOMpq_tpQON1Op532eKGnuSslwZHxW5tJL11AGPIqmRPUWufXgC_P04OS_TGZq1OkXLR3z2Q5KhOh1rCk
Requested by: Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9AB3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAUmuYoHsTKD7wrb3e71dBo&google_cver=1&google_push=AavPq0MKoiskgGHNA3hAZZ-mZhlM8hfwVufeywarsAHSXWoYFVYbc_kP0urle-Z_tc7DbfN4BLrgsXGsi8QYQvxQ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0wZjoLP4SACDhsmxawPbNQ&google_push=AavPq0MKoiskgGHNA3hAZZ-mZhlM8hfwVufeywarsAHSXWoYFVYbc_kP0urle-Z_tc7DbfN4BLrgsXGsi8QYQvxQDO1JpB84...

170 B
188 B

74ms
73ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0wZjoLP4SACDhsmxawPbNQ&google_push=AavPq0MKoiskgGHNA3hAZZ-mZhlM8hfwVufeywarsAHSXWoYFVYbc_kP0urle-Z_tc7DbfN4BLrgsXGsi8QYQvxQDO1JpB84HBtd

Requested by

Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 19 Dec 2022 18:56:57 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x12 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0wZjoLP4SACDhsmxawPbNQ&google_push=AavPq0MKoiskgGHNA3hAZZ-mZhlM8hfwVufeywarsAHSXWoYFVYbc_kP0urle-Z_tc7DbfN4BLrgsXGsi8QYQvxQDO1JpB84HBtd
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 19 Dec 2022 18:56:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9AB3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL2WevKSmKkEdyVOU47Tw2M&google_push=AavPq0MVDMdQe89if3aQI5dnBJKG-gJSHBIj2lDXz6ORGAQmi5lURXe0ey...

170 B
188 B

142ms
141ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL2WevKSmKkEdyVOU47Tw2M&google_push=AavPq0MVDMdQe89if3aQI5dnBJKG-gJSHBIj2lDXz6ORGAQmi5lURXe0eyS2xDFeNrS6JhHkr5rbNLl8z2H0OGhri_AArtt0E44V

Requested by

Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220035-HHN
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671476218.566834,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL2WevKSmKkEdyVOU47Tw2M&google_push=AavPq0MVDMdQe89if3aQI5dnBJKG-gJSHBIj2lDXz6ORGAQmi5lURXe0eyS2xDFeNrS6JhHkr5rbNLl8z2H0OGhri_AArtt0E44V
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9AB3 70 B
264 B 35ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECze-zEDWjB8oZhQnefCEYM&google_cver=1&google_push=AavPq0OOAu68Xj8RwN4JNx_hYpwJACW4PIsQzwGz16liyQJ1ioqMUmWwrU4LbyhAXNqyM3AuKUN8rFHClG3xC0oYATRVY_h9R6pX
Requested by: Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9AB3
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBqrwFdGy-NS3HVVoqJyWms&google_cver=1&google_push=AavPq0O4FwZWDgtmJUUZTiNLpXkYoPiPa8jL8NtmSnI0YOvK4vD67_42wl3eNE1D6c6ptBsvA-7erMk11nLXd0V6...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O4FwZWDgtmJUUZTiNLpXkYoPiPa8jL8NtmSnI0YOvK4vD67_42wl3eNE1D6c6ptBsvA-7erMk11nLXd0V6IJS4_E534OTf

170 B
188 B

144ms
144ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O4FwZWDgtmJUUZTiNLpXkYoPiPa8jL8NtmSnI0YOvK4vD67_42wl3eNE1D6c6ptBsvA-7erMk11nLXd0V6IJS4_E534OTf

Requested by

Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Dec 2022 18:56:57 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0O4FwZWDgtmJUUZTiNLpXkYoPiPa8jL8NtmSnI0YOvK4vD67_42wl3eNE1D6c6ptBsvA-7erMk11nLXd0V6IJS4_E534OTf
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: tGv8e48r1qg11hf1eZXEi8gok0NxO70ddrOFJnFe320HU1LoH28_YQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9AB3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.targeting.unrulymedia.com/csync/RX-70ee4464-9a72-4063-99f3-700ac9374a2a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PdrVLZZn-h_68Tuhua4...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PdrVLZZn-h_68Tuhua4yMarv8D5ayV0j57D-nk8Y_4pdKrmx5MvH0JIsZkmmI1E1A5n4tSwZWwW_Qn_COowsx0nu5c8PI&google_hm=A3DuRGSackBjmfNwCsk3Sio

170 B
188 B

62ms
62ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PdrVLZZn-h_68Tuhua4yMarv8D5ayV0j57D-nk8Y_4pdKrmx5MvH0JIsZkmmI1E1A5n4tSwZWwW_Qn_COowsx0nu5c8PI&google_hm=A3DuRGSackBjmfNwCsk3Sio

Requested by

Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PdrVLZZn-h_68Tuhua4yMarv8D5ayV0j57D-nk8Y_4pdKrmx5MvH0JIsZkmmI1E1A5n4tSwZWwW_Qn_COowsx0nu5c8PI&google_hm=A3DuRGSackBjmfNwCsk3Sio
date: Mon, 19 Dec 2022 18:56:57 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX70ee44649a72406399f3700ac9374a2a003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9AB3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPb5flNtf9UeVoR0t374xh8&google_cver=1&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZTPJnjNBrIGMqAW1PXN4QCnyea27__8sBkhgfXhhRKMGb
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZTPJnjNBrIGMqAW1PXN4QCnyea27__8sBkhgfXhhRKMG...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgxMjg1OTM1Mjk1Njg5MTgxMTQwNg%3D%3D&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZ...

170 B
188 B

142ms
142ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgxMjg1OTM1Mjk1Njg5MTgxMTQwNg%3D%3D&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZTPJnjNBrIGMqAW1PXN4QCnyea27__8sBkhgfXhhRKMGb

Requested by

Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzgxMjg1OTM1Mjk1Njg5MTgxMTQwNg%3D%3D&google_push=AavPq0N4ClafsQr6IUGsqQwdKhkR1ClTC8RbG1Qjkk2iznc1QWGU0-bZTPJnjNBrIGMqAW1PXN4QCnyea27__8sBkhgfXhhRKMGb
date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9AB3 0
12 B 134ms
133ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAgBOYjIGbIx1z_UxVIPWHusnO6SZ0Jzu3ZmR8QeCul6gIhkYpnDwDTLxqKo-rjp5H7zZ3

Requested by

Host: aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
URL: https://aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3621 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6Cz-QABU8AK4DyiAAbWdrFB9SqHRbNEtnbEFw&u=%7Cty1c20ymhZYgDlhT44ZY038G%2BfOg4mrdA7IFP4RlPlM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVIaZePdi05XJGt40gHhDKgwG0rtMk-frnoTkQgvGRR9m_uCBQ9cYehw7n71dMaMPYFF7_cwogzPkA_P6otxONC6jvELmiRXEB8dh_nLr6ZE5DNSuDSEIQhYI9hr07sMFEcy_3bYnycgjuWAlLN93dCsyDPGb3hHFVY-_Cfmr91wLemz6Ly_BAJaMqJ014j8G_lNFGg0w3kJJ_EfI7MApKCSJw8-UuN79ZLI5aby59pTxmDjhhLUP3vvHY0jKQKQLwZJTbmUPmLnS-lg-ANhDnngsxgfbfngrubRD8HGpw_SDaoHrber3pKzLqmuYGDWbF_MWdOoBYyzSfzJPHo8KxYWZNQ35-Xg8vXahRmjqetaGsYIBgMEtpKU1nKZu7EDy3Xenj90PzDWzu18O0-3cUP4hHFnq2nimPzQPFdHKq75R0yxgZ4Bn_aMnJVLDoE0QnlNlkCo24zhJu-KOZQdmihCtuSQddiD3cXYn4ej3xqqCO4xcg9G-Zc1LvAZ7Mz1i4nfc4GVxsSNhuk55XKD2EiXq15N0hfIbaajTbJCOWdhFXJL7Z7TM30R&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEkgo-bOgY8CnBaL5gAf2rJvQBsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItNTYxNjA0NjE4NzU0NTAxOcgBCakCDqtjOsnLsT7gAgCoAwGqBPEBT9DiMKivBJERTbIQQRAxe0d_TFOrlXfH1sSxav2iDEV6zLsiidRbHT7rraMYLZzjpqTn6M9YRT24qyOpP0xpLGjZjVet0XJnx8dviHxQlQS6hpcSvV5d1t4LxvnFSU-H-xUwMbYtIJaTgloSK77jHRZ9K12HG6Hql-sXzYr7TrlDrc4cvk6Zwrax_MhREP4CcKDvIOAAV_om_NxDyhGlUqjtqn3J3au8s99srOKwjHrbREaJvYA_JRaEXX6GHeb-DOpCVmrwmKAnqB0nF6Q9N_M3Ae_yjjg_8iVQKpZoxLTsrHbFszbKMpj4Wt_U4G5ZTeAEAYAGm7CK0rTAksWiAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1MCNhaXeb7qbCLqk2TfYdJMt5Fzw%26client%3Dca-pub-5616046187545019%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 18:56:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3621 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 18:56:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3621 308 B
636 B 21ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 14 Dec 2023 18:56:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3621 293 B
621 B 42ms
41ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 14 Dec 2023 18:56:57 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3621 43 B
348 B 31ms
30ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0SEWT5BS9NqxECJDgx107StxKNFE_CIlDCZF11X9HOFpNN4NW0AY5G9lQvP4PjppP6337WdK0KVV57U8aGxR32ThmozCELn-ejq0PjzgEtvb8QFAcYjhSAYlAzduUTbLDZgjTVTntL4PNXLofjQ8XuMvLUvXHx7m_HdaD7WB35LhAWocR1G2mCQvxtMwqgaZEdLS4dHJ16BIYDAqglhl6WVCB5PQcyCKOLP_7_-V9MV6zrWqM1MqRP_fEdU9F6NJfaXw1OYVPT3tcG7GHO7K73YDyHPzWMsi-9YDU1O_qAV2juUU_AYcz05XC6ObwxFwzquBYyjg9tkHZl_X4jubQ7ats6-vVrTKN418ctt8B-S4Ok_tt3gsdrOkeRk3mQxFTBA0SKPleNl_3JMoTG7_qhtI0dOKcKuqLajFlGEoN-m2aOkT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14833954
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 3c31fdcafb7c4137b6b3de60c0915f51_image_ad_300x250.png
static.criteo.net/design/dt/70777/221011/ Frame 3621 33 KB
33 KB 27ms
27ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/70777/221011/3c31fdcafb7c4137b6b3de60c0915f51_image_ad_300x250.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

44d7102208de8853eab9141b1bf92c3ed7f47a8c23e53313543c7a66cd501b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Oct 2022 14:21:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63457bde-828e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 33422
expires: Thu, 14 Dec 2023 18:56:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3621 0
128 B 64ms
21ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mXp6xZCamUDunZ9DqNwX1JKuH1JTpyW-ONpyy8pANzMFNcWJnmHAoY55A9H-hm2TSxYC9oV2ORCgYCT_S79hzwxmSGaoeGdUvjIpEoebuUWE-NTy-Lcj2dUslF5Avq3SsD-hILOvmgZs3vedMlBs3Y8cdNpshlklkeb9RWLEjobc8viuHzNnrdAUs-v9z1JXGn0EkuuEzIr-FAh78-a0hLH1BePKJVhc0gLXAeb5HozL7OvpK7tULq05DVonQt8t8gI_6fCkFRG4o9yt&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 18:56:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3621 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 18:56:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3621 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Dec 2023 18:56:57 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 9C6E 0
17 B 327ms
116ms Ping
image/gif 2607:f8b0:4009:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lbv5s6nu&c=824137568202&slotId=412068784101&qqid=CPH91ZCuhvwCFTgFewodOXkITA&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7156fe4112f2feb03ce9929e9538bdd6.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4009:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156758/3746/ Frame B9D0 236 KB
73 KB 9ms
9ms Script
application/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156758/3746/pwt.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a1e8cba23260ece864ced2baca8ff08eaf2f6273edd42da74e832236c8b6d0bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 17:21:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=163213
accept-ranges: bytes
content-length: 74334
expires: Wed, 21 Dec 2022 16:17:10 GMT

GET
H2 200 usermatch Show response
ssum.casalemedia.com/ Frame 0AF1 2 KB
1 KB 107ms
35ms Document
text/html 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60234a3d04de673f567614f88e76111211bfd92d3df4c1e5c53ae419c4f8200

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c25c78ef3668f7-FRA
content-encoding: br
content-type: text/html
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSdea1NVdYyYwnanypGukybzaCreurLOV3EyvDXbV6xidyxKg0czQAeMQXoWlqIcL7QxgkUrp7fNnpbxx1%2B2kFVbNbVpE0uApJYnQDCvdg6ZJFf%2FDJPByUw%2FkxE3cX5ku2skcEyn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame DB42
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D2%26key%3D%24S...
https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=2&key=e8e8e712-7fce-11ed-9376-15758c630406

0
38 B

395ms
92ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=2&key=e8e8e712-7fce-11ed-9376-15758c630406
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 19 Dec 2022 18:56:58 GMT

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 19 Dec 2022 18:56:57 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=2&key=e8e8e712-7fce-11ed-9376-15758c630406
Server: nginx
X-fe: 144

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 432F 0
0 13ms
13ms Document
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 4221
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D55%26key%3D%24UID
https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=55&key=2643881268435628356

0
37 B

384ms
93ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=55&key=2643881268435628356
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 19 Dec 2022 18:56:58 GMT

Redirect headers

AN-X-Request-Uuid: d76785a7-4e91-4bbf-8eb3-6e34d99b83a7
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Dec 2022 18:56:57 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=55&key=2643881268435628356
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 53D9 16 KB
6 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=32820
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: Tue, 20 Dec 2022 04:03:57 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 2FC7 0
0 12ms
12ms Document
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Mon, 19 Dec 2022 18:56:57 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8C38
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26bid...
https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=200&key=OPTOUT

0
199 B

391ms
93ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=200&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 19 Dec 2022 18:56:58 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Mon, 19 Dec 2022 18:56:57 GMT
etag: OPTOUT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=200&key=OPTOUT
pragma: no-cache

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 9A83 0
75 B 92ms
21ms Document
text/plain 185.86.137.107
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 19 Dec 2022 18:56:57 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 62E5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

281 B
554 B

17ms
16ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Dec 2022 18:56:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 19 Dec 2022 18:56:57 GMT
location: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server: AkamaiGHost

GET
H3 200 cm Show response
u.openx.net/w/1.0/ Frame 33A1 43 B
75 B 29ms
27ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D23%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame B9D0 174 KB
55 KB 17ms
16ms Script
application/javascript 2a02:26f0:f700:2a0::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu5TPWlxCG8UVlj2K-iBLXDHsN9P8s-2McOJjCvNLd-MNN_-bwhMMP7d9vi6Bh9-5VpCXrQQGjxLHAl1WHJwK0zUQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 55951
last-modified: Tue, 13 Dec 2022 08:13:33 GMT
server: UploadServer
etag: "848612c9b5fc41ff4495ce51cdc24e14"
vary: Accept-Encoding
x-goog-generation: 1670919212995289
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=fdkd8w==, md5=hIYSybX8Qf9Elc5RzcJOFA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 55951
accept-ranges: bytes
expires: Mon, 19 Dec 2022 19:06:57 GMT

GET
H2 200 avpb7.12.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame B9D0 62 KB
21 KB 20ms
20ms Script
application/javascript 2a02:26f0:f700:2a0::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:f700:2a0::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdultleqjIWPilsD-wES2slq04ovHvcXHBHjM2lZJgXpnVjIVrPpILpPkZa1Y2LEdN3O4E0bTnwY9Mi2gIhsNTaR
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20450
last-modified: Tue, 13 Dec 2022 08:13:33 GMT
server: UploadServer
etag: "4fef592811250ddfa401ef802ab64cfc"
vary: Accept-Encoding
x-goog-generation: 1670919213139487
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=w7Xe4w==, md5=T+9ZKBElDd+kAe+AKrZM/A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 20450
accept-ranges: bytes
expires: Mon, 19 Dec 2022 19:06:57 GMT

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
363 B 602ms
346ms Fetch
text/plain 52.21.27.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=20eb871371a00cac62414113629cdcb1&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1671476217365-980691146417-007219-002-005904&AV_CDIM1=sp_rVSSRN5u&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=aef0aaac-6a49-4eea-82f3-77170f89f8fb&AV_CDIM5=Zu8i20yajIm50OMDfu-wZPJ3lca-iAkOI6kRiw336B_1XzN_KgRxaIU5cHHzw5BU&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=1049447&AV_CDIM10=v21.10.4&AV_CDIM12=false&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_bsinqXFT%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f32b7c30da21b38b02cac99&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=9to5google.com&AV_DADPOS=3&d36=6.2.68&responsive=1&sver=3&avtoken=216982&omv=1.0.1&clsid=e966c115-23a9-4b82-9c0d-4847eb8bab7a&rando=20&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1476217683&wfc=1&tgt=0&&AV_VI=0&AV_VID=3249.28125&d4=1&d5=0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.27.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-27-111.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 08 Dec 2022 05:10:18 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&duid=aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2&se=e30&dtstmp=1671476217730
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&duid=aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2&se=e30&dtstmp=1671476217730&i6=M...

13 B
551 B

369ms
91ms

XHR
application/json

54.146.241.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&duid=aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2&se=e30&dtstmp=1671476217730&i6=MmEwMTo0YTA6MmI6Ojg%3D&n3pc=true

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Server

54.146.241.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-241-124.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
x-pixel-event-id: 9404c3ac-6775-47bd-9b5c-3ad43f7c89cb
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 1f581ebcc720d941
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&duid=aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2&se=e30&dtstmp=1671476217730&i6=MmEwMTo0YTA6MmI6Ojg%3D&n3pc=true
access-control-allow-origin: https://9to5google.com
request-time: 0
access-control-allow-credentials: true
trace-id: 3bc98bb7f9b3e532
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
506 B 115ms
104ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221b8afb7ecffc56%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%226228ab51aefe001d36464385%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222d74fe6e56c584%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%225617d28e-346c-4411-bf3b-e5d08a883c75%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.03%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49696511cdc1361df143386251f44d901bda2168e801b6eae522cd16f614d416

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1P2f%2BjaQ5LBnhn1peT8Pr%2BgzJQyTJdVWYweNPCHHSbFC1WLo7N96k%2B0WdsurolQJDcW5u3QM%2BZnl3TUDoTzlepyU3OI76El4QPh%2BV0BeoA70PHkw%2FA6BgWV3jSukYD8f1aAJ%2F3i"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bb49231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 186 B
410 B 163ms
13ms XHR
application/json 35.157.129.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.129.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-129-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 52c82887444037da4a67c05ffab5174a10b01fe0a99b10862863f455cc8dc689

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
511 B 94ms
86ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2259f8fe735db132%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22626e7191362a4749cf69b41e%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22610f1f857e112c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22bbaacfcb-5f8b-4ba6-b394-1107641af479%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A5.579%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a53ad55eca8d1bcd170c86140ad5d07d1403402df8fb0d3c24aaacc2eb10036

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYFpQNfbo%2FCJNexD8QI1%2FP%2Fwei7iW2V2NB3XWw1oZ%2F%2BItZN8M4NkDNbxAU7oiKSeblaPQO9ncWFMd5oO%2FvLUldL8XXk9WdSd%2BCpPTO5nSO1fw%2FDCG%2Fh6l0w5YhoDtffcBd7Aeg%2Ba"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bb69231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
501 B 129ms
122ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227398cd16de5136%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261dda3ca2ea896308e2e2bfa%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228cf1b05cccc708%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22dd08a19c-dae4-46e7-b81c-3bd8e4546d49%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.172%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2857b1ac3290321bdd92944048f127e9697e92fe815ae8a17016a623b1e09ce8

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOgXaUl3mpAK1cj6IjqSFQCxB2uIwD412ABRI%2Bwju3epG0Xep2cbclMHGlZbMjbBzFd%2BX9FX7boLROFRum4K4tbgIHejdZUFrvWSmv9C1dEc9SR%2B9eBo2AFrwkkEcG4UzCGN4Vj6"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bba9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 35 B
533 B 91ms
84ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22998b3c8dc48ce%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22628a841afe3e1b6f381f8ae7%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221051c4f80cd83dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22ea514176-3140-4ffc-8900-26d27cb77c32%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e396c27e109d0ac08f33cd93ddad8519ba391dfd27cf9a9adc4f25fd2217b5b

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18nVvnvJSxnJaNezbjlY518NqsaTLS65U7MIMibQsQmZVwsecReGTb0VCFYGxhAEaYCePcVdeg7DDmmwk6EZBDIWGGfEzOrtTnJGa8u2FZQ4LjlO0dPD0T9OC6AmL54pQt%2FgcAoq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bbb9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
501 B 93ms
87ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22116ad8ad475ff27%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%226130ef9e4ef7d125a83f004d%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221289598d648b8b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22260c0146-6218-4029-a630-47794781e3db%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A9%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c821ce1c6c194ff2cf6498331ff5458b5ccafba1fd7321851214f2c238660b52

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZnBe1VD%2FUYgikpXqYVqeKzsFhQJVzFOKtWsQP8xGsKNy5SugVALrzfKjC8ZMR0qJ4GXKpdCbsL8Y6xwxfx9VvGnavKVEKNtjZejMVPVrePrmvglinanlc1QMDW58IHNR45PLuLW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bbc9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
508 B 180ms
175ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213b1c6eca48f7ac%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2260ec3196fca4952eb249e47a%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214355cf01b871b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22cb5fe9b8-9870-40ce-a353-a15549f8cfb0%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A4.349%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05dc659b045b32e688da4232ad871d9327755827b0b83369ccac180afaa63e44

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdkvjNECGC2Yo2X8v0y0QEn65%2BVCC8JqFe0ZFyOFTZRDSLFn7TBUSsRY%2BlxCuQfkRKrY2tP55%2ByrEdZxnJjLpNkC0e6XXzqR6UbUxiozVuQnPw%2BlS7UOskuN4EeQEDC%2BzS1DlFVt"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bbd9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
503 B 91ms
86ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22157a6acffde122%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22619ce3dce6572205164350b7%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216a269c5dabfbb7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22bdf0540e-b0e3-435e-a093-2b355ff489fa%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.08%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5cc52d99c74b24224b35597ed008cc8ce91b47eeb5cdffec43205369c328dad

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aa3GwalQ8iob0ifG2hHbnU9JArg4yfEb%2BI4cjDVsB4PcNLN%2BTYZ80VdHn9OOjv5aBrplIKL%2BHjXplg7RE%2B62qYIL1EuFG6MgM0NNC0EN6o5aJDPxGritY3G3pHSG%2FnfPucVLIaWm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bbe9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
505 B 93ms
88ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22171181919305ef3%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261c496f36a6245407a70af5b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22185fb53bd8ba6cc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2217a191cc-57e2-40fd-8953-3ebeaffc8252%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.35%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d1d1fd738f5740abba37af0d3a68cbb396d92e8a97183da745b6434aa1de9a

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5zNCsIAzN8rMUI9L1Msjy4KQxyY9x%2F%2BC%2FBsBNndzGooADRn25uiq%2B8dA69nPpC1119EalDX2pKykOUtZ8Qp8z4QPeIB85Q71WkYzeSvWrJCFow8NuDN3RuFgCxQ0U6n%2FTBuaCZK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bbf9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
406 B 194ms
52ms XHR
application/json 35.157.129.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.129.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-129-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 90e36c99f5773f541d8fc4879537eca2e040ebcc8b0540ea0f3768177caa2e76

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 172
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
500 B 91ms
88ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2221bcc8e4b4d165e%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261fc134323c7aa142401f935%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2222635ff8aa0b30d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2273d9141e-ecd7-480a-9965-d49c05914bc4%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.04%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f94469410a9f035f259f0fa95578f7e0a7dcd61dc4ecc5162c8d4fa49a1c84

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EYlsSy9d1mcGiT5Zo%2FWSC2vbg7jqJWixQLBNV3jPDu3dDeM998z31wH55J6wSzoQ4FZTnZYAMfaKNIDEZkm78GD28bbeosonFp4sv03xm8URe1PWVP3MJIe8Ycww8wFA%2F2adCCm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c792bc09231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 62E5 34 KB
10 KB 26ms
25ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 499ce9c057786f40c6af08d066165b1aecdcd5fe7959a98247d0b13726a3c4bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Dec 2022 15:42:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74738
Connection: keep-alive
Content-Length: 10066
Expires: Tue, 20 Dec 2022 15:42:35 GMT

GET
H2 200 Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0AF1 43 B
601 B 37ms
37ms Image
image/gif 2a05:d018:d29:3605:34b4:e687:cbf8:5ec7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:34b4:e687:cbf8:5ec7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0AF1
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2643881268435628356

43 B
766 B

21ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2643881268435628356
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Mon, 19 Dec 2022 18:56:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7907a939-4cd3-4083-aa44-251db1e01dac
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2643881268435628356
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 0AF1 43 B
433 B 152ms
30ms Image
image/gif 54.194.92.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.92.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-92-99.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0AF1
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB

43 B
601 B

34ms
34ms

Image
image/gif

2a05:d018:d29:3605:34b4:e687:cbf8:5ec7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB

Requested by

Protocol

Server

2a05:d018:d29:3605:34b4:e687:cbf8:5ec7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB
date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0AF1
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D

43 B
766 B

26ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:57:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date: Mon, 19 Dec 2022 18:57:00 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0AF1
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cdcfe2e9-5fd8-4bc5-aedb-cda407e77267&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
766 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cdcfe2e9-5fd8-4bc5-aedb-cda407e77267&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=cdcfe2e9-5fd8-4bc5-aedb-cda407e77267&us_privacy=null&gdpr_consent=null&gdpr=null
date: Mon, 19 Dec 2022 18:56:57 GMT
server: _
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0AF1
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
766 B

10ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Mon, 19 Dec 2022 18:56:57 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0AF1
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zxMdXZsTGlrUQU5byRRRDs1ETQ_UQh1UykGQR35a

43 B
766 B

24ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zxMdXZsTGlrUQU5byRRRDs1ETQ_UQh1UykGQR35a
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=zxMdXZsTGlrUQU5byRRRDs1ETQ_UQh1UykGQR35a
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cookiesyncendpoint
sync.aniview.com/ Frame 0AF1 0
37 B 264ms
92ms Image
text/plain 3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1671476217365-980691146417-007219-002-005904&biddername=42&key=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D42%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5D38 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb-vWNOPlRiWrYtmdCgAHRXTTQ2r5rkKOA80HHNh_n9zy9lTPB8mn7cJZQHbdaaHcGN1TQijqHm7tq65dcSP46rY-S0_7lw4x2ABI1rJ0AVGL2EXSoSZff2nGvA0clkqk4h-QWVQ&sai=AMfl-YQCnYqHQe_fPuQkF0QSNU2RwjqXQ-YBCHNC46zXHQLHteBqolby9GcrBJNsS_RhcMywxO52X3Kpv9g2IhkJxwnE2y3hO47JwQ2Upsn-H64_c5b9YE28ITSGcsD5Jg&sig=Cg0ArKJSzN-z-f0Cqb4nEAE&cid=CAQSOwDq26N98XhSBuPV3npCXdMkIiS2FBxJ9orAUxOYurQu4G0ucpncppGcOf52Luf1yCMqWrUrXqM2uniUGAEgEw&id=ampim&o=315,125&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1018&mtos=0,0,0,1018,1018&tos=0,0,0,1018,0&tfs=341&tls=1359&g=100&h=100&tt=1359&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 62E5 0
239 B 392ms
92ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=LBV5S65K-1H-COW3
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63F1 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:26:55 GMT
expires: Tue, 19 Dec 2023 18:26:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 778D 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

931a326c09ece4c8726bf39773676815174a122528e46ec4d4f118b56e71fd5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1bgTXbHfUV7qEc595ds8XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-1bgTXbHfUV7qEc595ds8XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:56:57 GMT
expires: Mon, 19 Dec 2022 18:56:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 63F1 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 778D 0
0 43ms
43ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3787733625994484&rc=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 140ms
19ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161751
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 157ms
37ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=161751
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161751/6840/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 63F1 0
11 B 9ms
8ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ta6Jaw
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F4AE 28 B
54 B 77ms
76ms XHR
application/json 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1671476218018
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6Ui1LxiAodc?playlist=YHlVuhlZAgs,8TkarFyGhgY,-h5j3B2f_is,6o3hDohg17c,mcjrAIzS_iw,GX2g3YkS7XE,iomogY7dHSA,yFu5lPV3hNk,UtJCTyuENMI
X-YouTube-Client-Version: 1.20221214.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtKNVJsczBlY2tvcyj354KdBg%3D%3D
X-YouTube-Ad-Signals: dt=1671476215630&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C506&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 19 Dec 2022 18:56:58 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 60B1 0
260 B 103ms
13ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161751&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
362 B 529ms
529ms Fetch
text/plain 52.21.27.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=20eb871371a00cac62414113629cdcb1&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1671476217365-980691146417-007219-002-005904&AV_CDIM1=sp_rVSSRN5u&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=aef0aaac-6a49-4eea-82f3-77170f89f8fb&AV_CDIM5=Zu8i20yajIm50OMDfu-wZPJ3lca-iAkOI6kRiw336B_1XzN_KgRxaIU5cHHzw5BU&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=1049447&AV_CDIM10=v21.10.4&AV_CDIM12=false&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_bsinqXFT%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f32b7c30da21b38b02cac99&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=9to5google.com&AV_DADPOS=3&d36=6.2.68&responsive=1&sver=3&avtoken=216982&omv=1.0.1&clsid=e966c115-23a9-4b82-9c0d-4847eb8bab7a&rando=20&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1476218298&wfc=1&tgt=0&&AV_VI=0&AV_VID=3249.28125&d4=2&d5=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.27.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-27-111.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 08 Dec 2022 05:10:18 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
410 B 106ms
106ms XHR
application/json 35.157.129.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.129.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-129-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b403a97e1b356bb064df8921f6fb8fadb6b18e5e110804297d3e6032521c62a3

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
501 B 89ms
88ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2225c696726a51f4f%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261fc134323c7aa142401f935%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22263e8eca4aabd98%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22bce74183-ff3f-4e5b-8e04-983d93ad1d3d%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.04%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70ddde9e03f55bdab6572946824cebf3b3896c80c82aee7e83155cb3f5f83662

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3CO7eJEpHtY0EBHmMmd8mdl7HLQjWD3gMcWr090fNkyJhqqtuo5AFropH01jzywnErDY4L%2BsCgd61KTSuOJbWrDPkheeu%2BbtcyOJGK84GAXEywJUg76PA1T5CX9R656yqzNdPxx"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c79169231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
504 B 69ms
68ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22277779c31ec20e7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22626e7191362a4749cf69b41e%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22281a6112a72c7e2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22ce63bead-90c1-4d2a-8ad8-a09f2effb13f%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A5.579%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85602b70e23359518c1d7e3bccde2e57f322ed7f389bf6a0c2f3f49bd02d34ed

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSITNTeVWKFZSb3adLzxG6FC7EJwkaqGm7eVVW30IErIF17QCkpZCdUTjUeZ39w6aD6qXcELgEdQ8uWUk0TWZOZJ%2Bq4V3GRr%2F3umMCtOVy7CJLjIIcNPSLLAUlKX0PizGtrwKNTG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c79189231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
502 B 117ms
117ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2229aa27318e7fad7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%226130ef9e4ef7d125a83f004d%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230f0183c80bc8f4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22c35dd48a-da63-4983-a656-d5576ed4eea5%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A9%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f642b5667ec3127d88832e2d0fafb68d1315f799cb2069786e440d5f66206c

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Fum8eFgQEP7F4JzBP7i2e0WFDOE8Q7PIb%2BfFhs2H9hQsAInyMuZB7Ss0C3gmHQUrc4AfVoDkwGZJmEVmXwaYlayKx0OMaSiWHq7OyoV8C06zGQM%2FBY9JPx91%2BjCj6vj7Yslmegn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c791c9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
503 B 131ms
131ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2231a0a9bdf52d3bb%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261c496f36a6245407a70af5b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22329cae45983fd93%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%226209b337-d983-4450-9daa-5f12a2f92cb7%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.35%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc56fbea81f9a8ccb09b8b2daa8017131c29e2746e4a23b97724675d6006df6a

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU2HLDjP2hKRYoSGtbIWmb%2Bzw2Rbh0dQYSJx4fM70ZD9Fj8H%2FlzvLQNj1Lby59QSIYOl4VOfw2YI7%2FBc6eHJ2vTxw8FpYP5strIqbpco6bLZUgM8ZXiTrMCtj1rWtA5IMY7lbqdy"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c79239231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
408 B 17ms
17ms XHR
application/json 35.157.129.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.129.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-129-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 37a800bf7cfda7588e2d385835479d7ef800631192fcdc22196573defb61a7a1

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
content-encoding: gzip
x-prebid: pbs-java/1.106.0
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
505 B 81ms
80ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2235b36001519b8ce%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%226228ab51aefe001d36464385%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22368594c7efcd714%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22b1fe1d1d-8900-4e72-9ce3-b9e151d3c9c7%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.03%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd7f1e75573dc73f2dbf75993922c317f8ef8cd45d78281e0d0f10b9a1174eb6

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GqRJJgNkF49guvtC6lO0tJpOWizJUUmfx7baDvqkwVlPH3OOugkwgLYUyBNU8Zkn2UvwY32oaTHHTZwL4rTCXMiqWBaSY%2BODXzWrB%2B7iq%2BfvyQxFVin0qh7XIX3vi9DNS9nUO0j"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c79299231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
500 B 104ms
104ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223779ffc29e163ef%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22619ce3dce6572205164350b7%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238d4da725162121%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%222d3df4f4-d148-4183-8815-d958c5f9343e%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.08%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c199b62659d7f0eae6956e7e54adc948aebd0119301ee16410f31459a268bff1

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DkwnRFo2mqZ9wxyiL6g02gJgAkcfmQeTzmSUT0YclWPNoKZdvjL0fGtHoUdq%2BHufuQSHOXERtYnJH6sPia1hEcOqy%2BdLE8w3UsI2s27C2TrlmTIj7crpcvdjSDwZkeh8Y7pWiZz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c792a9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
505 B 73ms
73ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22399243a47ecc842%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261dda3ca2ea896308e2e2bfa%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240d48fdb242c5cc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22d495e167-b538-4f4d-98e3-947e6b737f9b%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A3.172%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a856923772aadb9b8bcc1a9efae33f34f0f4ac5af406847640b444fd507b1e47

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDdY8iHKY7hjlThlLIjNLSmJ2gVigcnO7165LEyo7w%2BkepZsCh7v5vTZGeWdVLixb3d2XoLDg03%2FUrbSjlgkyLQUhrfVIdHpU9voYP%2FKuhyja6ElHI%2FsljhzS%2Bs1QmM78CAMRT7D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c792d9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
506 B 178ms
178ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2241f7178963b7aad%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2260ec3196fca4952eb249e47a%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224225bc240c48cf7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%225a0cb6e8-aa0e-4236-b4d0-8ea3afe45ad2%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A4.349%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 765e0bb62417129ff90c7048b4c8020f8080b29a40b8ad0ce955343dca7f50a4

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWmci6EzWmlH6DhC9FjEHEc0ZLUEf1KJMYoJAQM3axw11WA%2B5fdPv%2FtksM%2BCwnmZ5aGmMXqAANf14GfhPfZtQUkJyhyTSIA6bo0ru7iEQRB9JiCZan3JkafhbA%2B757i%2FuBB%2Bj9Xp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c79329231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
508 B 104ms
104ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22438dae3ebe0bf51%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73c8e043275522875c337%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224495ad727b7e79c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%223b237920-f261-4115-acce-5020945a1318%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.76%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 553ec4d5a194917632fa9ff1cd9838f4858e52b95c136310a915ed088996e2ff

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQrL7ILzksSFOZ13%2FVmlhZED05DDxGGVxRnjXIrW%2B5B2WYhhpD6pSS6zQ49tm67p1m3YZNDxqxd6gr1odNit%2BEVIKCq42i6O90KPFgIAWg8%2Fz%2B4%2FHWWWiXER81OMCdNx9QUGuyLp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c7c79339231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame BBBB 3 KB
1 KB 16ms
16ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 696
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 77c25c7d886c9b86-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:58 GMT
expires: Mon, 19 Dec 2022 22:56:58 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame BF7D 3 KB
1 KB 17ms
17ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://9to5google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 696
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 77c25c7d88739b86-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:58 GMT
expires: Mon, 19 Dec 2022 22:56:58 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 87F5 2 KB
1 KB 45ms
45ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388864da8dde27c2e8aebde83be013bee89a44ea1f05e29d4156e0c16a403f6a

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c25c7dcf659128-FRA
content-encoding: br
content-type: text/html
date: Mon, 19 Dec 2022 18:56:58 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTSFMtHOOH6%2BmoPudoHfGZwdGx32whoEyjeXKbSbinXq%2BnqQDNemknZ4m4pYCZHnVs5HBd94M%2F6b9LR6zLtQ%2Fb1BxPRIgS8tVZHtKBM%2F55AUgdmMkZFwf1VOZYW4V%2B0So%2B9K9KyCMeWM2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame B0AE 2 KB
1 KB 30ms
30ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf08f887361284848637102fc85270ab87340ffb8314f2a643b55141947726ac

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 77c25c7dcf6b9128-FRA
content-encoding: br
content-type: text/html
date: Mon, 19 Dec 2022 18:56:58 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nR7vvclfiW9Lm7pR3Rtv6UOVDSK579WZKaT%2FBhTX0srywnS%2Bf5r8eKQwuv0IfRkFLUQHmAxOglrUgld9%2FW%2B4wEeUFvrbWrIMfKRBKjfqMwMywsABq7DBrLvEuhC576wVirEF%2B6NTjaNOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BBCD 0
0 46ms
45ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3787733625994484&bg=!REelRwPNAAYgquz3AKo7ACkAdvg8WhdRhjcBEz7cugDsO88cckWUYTLBs3v8Fres5ryT6exI-BogsgIAAACIUgAAAAJoAQeZAukTyrykvEALg0SIl6AOti7uCnZW1AW159xBosS6V8nrA7egGyWyj3zPVHyjKde_YlfRxUbCJbKsFXmFsmCUS6yeM4UA4UOYkq-Bfm8ANV2FeTiC1kTzBOTmDipdECE4iMJzCK6WKCyaAeSrPhMU85NWdDurc-1nOBTH1DwoyP2wcUBbwRegqSevOSwM8rVRonTPhshDDgQKZ_rK5KqpDsxtoYwdd-dqcQ2yjCxeDvs_GdcoQzzbXQ_juNHwVFweUwDCeLxNf325AQwGdksiXGfwHjX-we5bhsmiIent-_o8XnkjeACY2N6rqG4eEO2lSRpUio2yRwqdqPksjWhbMBJAMYltRUHNwZPe1VIJeLKuishU08DH0qY7N2-sPiTmF_OoGAGfkYtlUCntsNtpeOUlU_-IyTOqARlQjUVrHST_aXrx1msdrB7JiafVXI_qSDOhS4-6y4u8hYdzqtaKWxxEYUVPhDeBLlT0txKSzDIyUQFEoW0nzRrGoq9czhmStI7PigBIL0DbJURy6bgxDMUvgAjV8WZJRl_gYObr61bsP2D2U8x3uuSd33OInJrJ6QsrOFtZ87WH_2eebRi-iZO9Wrw2FwHtZgKI6KD5v6-92sOeqS0XAnfkS_UwEcexG8jgRbYnFYoQxW7vYSMbeOjXjr2isWHjrHsAefL_TR3NdbEqtT9-uakrRw2O9mDQk_SHOlP_MQjT21UdS6m1cBk3Y-_VhdRXXozBdNxTFMeUji8aEAgtWepPbItU2I8LpDMWAYMBTey8T_YQvLBBhrRjRI9T3Y0-vl89g-4SFm4cM1jgYb-VF20ZbVKV6DhQ74fjUy4vbXGdlB7sOv-caKu_5PaINmxNhzENbPtXT7nTvLAGnvu5k_LKHKW_Os0sm2S0AzOW8nu9flAWwA62VsLl8uVncBNi7LHNTwYLT3Z0q5rFPd_oV6Is5NOBb98IVeuqm_d1VXq_9JlML2OPDZHcFsa3fnI1k5fL
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B0AE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6Cz_QAAANOb-QAp

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6Cz_QAAANOb-QAp
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-hhn-etou8220035-HHN
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671476219.570811,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6Cz_QAAANOb-QAp
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

rum
dsum.casalemedia.com/ Frame B0AE
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618

43 B
839 B

46ms
44ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqHvTz%2Bobvj0kIb778bF8K8oA94jH%2FgfI824aCwxakSDdwRvuvumITKqOaQdHEAN%2F3HHvWwec7H9KuWfKrsXnXsUU9YsFpOVZeQtXCP1CWIvWHxpSv1OqD1m3DB79xrE%2FgqwS8b%2B"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c7ebc089b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B0AE 0
191 B 16ms
14ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B0AE
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

date: Mon, 19 Dec 2022 18:56:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 18 Dec 2022 18:56:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B0AE
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bc24229-81b2-99fc-71ca0e82

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bc24229-81b2-99fc-71ca0e82
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=492
Content-Length: 43
Expires: 0

Redirect headers

date: Mon, 19 Dec 2022 18:56:58 GMT
via: 1.1 google
server: nginx/1.23.3
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bc24229-81b2-99fc-71ca0e82
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H2 200 bridge
cm.adgrx.com/ Frame B0AE 43 B
283 B 66ms
17ms Image
image/gif 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-7
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B0AE 43 B
601 B 37ms
35ms Image
image/gif 2a05:d018:d29:3605:34b4:e687:cbf8:5ec7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:34b4:e687:cbf8:5ec7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame B0AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6Cz-CMpmf_7dqS5gi7HZwAABKUAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB5se1oPIm11x2WJV2UgXV4&google_cver=1

43 B
841 B

43ms
43ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB5se1oPIm11x2WJV2UgXV4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHZ%2FHosLpVjBJOtaCkOS0hfGD12VHsO5u3iByx2UPw0wiJphIikDj1iAWKegxUoQGVB4vj7s57PDZFcuWXY298WaTyv5ZWirl9ymdRczHvFRAYgnap2jxbzsDbfnJeFClnhlGO4ZQlGAmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c7eea4d9128-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEB5se1oPIm11x2WJV2UgXV4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame B0AE 43 B
154 B 18ms
17ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y6Cz.CMpmf-7dqS5gi7HZwAA%261189
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 73700
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c25c7e0f68bb56-FRA
content-length: 43
expires: Tue, 20 Dec 2022 18:56:58 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 87F5 42 B
181 B 121ms
29ms Image
image/gif 2a05:d018:cc3:fe04:5f8e:ccc2:48ed:ad64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:5f8e:ccc2:48ed:ad64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 87F5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NzEKuEUV1P7ljQ5

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NzEKuEUV1P7ljQ5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=493
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-050264eaa58f9e669@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=NzEKuEUV1P7ljQ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 87F5
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522560355908

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522560355908
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588522560355908
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 87F5
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687201018&external_user_id=a74df47f-af35-4679-9097-47380fbef6bf

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687201018&external_user_id=a74df47f-af35-4679-9097-47380fbef6bf
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=491
Content-Length: 43
Expires: 0

Redirect headers

date: Mon, 19 Dec 2022 18:56:58 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687201018&external_user_id=a74df47f-af35-4679-9097-47380fbef6bf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

rum
dsum.casalemedia.com/ Frame 87F5
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618

43 B
837 B

32ms
31ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaP%2FsfEhRivAJaBxmoMHz2VioNor3UMYVaf6U8ZflbLTiPVCHdjvvoG%2F%2FueEL%2FFYaS06rDfnpEZgmhbgpFHRfY8rJIivc5iV0L9S6bRmh1LwtFxPhmBzOongFl6J93%2BPJYyYRjkS"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 77c25c7ecc319b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671562618
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 87F5
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189

42 B
942 B

41ms
41ms

Image
image/gif

3.248.100.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

3.248.100.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-100-224.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0f45dc272.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 19D5ZKXgS3Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FfJuhgtSS3w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y6Cz.CMpmf-7dqS5gi7HZwAA%261189
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 87F5
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D

43 B
766 B

14ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date: Mon, 19 Dec 2022 18:56:58 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 87F5
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 18:56:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

date: Mon, 19 Dec 2022 18:56:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4B2A77DD4C6941AD9F5DA742A6C4963F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 18 Dec 2022 18:56:58 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 87F5 43 B
103 B 20ms
17ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y6Cz.CMpmf-7dqS5gi7HZwAA%261189
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F9to5google.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 73700
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c25c7e2f96bb56-FRA
content-length: 43
expires: Tue, 20 Dec 2022 18:56:58 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A043 2 KB
2 KB 19ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18023723&p=161751&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e0f501e1e9b17aaad04f604fb940061874b03b5d587078ef823890c302dd1902

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 19 Dec 2022 18:56:59 GMT
content-length: 1947
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 49CA
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC

42 B
418 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 07AD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178935696651909271&gdpr=0&gdpr_consent=

42 B
323 B

20ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178935696651909271&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Mon, 19 Dec 2022 18:56:59 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7178935696651909271&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2871
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJY0trN0hRV2dBQUI4ZmR2RHBWdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAIcKk7HQWgAAB8fdvDpVw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5992295696983674993&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAIcKk7HQWgAAB8fdvDpVw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5992295696983674993%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5992295696983674993&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAIcKk7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIcKk7HQWgAAB8fdvDpVw&gdpr=0&gdpr_consent=

42 B
279 B

14ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIcKk7HQWgAAB8fdvDpVw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:56:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 19 Dec 2022 18:56:59 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAIcKk7HQWgAAB8fdvDpVw&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1B3F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gGA0MYZkQl5mE7LRDZ4dOlFfBSg

568 B
642 B

18ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gGA0MYZkQl5mE7LRDZ4dOlFfBSg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:59 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Dec 2022 18:56:59 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gGA0MYZkQl5mE7LRDZ4dOlFfBSg

GET
H/1.1

200

p
a.audrte.com/ Frame A043
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=797F025D-0740-4D6D-854D-989A493E9C38
https://a.audrte.com/p

68 B
424 B

102ms
101ms

Image
image/png

52.45.81.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 52.45.81.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-81-218.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 18:56:59 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 19 Dec 2022 18:56:59 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame A043
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=797F025D-0740-4D6D-854D-989A493E9C38&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=797F025D-0740-4D6D-854D-989A493E9C38&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

33ms
32ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=797F025D-0740-4D6D-854D-989A493E9C38&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:00 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:00 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=797F025D-0740-4D6D-854D-989A493E9C38&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame A043
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=797F025D-0740-4D6D-854D-989A493E9C38&addseg=19,36,42

0
0

163ms
16ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=797F025D-0740-4D6D-854D-989A493E9C38&addseg=19,36,42
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Mon, 19 Dec 2022 18:56:59 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=797F025D-0740-4D6D-854D-989A493E9C38&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1aec759725ea958a/gdpr=0/ Frame A043
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=88c4ebff74b169c34d838809565c707d&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1aec759725ea958a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
264 B

30ms
30ms

Image
image/gif

34.252.235.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1aec759725ea958a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.7.217
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1aec759725ea958a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A043
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cb87dd3b-3823-4744-b04e-7bd9ca68b798&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&gdpr_pd=

1 B
264 B

23ms
23ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 18:56:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=67108a8d-15c7-4030-af8c-e6963664db99&gdpr=&gdpr_consent=&gdpr_pd=
date: Mon, 19 Dec 2022 18:56:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 797F025D-0740-4D6D-854D-989A493E9C38
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A043 43 B
601 B 35ms
34ms Image
image/gif 2a05:d018:d29:3605:34b4:e687:cbf8:5ec7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/797F025D-0740-4D6D-854D-989A493E9C38?gdpr=0&gdpr_consent=

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:34b4:e687:cbf8:5ec7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A043
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=797F025D-0740-4D6D-854D-989A493E9C38&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-a8RK.vtE2uWX83DTXLn2VoUL.Z9Lx1M-~A&gdpr=0&gdpr_consent=

0
128 B

66ms
13ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-a8RK.vtE2uWX83DTXLn2VoUL.Z9Lx1M-~A&gdpr=0&gdpr_consent=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-a8RK.vtE2uWX83DTXLn2VoUL.Z9Lx1M-~A&gdpr=0&gdpr_consent=
date: Mon, 19 Dec 2022 18:56:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame A043 0
103 B 36ms
13ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=0&gdpr_consent=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:59 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame A043 0
191 B 15ms
13ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

502

Pug
simage2.pubmatic.com/AdServer/ Frame A043
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:689db0f3-c805-460f-8ef4-94d474eb7efd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

0
0

21ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:689db0f3-c805-460f-8ef4-94d474eb7efd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:689db0f3-c805-460f-8ef4-94d474eb7efd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 19 Dec 2022 18:56:59 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E659 2 KB
3 KB 23ms
21ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15019829&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4a6a18c6f5c877d4a4116ee7e9bbaef513c36004c3527f7c16cb995d06e869a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 18:56:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame E1F9 35 B
468 B 24ms
22ms Document
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3C07
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6Cz_QAAANOb-QAp&gdpr=0&gdpr_consent=

1 B
240 B

32ms
24ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6Cz_QAAANOb-QAp&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 18:56:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 19 Dec 2022 18:56:59 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6Cz_QAAANOb-QAp&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220035-HHN
x-timer: S1671476220.665154,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F758
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

22ms
21ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 18:56:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 19 Dec 2022 18:56:59 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 59C8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
439 B

192ms
191ms

Document
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 77c25c862d208fe6-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 19 Dec 2022 18:57:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 77c25c851aa18fe6-FRA
content-type: text/html
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 655

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 7E8E
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3644628597

70 B
264 B

43ms
42ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3644628597
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 19 Dec 2022 18:56:59 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Mon, 19 Dec 2022 18:56:59 GMT
etag: RX70ee44649a72406399f3700ac9374a2a003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3644628597
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 9AFE 43 B
280 B 127ms
50ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Mon, 19 Dec 2022 18:56:59 GMT
Vary: Accept-Encoding
X-adserver-worker: leviathan-a79fe0f6383b@version_1.531
X-core-time: 1ms
X-server-arch: v2

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 4700 43 B
282 B 29ms
14ms Document
image/gif 72.251.245.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-7

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 8E77 0
0 291ms
236ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 19 Dec 2022 18:56:59 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

404

gdpr_consent= Show response
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame A371
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...

49 B
264 B

31ms
31ms

Document
image/gif

34.252.235.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbgnjTVRTXVngRVSg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 49
content-type: image/gif
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.0.215

Redirect headers

content-length: 0
location: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbgnjTVRTXVngRVSg

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 2FE6 0
0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame FE42 43 B
369 B 79ms
16ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 46F7
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4B2A77DD4C6941AD9F5DA742A6C4963F&gdpr=0&gdpr_consent=

1 B
53 B

21ms
21ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4B2A77DD4C6941AD9F5DA742A6C4963F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 18:56:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: Sun, 18 Dec 2022 18:56:59 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4B2A77DD4C6941AD9F5DA742A6C4963F&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H/1.1 200
OK csync Show response
sync.spotim.market/ Frame 6263 0
400 B 149ms
145ms Document
text/plain 62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=281178&extuid=797F025D-0740-4D6D-854D-989A493E9C38
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Mon, 19 Dec 2022 18:56:59 GMT
Etag: 539fd319b76c4347
Server: Adtelligent

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame E659
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d30663a0-b3f8-4800-8386-c9b16b03db35

0
128 B

17ms
13ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d30663a0-b3f8-4800-8386-c9b16b03db35
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 19 Dec 2022 18:56:59 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x2 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d30663a0-b3f8-4800-8386-c9b16b03db35
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 19 Dec 2022 18:56:58 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E659
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2996585902459466121&gdpr=0&gdpr_consent=&us_privacy=

1 B
176 B

26ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2996585902459466121&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 18:56:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2996585902459466121&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 19 Dec 2022 18:56:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

502

Pug
simage2.pubmatic.com/AdServer/ Frame E659
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2643881268435628356

0
0

22ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2643881268435628356
Requested by: Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

Date: Mon, 19 Dec 2022 18:56:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0b8f116b-c2d1-44e5-8cea-9f677ef4f06f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2643881268435628356
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 53ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F9to5google.com%2F&domain=9to5google.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://9to5google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 427064
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
249 B 290ms
110ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLVAA2&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156758/3746/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:59 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F9to5google.com%2F&domain=9to5google.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=l-o2pXxXdjA1bno0M0p1OGMyRk1oY24rWGtWdGJQYXlSWXNoTDhJSDJKVnlOeG9ndVBtbnkwdTVYcmpoc2FsY0pRbXAxdTYvVmdRME0vTHhEUityL0ZKcDduMkp4QTM3MEs1ajVSMTRobyt0SVRGWUN2TThUU3NSNlF5ZX...

359 B
648 B

62ms
21ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=l-o2pXxXdjA1bno0M0p1OGMyRk1oY24rWGtWdGJQYXlSWXNoTDhJSDJKVnlOeG9ndVBtbnkwdTVYcmpoc2FsY0pRbXAxdTYvVmdRME0vTHhEUityL0ZKcDduMkp4QTM3MEs1ajVSMTRobyt0SVRGWUN2TThUU3NSNlF5ZXV6V3F6QXNMYm9OYVlXWkg4ZE1kVnNCbzRJT0FSanl4WDN3anVua3BnOXRxTW5pRXdvVmhhd1lsWm9ubmpVNnJZenArS3dBZnYzdnZMUFk4STM1d1VJWmJqczUwNEd4T1BTMGl6OGlkUXlmMUR3Ri9zWHdjPXw&cppv=2

Requested by

Host: 9to5google.com
URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0734e9fe7121bd18311c3ddb043e04f12655cfcf065e7a8f3d29e11c93c68044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9to5google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1197740
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=l-o2pXxXdjA1bno0M0p1OGMyRk1oY24rWGtWdGJQYXlSWXNoTDhJSDJKVnlOeG9ndVBtbnkwdTVYcmpoc2FsY0pRbXAxdTYvVmdRME0vTHhEUityL0ZKcDduMkp4QTM3MEs1ajVSMTRobyt0SVRGWUN2TThUU3NSNlF5ZXV6V3F6QXNMYm9OYVlXWkg4ZE1kVnNCbzRJT0FSanl4WDN3anVua3BnOXRxTW5pRXdvVmhhd1lsWm9ubmpVNnJZenArS3dBZnYzdnZMUFk4STM1d1VJWmJqczUwNEd4T1BTMGl6OGlkUXlmMUR3Ri9zWHdjPXw&cppv=2
access-control-allow-origin: https://9to5google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 539939
content-length: 0
expires: 0

POST
H/1.1 200 952.json Show response
id5-sync.com/g/v2/ 216 B
624 B 275ms
234ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/952.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156758/3746/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

24be83472f025beded1a306b917fe52413d385738ff3686b40698f3fdefa3f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://9to5google.com
date: Mon, 19 Dec 2022 18:56:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 74330 Show response
idx.liadm.com/idex/prebid/ 54 B
431 B 589ms
223ms XHR
application/json 54.158.226.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/74330?duid=aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156758/3746/pwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.158.226.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-158-226-104.compute-1.amazonaws.com

Software

Resource Hash

057daeea915c185d5bf4bf5a6ed18aa726b60fffea4c26803a620204036fc9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:57:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 3
content-type: application/json
access-control-allow-origin: https://9to5google.com
access-control-allow-credentials: true
trace-id: f3fcf6337d855d4c
content-length: 54
expires: Tue, 20 Dec 2022 18:57:00 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
316 B 81ms
66ms XHR
application/json 34.252.235.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156758/3746/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:56:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
x-server: 10.45.28.234
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
388 B 32ms
32ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156758/3746/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e4ed19d1b3d005a15b43b64d43122d56afd5b4d04f796015c521e711850b420a

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:56:59 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://9to5google.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 18 Jan 2023 18:56:59 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 121ms
21ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Dec 2022 18:56:59 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 415514
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 53D9 0
39 B 22ms
21ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98301467&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1671476217365-980691146417-007219-002-005904%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:57:00 GMT
content-length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A043 0
128 B 14ms
13ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161751&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:56:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame E659 0
128 B 13ms
13ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:57:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
362 B 333ms
333ms Fetch
text/plain 52.21.27.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=20eb871371a00cac62414113629cdcb1&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1671476217365-980691146417-007219-002-005904&AV_CDIM1=sp_rVSSRN5u&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=aef0aaac-6a49-4eea-82f3-77170f89f8fb&AV_CDIM5=Zu8i20yajIm50OMDfu-wZPJ3lca-iAkOI6kRiw336B_1XzN_KgRxaIU5cHHzw5BU&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=1049447&AV_CDIM10=v21.10.4&AV_CDIM12=false&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_bsinqXFT%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f32b7c30da21b38b02cac99&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=9to5google.com&AV_DADPOS=3&d36=6.2.68&responsive=1&sver=3&avtoken=216982&omv=1.0.1&clsid=e966c115-23a9-4b82-9c0d-4847eb8bab7a&rando=20&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1476221835&wfc=1&tgt=0&&AV_VI=0&AV_VID=3249.28125&d4=3&d5=4
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.27.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-27-111.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:57:02 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 08 Dec 2022 05:10:22 GMT

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
501 B 67ms
67ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2247efa1fc025f3ac%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261d43e8d8f166e7a740fc074%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2248c97ad6602c0e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22d1a5b6c0-5594-47e5-b5c3-f771c573786d%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db0d847bd94776233cd31be2a627088f9b2b86c0f608fceb82f78ae56f07bd86

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kL5rUxuXtZAQg3xFYEcUtOailuV8pOX8fgdHrf8Nj4J0lFfO8HpaCwgE9%2BrvG2L3AdJIwo%2FK70x06qZ%2Bsu45nNvv7ScIi2USfxEicU3jlBezJv4lBUSE1cNlegivlTaGGdfA9fQP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c928f219231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
505 B 161ms
160ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22494e4876d1269fd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73bd076b7bf32f6222ac4%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225069372bdc0b91c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%223f182a36-a303-44cb-82df-67e4783fd195%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.24%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ddb14498375f7b2767fb7a0b0496c4279c592c02fcaa63154719108e694330a

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzST7X8P2Yv5KO11mkf95gwbcDJC1%2BUiYyjI1iv%2F6Ka1JONYmlynobmz2qT3P4lt8K7QY2Sr%2BGOn1GNvxyREaCm5g%2FGLgGzcTMohNa0c4AYOG0Jjo56EoD1uiUP%2BavenyAF4IN%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c928f229231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
505 B 116ms
115ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2251539486e9d7908%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22621cbc925cb35e2b626070a5%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225223143c336f188%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%226d888cde-ef76-457b-9ff1-d0fa8fbf92f7%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.45%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f26351469868408f8ac342eb48eadc2d597de4d0a2e770129b478a4149452c84

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q903pRPz60wBEx9aYkyCr6AexfOSh11cSlSJPeft9k0VUdY5YPK2cadvPZMOmSeHXc5G4RiNqzoux7XnWBiQ%2FTKJtxp0UTMpS%2FVNWof%2BSjDAJLJh4I0r7NSmR%2F4gYrr6WRMmS%2Fgm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c928f269231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
506 B 76ms
75ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2253bc7ee599fcce1%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22613f2594ce69844cf5275d9c%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254625f2dfa6b779%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22484b5342-ac8c-4dda-9987-0932ced56559%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02fa51ae3684650f73406ab7ccab3f68dde97fc5340e74327f7a047229489fac

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcRamD6HYJvAhaz9VyePgjiKNgTca3OCcxCjl%2BiUDajuQ%2Bqfm1OtykXNpm1cAQa1kfRVv6aewD%2BD9nlO0%2B4%2Bmh%2BV9Cb22BHp6UkyfjSxwJHrrItetu3ig0mtvN%2F6tLWs8GMR83FK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c928f299231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
510 B 80ms
80ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2255aea004e103471%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262022abd388aac14502b5b97%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256e990044ade96%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%227709306b-4359-4095-a465-228a27dc5d33%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.41%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323e0c491df87a2b5f9c11fc68992cd255819d707fdcf0c37b5b99b0f7ead11c

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2Mq4L57GU66qmTh29n%2FlNSdAVS5bWRdpX%2B19W2SLAqHophDAApX%2BbCe%2BI%2FgpjCVIm5kA%2BTvSY%2BAm5OwDE00UBG%2FsIRPy9dVNb18i5fnv%2Fj5SWKY8jUtptd33tM3hgihDDDyPvtT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c928f2b9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
508 B 117ms
117ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2257f5f789658f54d%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22628a841afe3e1b6f381f8ae7%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225893b09b1fae307%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%226b47704e-d6b6-4a0e-8cd6-f43a871e91b9%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d62a11db780ace791f6a01f834ec49b68b7811bd11a4ea3170dc738c3a483c

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hc4tGORUTO%2B2jEkPX%2Fi6PE9T5xC%2FSVEFzNmA%2Fy4tFqdN6WV8y1TzcnyqXajWHO6qmxGwJ3SYMQKDpWfs9jGRFGK9iEOsraZpiTwoq3pyDdyykuRvvkGiAYP9S%2BSmDGnOvJVaMtOX"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c928f2f9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
503 B 125ms
124ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2259eb9edf1bb3fcc%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261af2caab2fdc33999410104%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226089ed4fe3866f9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22e96d13df-dae3-42ba-8e65-1ac27b3d4b51%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.98%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83fd94a7ade6adc0908b9b7f7c7b655c6ff76d943dea4bf65f74e1f76d467fea

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trO05vpJvtRH9vA%2Fnt3QW9LbVb8iI8ta4Ial3FZ5PcppzUHSp0m%2BlpM7ZKQSsqc92JzuEFH%2BsFo2%2FRzm5jR2o6DSDIfnKm6wH9AIsXWTlYABCMpTlbIiS7zrREyxJ7UkMXqDq67e"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c928f359231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
504 B 89ms
88ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2261c815f954ccb16%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22611b4d25ee6aae31897baf0e%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2262762cd86fa89c2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%226160c6e4-74c1-4633-9966-3f6a04f3e91e%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f51c41074bf07018722eb632c37c4109c784b2bb01838e6ab05b0ab14fbae10

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1aZkqC8ufz8YBkMJs5PEaZHWEAZrbrsozFRdG4pgk9TBNhn%2BIKip9yVJH%2F3ZROvey4m6MSLJiaF6Zj%2FzR64srl43SenFFxegtKNTfuZWUW1G1%2B0YHjqtcvZqH4BiKmJmmLqLGcs"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c929f3c9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
504 B 105ms
104ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22633f147d025a067%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73c8e043275522875c337%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22643f9afced44fa2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22c5e3a2e8-80c0-4ebc-91d0-153ba3c7d0b0%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.76%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ffdb2b670d856226767fef2e6d1d1f24bb9836dd65978e4e9211da71b712ac

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrgUWL80d6Bs8blwJiLTOsxQKw7ZNl55tuoGZ9oMQ%2BpXAAcScH9wlNicuZC%2BM9KbEKr0ehv0RPOQP09RAvP9SwgJ3V8I2E7fnhf3yTC0YZKZsr%2F4IFX4eFEMqR5YYstzv3%2BwEI56"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c929f3e9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
502 B 135ms
135ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2265ff0849ff0d90b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262665c8e7cc7ac7b6f3fa53b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2266d4e8f028f44a9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22ba95b0e9-f899-414e-b311-297fc6c9cd30%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.16%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbcbde4da7db491bf0a268ee577af9f4d5520eaa047d9e87949ad9d4c0a51eab

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aKrwnWu4g8ihq%2FoKBb368RSE4TOSDIMxWPSzgQG9RH7fHWUtLKLOrUy4Wg2n6IiKnoA764Kl66rmWTw%2BJJ%2BhviebPh3bzTm0N528ZebM12jrstqKh9Ospd%2FvNVs6U4sh6m6OJ5F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c929f429231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 track
track1.aniview.com/ Frame B9D0 0
93 B 257ms
257ms Ping
text/plain 3.224.190.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=9to5google.com&rs=9to5google.com&sid=23995&t=1671476217&cip=81.95.5.40&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&d64=20eb871371a00cac62414113629cdcb1&d63=20eb871371a00cac62414113629cdcb1&aafaid=&proto=https&uid=1671476217365-980691146417-007219-002-005904&cha=0.7&stagid=&stplid=&d35=&d36=6.2.68&cb=66603463406&d39=&d65=&d66=&apppkg=&cd1=sp_rVSSRN5u&cd2=Desktop&cd3=pitc&cd4=aef0aaac-6a49-4eea-82f3-77170f89f8fb&cd5=Zu8i20yajIm50OMDfu-wZPJ3lca-iAkOI6kRiw336B_1XzN_KgRxaIU5cHHzw5BU&cd6=stable&cd7=row1-column1&cd9=1049447&cd10=v21.10.4&cd12=false&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.190.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-190-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 18:57:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 s2s Show response
s2s.aniview.com/api/adserver/ 1 B
362 B 619ms
619ms Fetch
text/plain 52.21.27.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.aniview.com/api/adserver/s2s?auc_id=20eb871371a00cac62414113629cdcb1&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1671476217365-980691146417-007219-002-005904&AV_CDIM1=sp_rVSSRN5u&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=aef0aaac-6a49-4eea-82f3-77170f89f8fb&AV_CDIM5=Zu8i20yajIm50OMDfu-wZPJ3lca-iAkOI6kRiw336B_1XzN_KgRxaIU5cHHzw5BU&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM9=1049447&AV_CDIM10=v21.10.4&AV_CDIM12=false&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_bsinqXFT%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f32b7c30da21b38b02cac99&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=9to5google.com&AV_DADPOS=3&d36=6.2.68&responsive=1&sver=3&avtoken=216982&omv=1.0.1&clsid=e966c115-23a9-4b82-9c0d-4847eb8bab7a&rando=20&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1476222183&wfc=1&tgt=0&&AV_VI=0&AV_VID=3249.28125&d4=4&d5=5
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.27.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-27-111.compute-1.amazonaws.com
Software: /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 18:57:02 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 08 Dec 2022 05:10:22 GMT

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
508 B 127ms
127ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2267b7e4aa9ad4325%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261af2caab2fdc33999410104%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2268c8592e991ae72%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22bd6ffd28-051f-4698-b9e5-0fed40055eed%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.98%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a7e2d69b50eb4b14377ba2a353a597ddecd8df4d04360cf15db16b9a005db9

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL%2FzrClkh2%2BvLiGEAqXEMrgMJ880C%2BfYlrQrouX%2BTckjkZTYWhOx8h1slRaRc12yFOj0GqAwsQ%2BguRW%2BSudpNp0uN%2B8hI0U9rWg0TAHJEyP5RzAHl2LHLO2594rAbRFzQbz428wN"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94bad99231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
501 B 181ms
180ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2269dc564f47d7e95%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262022abd388aac14502b5b97%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2270478c1ea706ea9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22347c780d-f333-4d32-a163-c07770d00deb%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.41%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c5923d1d5fe2c8b6592c4d0e734f4800e4c8acb99adccaf2060b19c686bc31

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpSQr8VhZogvXV8eGABJoPvxfxVbxS9869vvWXdqroDMtM34IZaQ41CsvLS70QE44nF%2BhUxT0zPP9SFt2q4weoCxW12Mn5kbWGNmGrGfdPLwEuvg2tY7hljwrGXh3Ko9E%2BXE7Km7"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94badb9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
505 B 70ms
69ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227108e99926670a7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2262665c8e7cc7ac7b6f3fa53b%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2272cd2daf04901e6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22780f3298-fb56-416a-8a9e-0461e1419386%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.16%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4783bb291ee52eb4efdd7279b4a91d2d99d41caf0aa62b3d1c7d3537dc2470b4

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XCZGPS%2F1QoQ%2B3Pta0VBb8PcAtxjIky5xmvSJRKnXj4XnqI0H0rJ0qaIX0XTKcCEX8A%2BA9XoBGldb9kK1jX7soKPGdg4Y7MiY5iCD4ajNAqilZHA%2FebAg38j1oVvnOZ4B3CRnb%2BM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94bae49231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
504 B 96ms
95ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22733926d7f9c5061%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22621cbc925cb35e2b626070a5%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22743cc729919856c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%228a21901a-3a3e-40fe-a59e-8439324e6cf4%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.45%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea419ce668accca747cec7e6a66d382f828e8f6fe691873150b8855d8c9295ff

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvFAQEJQJhKqWx3uOys9ABgHtQWGFA%2F0tIBjl%2B1q7fXId5cmsHh97BN5sDxnJ2QoCdVDjatatI0yeVc%2BF2Sq44hnVBy0sBDZD%2F%2FhtlVIllfjSxU0k0jnSp4WwLKEgaxeCUZ7iJec"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94baf29231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
505 B 74ms
74ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%227513c0542c43517%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261b73bd076b7bf32f6222ac4%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2276cd27adc4418ff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22d01da8c6-317c-47fe-8995-21816f71569b%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.24%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b11dc93dede9a0436e6f0ae2b46874d69bae960b5592e3933b3b49691657497

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4TpywM27nLWQd4ygJRZmgekOIwyrb3dhPzEUP%2Bl2Wdh2NJt8Ky8R6OaKQ6ITC0t4bSJzu9AmHTLXASyh%2FEQUi45aNAWOLy6btYyRI%2BuyIx%2BCqzwn0FeBVov7SYMtBOUOv6VJgbU"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94baf79231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
507 B 179ms
179ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2277e468a6751e61b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22613f2594ce69844cf5275d9c%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2278ce85c71357381%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%22c09e9821-27a5-4a41-99f3-04204d90f5f6%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.7%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e35bf0cc31e2e9ceb070410edcff9d4229a0fc4152219b03a095ab47401b5f

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntEXyNSZzD%2Fp4r4%2BxsmvjdX90uD0%2BbHGyccSzWXOOE3gYLfLtdCXp5%2F5xNn99zNgqA8yyzcdyh2xLfOt1TWJoieyLpLg3VzoJ%2FbF0Wc2e86%2BD0LQdQ9%2Fa4YEKHtSU2bCOl4L2IEy"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94baf89231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
500 B 71ms
71ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2279586159029b0ab%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%2261d43e8d8f166e7a740fc074%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2280a075fa6d225e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%224c917c00-659d-49f3-b52d-9a003deb8d44%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66948efdc54b93101650b88ceb08104624b6ec821ddc7083d0b7487800237f9

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkHwRecx4yXMotAMw27cdiYWHjbsLcU01sUS%2BskaOstrenA5ulD2vjMTWkebI9Hl4bjMyKYP2Mc%2FQZ%2BhHdSQCjrV52Exipxqgt1DS9uGcOono1rJEiXZrpDz3GcBtucNojzjUnpS"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94bafa9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
507 B 92ms
92ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%228163be5937550cf%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22page%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.12.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F%22%2C%22tmax%22%3A8000%2C%22syncsPerBidder%22%3A5%2C%22adunitcode%22%3A%22611b4d25ee6aae31897baf0e%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22825d31893df4973%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22tid%22%3A%2243009e7e-b63c-40fe-b7c3-673859ad83ab%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C300%5D%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%2C%22bidfloor%22%3A2.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_bsinqXFT%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2242435e2a-e7ec-4297-99c3-529bef6785ad%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2353972d0259a2a86f0ea4aeb7281e8acb1bf3bb7035e50e35b19ad97892bfe3

Request headers

Referer: https://9to5google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 18:57:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK3%2FDl9pioejLMU5TaQU6%2BsxkryZIYwD9b8%2FWIPlXEt8t3rJ%2FYx9cbiew6x3y7Coj4ixU7V9UCy7SQYtByM8G%2B8pGr8NalfhU8WHA4k7%2FijFmPAha5PsQe%2BEU2TLUJIQdmr4Qw2E"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://9to5google.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77c25c94bafb9231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBNod5DFB477-DrkiJHuuq0&google_cver=1&google_push=AavPq0ODrJT78h7wpwHfq_Tyx_eVJPvUcFHjzEyMN5X4GjW3rW1yZ0yLrZfsuHuUnR2OmBn8QpTRKEHc8V-oBflgp7wYXpiRh5FS_d4

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1432

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

134 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.9to5google.com/	1970-01-20 17:53:56	Name: _ga_D2FJXCHD85 Value: GS1.1.1671476215.1.0.1671476215.0.0.0
.spot.im/	1970-01-20 17:03:32	Name: device_uuid Value: b114f83e-33c7-49e3-9cc9-0035b321c567
.google.com/	1970-01-20 12:41:27	Name: NID Value: 511=Pu5V0rhWnxVcKp72PFcbg2MjEfS2L3k9h46qKGDe1Dpy7JW2VbQPlxsHlsvbNlvwrCNK2DBVqOsrfMULZmhjS2d-MfZhYtiP53dbdxFKBR4zuRq7mIGN4oN-Jatt1HKSNoS_NzV0ANpuQH3yybkTKjiBNJyglPAK0It0oYz7kkk
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: oMrCFzVDAas
.youtube.com/	1970-01-20 12:37:08	Name: VISITOR_INFO1_LIVE Value: J5Rls0eckos
.9to5google.com/	1970-01-20 08:17:59	Name: AMP_TOKEN Value: %24NOT_FOUND
.9to5google.com/	1970-01-20 17:53:56	Name: _ga Value: GA1.2.1782646198.1671476215
.9to5google.com/	1970-01-20 08:19:22	Name: _gid Value: GA1.2.599912946.1671476215
.9to5google.com/	1970-01-20 08:17:56	Name: _gat_UA-23224427-1 Value: 1
.9to5google.com/	1970-01-20 17:39:32	Name: __gpi Value: UID=00000b94d14ab11d:T=1671476215:RT=1671476215:S=ALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA
.quantserve.com/	1970-01-20 17:48:10	Name: mc Value: 63a0b3f7-a2604-c4d1b-ba93a
.9to5google.com/	1970-01-20 17:42:25	Name: __qca Value: P0-1745842635-1671476215599
.rubiconproject.com/	1970-01-20 17:03:32	Name: khaos Value: LBV5S65K-1H-COW3
.rubiconproject.com/	1970-01-20 17:03:32	Name: audit Value: 1\|naVuGyos1qpj8DDKjUAV0l4C1LCtWBX9mfsNIvv6Qtrw0zLiRRUt4a5IXk41Y9/J8mYWhplNGgc6zTuUI0RKiSL5hAXvaZVpqBUSU87ej1Y=
9to5google.com/	1970-01-20 08:17:57	Name: _dd_s Value: logs=1&id=4a4b1fbf-46f1-485e-b5cc-bb8aeed08f38&created=1671476215162&expire=1671477116070
.adnxs.com/	1970-01-20 10:27:32	Name: uuid2 Value: 2643881268435628356
.pubmatic.com/	1970-01-20 17:03:32	Name: KADUSERCOOKIE Value: 797F025D-0740-4D6D-854D-989A493E9C38
.casalemedia.com/	1970-01-20 10:27:32	Name: CMPS Value: 5149
.mathtag.com/	1970-01-20 17:43:51	Name: uuid Value: d30663a0-b3f8-4800-8386-c9b16b03db35
.simpli.fi/	1970-01-20 17:04:58	Name: suid Value: 4B2A77DD4C6941AD9F5DA742A6C4963F
.weborama.fr/	1970-01-20 17:43:51	Name: AFFICHE_W Value: YKaNURpRASZg75
.zeotap.com/	1970-01-20 17:03:32	Name: zc Value: 02b1f82b-6411-4d1d-4885-9111a81433ab
.de17a.com/	1970-01-20 16:56:20	Name: guid Value: 1.1265204569685843185
.adform.net/	1970-01-20 09:02:34	Name: C Value: 1
.casalemedia.com/	1970-01-20 17:03:32	Name: CMID Value: Y6Cz.CMpmf-7dqS5gi7HZwAA
.casalemedia.com/	1970-01-20 10:27:32	Name: CMPRO Value: 1189
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_27 Value: 16735-uid:d30663a0-b3f8-4800-8386-c9b16b03db35&KRTB&16736-uid:d30663a0-b3f8-4800-8386-c9b16b03db35&KRTB&23019-uid:d30663a0-b3f8-4800-8386-c9b16b03db35&KRTB&23208-uid:d30663a0-b3f8-4800-8386-c9b16b03db35
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_57 Value: 22776-2643881268435628356&KRTB&23339-2643881268435628356
.adform.net/	1970-01-20 09:44:20	Name: uid Value: 6046524278057156256
.bidswitch.net/	1970-01-20 17:03:32	Name: c Value: 1671476216
.bidswitch.net/	1970-01-20 17:03:32	Name: tuuid_lu Value: 1671476216
.bidswitch.net/	1970-01-20 17:03:32	Name: tuuid Value: 67108a8d-15c7-4030-af8c-e6963664db99
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_391 Value: 22924-8009231631805409972&KRTB&23263-8009231631805409972
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_80 Value: 22987-CAESEKKMce80hgNkOb7h3m0CLAM&KRTB&16514-CAESEKKMce80hgNkOb7h3m0CLAM&KRTB&23025-CAESEKKMce80hgNkOb7h3m0CLAM&KRTB&23386-CAESEKKMce80hgNkOb7h3m0CLAM
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_336 Value: 5844-1265204569685843185
.turn.com/	1970-01-20 12:37:08	Name: uid Value: 2996585902459466121
.9to5google.com/	1970-01-20 17:39:32	Name: __gads Value: ID=39a4ed8be6405e1d-22201bdf21da00a7:T=1671476215:S=ALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q
.doubleclick.net/	1970-01-20 17:39:32	Name: IDE Value: AHWqTUnK3j8x_a4QuxXMw1fYEfBiDVmhbsmxkla2dNSuGjLTyBhXD_8VEXZZ2t2FPUY
.taptapnetworks.com/	1970-01-20 17:03:32	Name: SONATA_ID Value: csonata_e4d78e48-0720-472b-9b41-d81b41cdca43
.9to5google.com/	1970-01-20 08:17:58	Name: spotim_visitId Value: {%22visitId%22:%22b114f83e-33c7-49e3-9cc9-0035b321c567%22%2C%22creationDate%22:%222022-12-19T18:56:55.853Z%22%2C%22duration%22:1}
.creative-serving.com/	1970-01-20 17:39:32	Name: tuuid Value: 1aa6f054-6bb4-49d1-be82-023269d0df33
.creative-serving.com/	1970-01-20 17:39:32	Name: c Value: 1671476216
.creative-serving.com/	1970-01-20 17:39:32	Name: tuuid_lu Value: 1671476216
.yahoo.com/	1970-01-20 17:03:53	Name: A3 Value: d=AQABBPizoGMCENsEgaty4yHu3z2byN85uP0FEgEBAQEFomOqYwAAAAAA_eMAAA&S=AQAAApDXVs3JcEQ8m8T4D6rHiJA
.amazon-adsystem.com/	1970-01-20 17:53:56	Name: ad-privacy Value: 0
.advertising.com/	1970-01-20 17:03:53	Name: A3 Value: d=AQABBPizoGMCEPccXRohciR9YzC0vPErKmYFEgEBAQEFomOqYwAAAAAA_eMAAA&S=AQAAAoGDkut-RfVhQmq7BB3i-zY
.spotxchange.com/	1970-01-20 08:58:15	Name: audience Value: e8e8e712-7fce-11ed-9376-15758c630406
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:03:32	Name: bcookie Value: "v=2&281b1265-e0e9-499f-80c4-8366a55add17"
.linkedin.com/	1970-01-20 12:37:08	Name: li_gc Value: MTswOzE2NzE0NzYyMTY7MjswMjHgnJgOOfk8lgOslR2GByg50VQ2b8fzSri/Ryt8BZyM6A==
.linkedin.com/	1970-01-20 08:19:22	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2895:u=1:x=1:i=1671476216:t=1671562616:v=2:sig=AQF-sh4Heph5anafd6naCnPR13DNfqWz"
.spotim.market/	1970-01-20 09:47:13	Name: vmuid Value: 539fd319b76c4347
.spotim.market/	1970-01-20 09:47:13	Name: a290146 Value: y-1UPkuj1E2uErlz1dhE9fCwtfpPqhVOzy~A
.amazon-adsystem.com/	1970-01-20 12:57:17	Name: ad-id Value: AxGOCXuUWkbTrxZAhU6d4Bg
.spotim.market/	1970-01-20 09:47:13	Name: a301276 Value: e8e8e712-7fce-11ed-9376-15758c630406
9to5google.com/	1970-01-20 09:01:08	Name: _pbjs_userid_consent_data Value: 3524755945110770
.9to5google.com/	1970-01-20 17:03:32	Name: _pubcid Value: 42435e2a-e7ec-4297-99c3-529bef6785ad
.spotim.market/	1970-01-20 09:47:13	Name: a271858 Value: 2643881268435628356
9to5google.com/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1671476217114
.spotim.market/	1970-01-20 09:47:13	Name: a734125 Value: $UID
9to5google.com/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.aaxads.com/	1970-01-20 17:03:32	Name: aax-vsid Value: 3144778175555549000V10
.mathtag.com/	1970-01-20 09:01:08	Name: mt_mop Value: 4:1671476217
.3lift.com/	1970-01-20 10:27:32	Name: tluid Value: 3812859352956891811406
.targeting.unrulymedia.com/	1970-01-20 17:03:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-70ee4464-9a72-4063-99f3-700ac9374a2a-003%22%7D
.everesttech.net/	1970-01-20 17:03:32	Name: everest_g_v2 Value: g_surferid~Y6Cz_QAAANOb-QAp
.9to5google.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .9to5google.com
.9to5google.com/	1970-01-20 17:53:56	Name: _lc2_fpi Value: aba2f3ea9d66--01gmnvy1w0xp2r1vxsc0dqbjx2
.liadm.com/	1970-01-20 17:53:56	Name: lidid Value: 0c20b8df-80a5-47d9-8c86-6839700eec7d
.aniview.com/	1970-01-20 08:19:22	Name: 2_C_200 Value: OPTOUT
sync.aniview.com/	1970-01-20 08:19:22	Name: 2_C_200 Value: OPTOUT
.aniview.com/	1970-01-20 08:46:44	Name: aniC Value: 1671476217365-980691146417-007219-002-005904
.w55c.net/	1970-01-20 17:48:10	Name: wfivefivec Value: NzEKuEUV1P7ljQ5
.w55c.net/	1970-01-20 09:01:08	Name: matchcasale Value: 5
.rfihub.com/	1970-01-20 17:39:32	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjI1MzA2NbU0sBDiM9St0jUp9HMp8C6qKC0CAJASXiclAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjI1MzA2NbU0sBDiM9St0jUp9HMp8C6qKC0CAJASXiclAAAA
.rfihub.com/	1970-01-20 17:39:32	Name: eud Value: H4sIAAAAAAAA__vFyGtoZm5oYm5mZGhhZmoIAFLzCjYQAAAA
.brand-display.com/	1970-01-20 17:53:56	Name: _knxq_ Value: 8bc24229-81b2-99fc-71ca0e82.1671476218.0.1671476218.1671476218
.demdex.net/	1970-01-20 12:37:08	Name: demdex Value: 25853159297653320511538943636152132754
.dpm.demdex.net/	1970-01-20 12:37:08	Name: dpm Value: 25853159297653320511538943636152132754
.company-target.com/	1970-01-20 17:53:56	Name: tuuid Value: a74df47f-af35-4679-9097-47380fbef6bf
.company-target.com/	1970-01-20 17:53:56	Name: tuuid_lu Value: 1671476218
.quantserve.com/	1970-01-20 10:27:32	Name: d Value: ELkBEgHsJ_ijC_vLEA
.analytics.yahoo.com/	1970-01-20 17:03:32	Name: IDSYNC Value: "18wk~28xu:175w~28xu:18z8~28xu"
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_153 Value: 1923-Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC&KRTB&19420-Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC&KRTB&22979-Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC&KRTB&23403-Z8rmCTPK4Q58mLUPYc2qWmWdtlt8m-YAYpjUg0RC
.fiftyt.com/	1970-01-20 17:03:32	Name: fifid Value: 75203a65-816a-4c94-7841-3125396641b8
.fiftyt.com/	1970-01-20 17:03:32	Name: cs Value: MTY3MTQ3NjIxOXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fM5Emumdc4F8uC0DITO02fR8JzyPybIaJtFPL1Nuvb9D
.bidr.io/	1970-01-20 17:46:26	Name: bito Value: AAIcKk7HQWgAAB8fdvDpVw
.bidr.io/	1970-01-20 17:46:26	Name: bitoIsSecure Value: ok
.adfarm1.adition.com/	1970-01-20 10:27:32	Name: UserID1 Value: 7178935696651909271
.onaudience.com/	1970-01-20 17:03:32	Name: cookie Value: 1aec759725ea958a
.onaudience.com/	1970-01-20 08:19:22	Name: done_redirects161 Value: 1
.adsby.bidtheatre.com/	1970-01-20 08:28:01	Name: __kuid Value: 689db0f3-c805-460f-8ef4-94d474eb7efd.440690219
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_1101 Value: 23040-7178935696651909271&KRTB&23278-7178935696651909271&KRTB&23369-7178935696651909271
.fiftyt.com/	1970-01-20 08:28:01	Name: fppm Value: 20221219185659
.semasio.net/	1970-01-20 17:03:32	Name: SEUNCY Value: 99FF49646FCDDF28
.sportradarserving.com/	1970-01-20 17:03:32	Name: zuuid Value: cb87dd3b-3823-4744-b04e-7bd9ca68b798
.sportradarserving.com/	1970-01-20 17:03:32	Name: c Value: 1671476219
.sportradarserving.com/	1970-01-20 17:03:32	Name: zuuid_lu Value: 1671476219
.sportradarserving.com/	1970-01-20 17:03:32	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 17:03:32	Name: zuuid_k_lu Value: 1671476219
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_466 Value: 16530-67108a8d-15c7-4030-af8c-e6963664db99
.smartadserver.com/	1970-01-20 17:48:10	Name: pid Value: 5992295696983674993
.smartadserver.com/	1970-01-20 17:48:10	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:03:32	Name: csync Value: 127:AAIcKk7HQWgAAB8fdvDpVw
sync.srv.stackadapt.com/	1970-01-20 17:03:32	Name: sa-user-id Value: s%3A0-80603431-8664-425e-6613-b2d10d9e1d3a.LvhHaXBoZTCyWqhJU22X27ZoEreZsilt%2FQBharhELLA
.srv.stackadapt.com/	1970-01-20 17:03:32	Name: sa-user-id-v2 Value: s%3AgGA0MYZkQl5mE7LRDZ4dOlFfBSg.MxhnAIGBF7TZ6Bn3P2jELQKSmbCey7m7CS%2FDPXlleT0
.onaudience.com/	1970-01-20 08:19:22	Name: done_redirects104 Value: 1
.audrte.com/	1970-01-20 08:39:32	Name: arcki2 Value: f9hA7jWQ8qBTgWJd9jSSvJ8qQ!20220908!1671476219426!ip#81.95.5.40
.audrte.com/	1970-01-20 08:39:32	Name: arcki2_pubmatic Value: 797F025D-0740-4D6D-854D-989A493E9C38!20220908!1671476219429
.pubmatic.com/	1970-01-20 10:27:32	Name: chkChromeAb67Sec Value: 3
.pubmatic.com/	1970-01-20 10:27:32	Name: DPSync3 Value: 1672617600%3A221_219_241_245_197_201_227_235_226%7C1671494400%3A174
.pubmatic.com/	1970-01-20 10:27:32	Name: SyncRTB3 Value: 1672617600%3A54_13_22_99_176_7_161_165_214_251_234_81_238_88_8_21_233_220_55_56_243_254_3_71_166_204%7C1672704000%3A35%7C1672012800%3A223_15_2%7C1672272000%3A63%7C1676592000%3A69%7C1674000000%3A203
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_218 Value: 4056-Y6Cz_QAAANOb-QAp&KRTB&22978-Y6Cz_QAAANOb-QAp&KRTB&23194-Y6Cz_QAAANOb-QAp&KRTB&23209-Y6Cz_QAAANOb-QAp
.1rx.io/	1970-01-20 17:03:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-70ee4464-9a72-4063-99f3-700ac9374a2a-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_22 Value: 14911-2996585902459466121&KRTB&23150-2996585902459466121
9to5google.com/	1970-01-20 08:17:59	Name: _lr_retry_request Value: true
9to5google.com/	1970-01-20 09:01:08	Name: _lr_env_src_ats Value: false
.ctnsnet.com/	1970-01-20 17:03:32	Name: cid_37f80fdb254c47cca8a6961ec1ccb078 Value: 1
ads.playground.xyz/	1970-01-20 08:27:24	Name: connect.sid Value: s%3AhzhPgrJhnvF6HDUGLQZdeGV7jhogIaaD.k%2F6DwWjkuJX%2B4UFacR9Mx%2BM9q0zRNw4Y1WE404fqNRo
9to5google.com/	1970-01-20 09:44:20	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-19T18%3A56%3A59%22%7D
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4cf51b5365c48294
.onaudience.com/	1970-01-20 08:19:22	Name: done_redirects200 Value: 1
.spotim.market/	1970-01-20 09:47:13	Name: a281178 Value: 797F025D-0740-4D6D-854D-989A493E9C38
.pubmatic.com/	1970-01-20 09:01:08	Name: KRTBCOOKIE_699 Value: 22727-AAIcKk7HQWgAAB8fdvDpVw
.pubmatic.com/	1970-01-20 09:01:08	Name: PugT Value: 1671476218
.csync.loopme.me/	1970-01-20 10:27:32	Name: viewer_token Value: a2d4d35f-ac10-403a-a367-2ea8065e8f9c
.tribalfusion.com/	1970-01-20 10:27:32	Name: ANON_ID Value: acnseFr2PKcFuYnRYa715ATa6mSZdrPQv83eHlVZdaLn18Ag1oyL5blsZcB2OZdtOUcYZceDkQ03vocPZcvyMhTwxN
.9to5google.com/	1970-01-20 17:39:32	Name: cto_bundle Value: ubjdaF9wT0dTa3dweDh0OWNGOGJsTjFGWGpLMldFN3ZtN2glMkYxNHVXcDVKM243bzJod1NkRGExN0Jhck5RQ3Rma1kzcFNodEVzTUdHU2ZyTk00UHVmbWRqeFElMkJNS3pNbjkyODh4c1FPVWlzZU1OWnY1a2UyV05wa01Mb05xSFVRTVpmU0w
.9to5google.com/	1970-01-20 17:39:32	Name: cto_bidid Value: w26UB191NmZqWCUyRkxiSlNqZGp5dEV1NFpRbUhaQ04zJTJCRExWOU5zRmw2N0VPUzMlMkJHeEhjeiUyRm1aZmNTanBDTXF6dmVFM1VKNU5CS3g1Ymk1ZHVTMmVXb2hCWTFRJTNEJTNE
.9to5google.com/	1970-01-20 08:17:59	Name: __li_idex_cache Value: %7B%22unifiedId%22%3A%22TuFIiNpIrnK3O5avRRf6Z_JtB6rH-lV7rmr8GA%22%7D
9to5google.com/	1970-01-20 08:19:22	Name: pbjs_li_nonid Value: %7B%22unifiedId%22%3A%22TuFIiNpIrnK3O5avRRf6Z_JtB6rH-lV7rmr8GA%22%7D
.casalemedia.com/	1970-01-20 10:27:32	Name: CMTS Value: 5226
.pubmatic.com/	1970-01-20 09:01:08	Name: SPugT Value: 1671476221

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/ Message: Refused to execute script from 'https://api.viglink.com/api/sync.js?key=b8f771eed689587b82c4635131ce08d7' because its MIME type ('image/gif') is not executable.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=797F025D-0740-4D6D-854D-989A493E9C38&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4710874666031648&output=html&h=280&adk=3246872700&adf=2913659956&pi=t.aa~a.1369546210~i.21~rp.4&w=750&fwrn=4&fwrnh=100&lmt=1671476215&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3885959115&ad_type=text_image&format=750x280&url=https%3A%2F%2F9to5google.com%2F2022%2F12%2F09%2F2022-world-cup-quarter-finals%2F&fwr=0&pra=3&rh=188&rw=750&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671476215916&bpp=1&bdt=1340&idt=1&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D39a4ed8be6405e1d-22201bdf21da00a7%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MY0uziVsRm9b5yY7_dRkeLT53gN-Q&gpic=UID%3D00000b94d14ab11d%3AT%3D1671476215%3ART%3D1671476215%3AS%3DALNI_MYDpabhAK3U3qcnv0XDMSpT1lVyzA&prev_fmts=0x0%2C336x280&nras=2&correlator=692912416232&frm=20&pv=1&ga_vid=1782646198.1671476215&ga_sid=1671476216&ga_hid=784651585&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774648%2C44774652%2C44777948%2C44780792%2C31071010&oid=2&pvsid=3125609526377573&tmod=1125352482&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3q7K3fwCFZ&p=https%3A//9to5google.com&dtd=6 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://di.rlcdn.com/710530.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBNod5DFB477-DrkiJHuuq0&google_cver=1&google_push=AavPq0ODrJT78h7wpwHfq_Tyx_eVJPvUcFHjzEyMN5X4GjW3rW1yZ0yLrZfsuHuUnR2OmBn8QpTRKEHc8V-oBflgp7wYXpiRh5FS_d4 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:689db0f3-c805-460f-8ef4-94d474eb7efd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=gGA0MYZkQl5mE7LRDZ4dOlFfBSg Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1aec759725ea958a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2643881268435628356 Message: Failed to load resource: the server responded with a status of 502 ()
javascript	error	URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1432' from origin 'https://9to5google.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1432 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbgnjTVRTXVngRVSg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/ Message: The resource https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://9to5google.com/2022/12/09/2022-world-cup-quarter-finals/ Message: The resource https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

46d6752f02cf0d7809a59939cffd9482.safeframe.googlesyndication.com
9to5google.com
9to5mac-com.videoplayerhub.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aa16f05329bdc11f08a3f38a1ab61597.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
api-2-0.spot.im
api.btloader.com
api.rlcdn.com
api.viglink.com
aud.pubmatic.com
bh.contextweb.com
btloader.com
c.aaxads.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.indexww.com
cdn.viglink.com
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
contributor.google.com
core.iprom.net
cr.frontend.weborama.fr
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
d.adroll.com
d5p.de17a.com
dclk-match.dotomi.com
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
ghb.spotim.market
go1.aniview.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
gu.dyntrk.com
gum.criteo.com
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
i0.wp.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jnn-pa.googleapis.com
js-sec.indexww.com
l3.aaxads.com
launcher.spot.im
lexicon.33across.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
nineto5mac-d.openx.net
p.deliveryapis.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.media.net
publisher-assets.spot.im
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rr1---sn-4g5lzne6.googlevideo.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
rules.quantcount.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s2s.aniview.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.criteo.net
static.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.pubmatic.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
api.rlcdn.com
cm-supply-web.gammaplatform.com
googlecm.hit.gemius.pl
104.18.33.19
104.18.36.94
104.96.145.101
104.96.145.246
104.96.148.107
13.32.110.23
13.32.27.61
13.32.28.197
130.211.23.194
135.125.160.160
141.226.228.48
141.94.171.212
141.94.171.215
141.95.171.142
142.251.208.166
142.251.208.98
143.204.215.65
15.197.193.217
151.101.129.108
151.101.130.49
162.19.138.120
162.55.120.196
172.64.151.162
172.64.154.237
178.250.0.157
178.250.0.160
178.250.0.163
178.62.202.251
18.156.195.47
18.193.42.231
18.194.148.191
185.183.112.155
185.29.132.241
185.64.189.110
185.64.189.229
185.64.190.77
185.64.190.78
185.64.190.80
185.64.190.82
185.80.39.216
185.86.137.107
185.86.137.131
185.94.180.125
192.0.66.2
192.0.76.3
192.0.77.2
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.20
2.18.233.180
2.18.235.93
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.165
213.19.147.45
2600:1901:0:8344::
2600:1f18:730:b130:806:7e95:75ec:c485
2600:9000:206e:ac00:6:44e3:f8c0:93a1
2600:9000:206f:1e00:4:b37b:9440:93a1
2600:9000:211e:3e00:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::6816:37e8
2606:4700:10::ac43:db6
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700::6811:190e
2606:4700::6812:18ad
2607:f8b0:4009:808::2003
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:12::6
2a00:1450:4001:802::200a
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:831::200e
2a00:1450:400d:802::2002
2a00:1450:400d:803::2002
2a00:1450:400d:803::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:807::2006
2a00:1450:400d:808::2002
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2003
2a02:2638:1::17
2a02:2638:1::2
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a02:26f0:f700:2a0::2c79
2a02:fa8:8806:13::1460
2a02:fa8:8806:20::2010
2a04:fa87:fffe::c000:4902
2a05:d018:cc3:fe04:5f8e:ccc2:48ed:ad64
2a05:d018:d29:3605:34b4:e687:cbf8:5ec7
2a0c:5c81:5142::2
3.122.156.110
3.123.145.89
3.126.56.137
3.212.83.154
3.224.190.254
3.248.100.224
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.111.151.213
34.248.40.66
34.252.235.208
34.95.81.168
34.96.71.22
35.157.129.66
35.186.193.173
35.201.96.126
35.204.74.118
35.214.223.115
35.227.252.103
35.244.159.8
35.244.174.68
37.157.2.234
37.252.171.21
37.252.173.215
44.194.228.115
45.133.44.3
45.133.44.4
52.21.27.111
52.210.121.7
52.45.81.218
52.46.155.104
52.58.96.67
52.95.118.179
54.146.241.124
54.158.226.104
54.161.158.114
54.194.92.99
54.197.177.246
54.78.254.47
62.149.1.122
65.9.66.106
65.9.66.122
69.173.144.138
69.173.151.100
72.251.245.179
76.223.111.18
77.243.60.138
85.114.159.118
92.123.38.97
98.98.134.242
99.86.240.27
99.86.3.236
99.86.4.104
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00195eb5fe46ae87b04ad439e037289454b69bf24fab633e82e478d836888e90
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
022f474afc5749850b98dd19ed71a3ef48a8ac19a0bed7dff972fd611d6b23fe
02fa51ae3684650f73406ab7ccab3f68dde97fc5340e74327f7a047229489fac
052de6675c51ba85ae7e985de0fa1b3de9bfed30ab5f50ed1b694f1b62b2928f
057daeea915c185d5bf4bf5a6ed18aa726b60fffea4c26803a620204036fc9c2
05dc659b045b32e688da4232ad871d9327755827b0b83369ccac180afaa63e44
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0705e68b0d683a47860f704a7f77ad5270c61e6d8295b9867fd72c872453833d
0734e9fe7121bd18311c3ddb043e04f12655cfcf065e7a8f3d29e11c93c68044
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086142ce519bef56a9e6f1eb072c674727ff0bf0518eedc3dd85ffc796d82dff
093c3668b2e402b8513f0b04fafb4a325f73b357650206b7dd5e6ea11bd2f3fb
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099f7bd7eeecadbaac06271857ca7ed29a0c4ab338b7ec6bc89170c506f4629d
0a53ad55eca8d1bcd170c86140ad5d07d1403402df8fb0d3c24aaacc2eb10036
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
10f642b5667ec3127d88832e2d0fafb68d1315f799cb2069786e440d5f66206c
1156f689ab71b8caaeee48f1cbd51a0cd23b09971245125bb1682c25747740c8
11a3e2f84a2f9d98bfc3a089636bc2740572f27b94ef649b6a56c6432ba5af95
12c5923d1d5fe2c8b6592c4d0e734f4800e4c8acb99adccaf2060b19c686bc31
13d1d1fd738f5740abba37af0d3a68cbb396d92e8a97183da745b6434aa1de9a
13f8cd8875ae6aaee24c8be69c7ace951a9a6cf798747b8db1ff5ce31d5f4acc
16e6d2378047a3e52af85af5430cf58aa90836de14c81087771f109a1832bef1
1827eefb3df44cc5e7eebca0a9ab007c087d448dd622f0e4f6a5a70ef27c785d
185b37f6935a30be6a5e613ef0f18ca43622a0a62964e1ed88f8bd96c03830d6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1c524efaad9ef1e6774ed9f7189d0d7144cb74815e4c6e0f0627b18292080249
1dbb3a32e5b356a89348fe8b50dbb0f484a699821c4389976691ad35871dece4
1deaa03f122134171a83e1be4317c847d083806c424b5f431ff0b1c3bb651bd6
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
22f94469410a9f035f259f0fa95578f7e0a7dcd61dc4ecc5162c8d4fa49a1c84
22ffdb2b670d856226767fef2e6d1d1f24bb9836dd65978e4e9211da71b712ac
2353972d0259a2a86f0ea4aeb7281e8acb1bf3bb7035e50e35b19ad97892bfe3
24be83472f025beded1a306b917fe52413d385738ff3686b40698f3fdefa3f7e
255eef079d3f18e253c2b3288b4ed0d621b1266c2845679b66af9db6d8faea2e
2857b1ac3290321bdd92944048f127e9697e92fe815ae8a17016a623b1e09ce8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c81eeebe62ab826bea0b7d48fa8100f728be6a6240f5107f3787fb34f96aff5
2d0adf5f31150fd7f141c97336ad18628e5f9f3350a6a6c01af87b0a4c0e783b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4d08fe871a7738aa3b3dcb95cfbd0e071765fcc681d17e37f12cd34b443066
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30073b8873bc4a03e3678ad656f5a575250f3513bdb2034b391d49cca0d03440
3104826c0db9cba87eb425f81a5c3e8b40c6784d52682df5d55a98fa53840b17
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323e0c491df87a2b5f9c11fc68992cd255819d707fdcf0c37b5b99b0f7ead11c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372fc730e05b0b6d815d9e5dfae29102d1eced70f30f8805644e8c97ad8332e9
37a800bf7cfda7588e2d385835479d7ef800631192fcdc22196573defb61a7a1
388864da8dde27c2e8aebde83be013bee89a44ea1f05e29d4156e0c16a403f6a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e80d36d103021453278832a727ab4a229bd348d51adb2ced472f399e248f0da
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef61c2b1dfe2fcd85125254cd1180da2cb931c64032cf10ddc436f465df7b5c
3fb06a148d46826d0c231300157e57ec020b1e144b4f1a81554bc4d20aaf0cd3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43461d0b3aef6325ea092c91fe40a03446f7e877ba5c3eeeae1d775e000bb14a
442d89f52e547c09e65138356e0500d4d34f44d43177425ba08050c0f32bd011
4445174b6d9dfb51e469da8db29f55a2fd80bba7440505e398cb8f874202d3af
44d7102208de8853eab9141b1bf92c3ed7f47a8c23e53313543c7a66cd501b37
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4783bb291ee52eb4efdd7279b4a91d2d99d41caf0aa62b3d1c7d3537dc2470b4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49696511cdc1361df143386251f44d901bda2168e801b6eae522cd16f614d416
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
499ce9c057786f40c6af08d066165b1aecdcd5fe7959a98247d0b13726a3c4bf
4a6a18c6f5c877d4a4116ee7e9bbaef513c36004c3527f7c16cb995d06e869a4
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b23bd7d81f3fd69f8035ace07ed9633ce15f6fc12cad8999f8e7411f5192aeb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
509e5acf0b7b0ec6f47344db8156e6a61efc34e1c52e6c8908495e086615003b
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
51e8aee9d4eb904809e88e482ec260b16105cd6bab430b904ccbaa6dae278caf
52c82887444037da4a67c05ffab5174a10b01fe0a99b10862863f455cc8dc689
531586009bb97adc59ab2f102f6a0a5c4afe07b24eb52495fb53009796f0ac40
532aa449facfa11f75e5f6752b222ec103a49cf14cc02767a9756da24a269c9b
553ec4d5a194917632fa9ff1cd9838f4858e52b95c136310a915ed088996e2ff
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c78ea24a54d81cd6af405447977e90b5dee6e0a862c1af9d79cd35c7f3c420
58d1b38116cea1334ab5be9693a5b51996a550e5a63e5d974a34d7f90aee60f3
59a7e2d69b50eb4b14377ba2a353a597ddecd8df4d04360cf15db16b9a005db9
59b4588816ca9e84d8033925306d2f62e55a2e9e3ca96352256c82aa06f825cd
5a59b0141b6e767c230bac6893897f14e56fc1567b6faf3972eee87fb1b62a5a
5a8a4d1e289122d059474c4f5ddde656a8d7dd19bda5cc4643ef1ab8df573377
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5cc630686190c6b0588372183c91c0981c79bfdbe03d7e019f581da24c48cedf
5e31d3f038dd3a316461bcbf6f70ccc72575854f03f3c7cff2dd16dc2555754c
5f01e094583330707a4ea2c70fea7dcbc47b34c6b4417682300e529c2bdd0bcf
60d62a11db780ace791f6a01f834ec49b68b7811bd11a4ea3170dc738c3a483c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62091fc4af4136584b36e164aceba3e122de5b945496a013ef4a835cdccb34b9
62d7063193d6e769104780b14db028cc0a725a4e074ffd59711fcd054c800795
648c11cf4f2c07dcf135d9f452ad326c14c9369c6b25c8ab5383832e2cae14f5
6577de6e53d5c8ca68b7a470f32cb118dcfcfdd82140c253d5dd93796f082cc1
660c21b5a53adcf2846c16bac3e07831e9e931d89049d7c67ff308b25a5f1dd5
68bc02200d961f58251a580c6935e70eba6bbb9369055b1bd5a2764e4c3dfefa
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c43edec8d8e4c1dc0fd7a49bc480082390ad590dd9d5ff510980ae328c9b8e0
6cb4e5459b8592b083b9ad65323531f8bef596f9f1175adfd98c8bcdb05f91b7
6dde32d48986e80246d0ac0361921724a44b53c5225d8e49672c9296c747770a
6f77070444ce219494c5e549bb1e20fee019d4e5acafa577ca417787eff34649
6f9eff12f189b8028b34b719fd3537f6dba53184404bda65358122a394920458
70ddde9e03f55bdab6572946824cebf3b3896c80c82aee7e83155cb3f5f83662
724d61fa7d340da039b94c78c4ec5c27ac64a3f66f91e9ffbb237dccf3f42e3d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
737ceee65416e47d5edb3665cd3f2c89716a689ea2a53ce59d334a2a9191c3bc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75c5bd403aac884c7685c1f3f4b7d362320067f6b383b229481cf4d5f7ef8835
7615d2774c449667a6727f21c5df0adafcde9abbe765c09c8b81a452feae7e63
765e0bb62417129ff90c7048b4c8020f8080b29a40b8ad0ce955343dca7f50a4
769317f76d7d2670d9445ac516c6888967c310c6c4df441799946b37bf8d8af8
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a8908db9d761ede163b76f88fe9bf855a1b8fd41d6b2e52c49fa06714d5e2f1
7b11dc93dede9a0436e6f0ae2b46874d69bae960b5592e3933b3b49691657497
7e396c27e109d0ac08f33cd93ddad8519ba391dfd27cf9a9adc4f25fd2217b5b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80bc818ec50809bc30e39f4944bc7b4919371a2bb49babb6f9a803bf1d52656d
81846283708bfe69391f17ba3ffc86bf9d4cdbc2d02eb03db083952774c64a6c
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
82b1fe9413b663c4608244059fe3754f1681542744a54b14fd7f7c177ceeee5a
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fd94a7ade6adc0908b9b7f7c7b655c6ff76d943dea4bf65f74e1f76d467fea
85602b70e23359518c1d7e3bccde2e57f322ed7f389bf6a0c2f3f49bd02d34ed
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86e35bf0cc31e2e9ceb070410edcff9d4229a0fc4152219b03a095ab47401b5f
87d200b2913e86f1402caa9485683207064daaa4ffa44edc2e91f9164e04fa38
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a15dcf6a50f8c291115ab007e9192b9e15a5c194ba622bcde312f51a9756460
8a43ddd1656b28d29f6e08b72f8d71a54a3e346074c31c51637a2839b9a7ff2f
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b2f7b6966578c6f9e6234354d01dc2c54a215f8f0ce04f5d634aa963e4029bf
8c960b90a9b3bce2ca7ad74bef03b443732b397b256f8ef06469b985bfefd39f
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ddb14498375f7b2767fb7a0b0496c4279c592c02fcaa63154719108e694330a
8e914d90858b126945053136c058591e9e5b490ba54177cbc142e29ecf1d00dc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90e36c99f5773f541d8fc4879537eca2e040ebcc8b0540ea0f3768177caa2e76
931a326c09ece4c8726bf39773676815174a122528e46ec4d4f118b56e71fd5b
96f3b885965ded818806762fde9e7a2dba777005f479d30a6496af7aebbd5ea5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f51c41074bf07018722eb632c37c4109c784b2bb01838e6ab05b0ab14fbae10
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a069da4929aa7b5ba51de3d311bea24eaeb2f71114fc677f3e1a67fc277afffe
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f238508e429d2c6fd2e29980d33924c5b847ad33506a1e939e65d96a7350db
a112b76726af34d0bfc2fecbf892974d1a3ebf180089be3dd747fc17d3c1cede
a1e8cba23260ece864ced2baca8ff08eaf2f6273edd42da74e832236c8b6d0bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a782395ad2b773815f8a537f9596ba274fe0b01b2d69b5d8506643bbccb2899d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a852da08427e4508497c2ed1592238052cd7329c11e387df8d904cd9697c5741
a856923772aadb9b8bcc1a9efae33f34f0f4ac5af406847640b444fd507b1e47
a94c9b495cb39335b35fa79e8c852ef925530b758db9f328a16a463642f7fc2c
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
aaee6e8c2b17d5f584011496de9b66442c3699a0785a1cbf20be4eb356c44533
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b23e8e54254c0bc8a3086123a3ae013fb635dfd15aa401b0b98cbf26453416bf
b395a9adbc18174a906ebe2c585487fc17c24c5a6976b8f4e1b67cc7cb0ba804
b403a97e1b356bb064df8921f6fb8fadb6b18e5e110804297d3e6032521c62a3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6a0e8bf3be339246ac7d2b01da5e5d0560fff4b463553fe0cc88f87a35203ea
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
b7fde72282a5b31f6721254d8787483ebd646fdd6aa184065e589a4237e5f387
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bba9dcefe6101007bf3517f82ac805d93f76e4cde35a5d04285294323e34b051
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bfafaf0be63d56933d0694eeb233e016fea1e4e8203986e1ce1197362ae18866
c199b62659d7f0eae6956e7e54adc948aebd0119301ee16410f31459a268bff1
c1bc98f188a5797fcbe67ffd72028347b81fb7cafca30994789f953694e81c9e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c231bfcfd68264a6eaa590be714304b7fa852de588ebf09cd5892f1845f5c740
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c5ba4a8718a66639260ed764a4861c99084dfbbe0a7825307b380c9b30976e8e
c5cc52d99c74b24224b35597ed008cc8ce91b47eeb5cdffec43205369c328dad
c5d78559de14fe99dcc19f7956aa6c5df0bca980a80aaeec7354dd50576f7fde
c60234a3d04de673f567614f88e76111211bfd92d3df4c1e5c53ae419c4f8200
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c821ce1c6c194ff2cf6498331ff5458b5ccafba1fd7321851214f2c238660b52
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5a31ede3d5ef9e6dfb31906ae6d185de38cdc462b19d9a24ae15a011cc0c52
cac5619894ce76a4a4d1629aa5a5599681ae3265207f961d79d1d41698e45af3
cb03fcc9956e8131df0a0a936e702552d0be3539e1a2abbdb999d20a72de57f8
cbcbde4da7db491bf0a268ee577af9f4d5520eaa047d9e87949ad9d4c0a51eab
cc56fbea81f9a8ccb09b8b2daa8017131c29e2746e4a23b97724675d6006df6a
cda7f8b67ca2c5680ef4fcce9f0c616f5d987b4025709ce39e5d53d8df271f2b
ce2544234969d896b213fea4a0e1d93c1b6476e45a5a2ae66bdfb47ec2768baf
cf08f887361284848637102fc85270ab87340ffb8314f2a643b55141947726ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d320910eb20c3179d95a6110f64c2eb0c949b1cb0738d841fbe50cf3769aba15
d34c38d26434ae7eb5e6c35db3038c1365c838952713ac97d2f2f1e82f3a8750
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d85a43f2d2cd51faa1171e6cdc1b99bcdd63636b4f8bb99a5f99f781f9c818c9
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d99c54706e25070dbe3551052474c0ea16b30bc5ed0cd908ae0cbbf903723706
daf04cb16deca0e1b85c89da3ca2b7dfd1235f22d4c3dccfcb90907a26716ced
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db0d847bd94776233cd31be2a627088f9b2b86c0f608fceb82f78ae56f07bd86
dc66973e2246a8a2eb8bad0f81f4fe2f19556296a2a7b65b7e183aad5695707a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7f1e75573dc73f2dbf75993922c317f8ef8cd45d78281e0d0f10b9a1174eb6
e05be51aee9ba2945756bab6ffb05cad1900a1441be2506114b7296d60d68e7b
e0c0b644862e8e883e94e2ef5b63fc84891666f4c9977c44718c75a83a179d32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f501e1e9b17aaad04f604fb940061874b03b5d587078ef823890c302dd1902
e24e98a2bcddd626aa2c09bdd60195eadeffa828586c2af865785781a44cda39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ed19d1b3d005a15b43b64d43122d56afd5b4d04f796015c521e711850b420a
e5206328d2cc2308fcaeac42be6ea00a48a1787053f6581b97fffee6182a57f2
e5958b8a9d0305d805f41bae7c315e34e46b76a1bab8f530b5cf9711a6e45862
e617dd94a93607ffbb8b53daab21e48935f78c14d3ff290be6d7ef651220ddca
e63263a867dc7c59ad1b3cf4cc7726f12f3fb7c008e0688ac9924c39da066094
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea419ce668accca747cec7e6a66d382f828e8f6fe691873150b8855d8c9295ff
eababf4afd2924cfc0cba11500343add64fb99525280f5161770771ed7ab25dd
ede13f8d3789f5531e4e0434a57ba6f7b726416233e2ee7588f8f7573847c89d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f26351469868408f8ac342eb48eadc2d597de4d0a2e770129b478a4149452c84
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f66948efdc54b93101650b88ceb08104624b6ec821ddc7083d0b7487800237f9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb05f5554ba786ff7605f6d915dd9d8329f7828a85465c86433fa7e5329cdb84
fc8a74cc1c2bd638de7ac7e7cdb1839c18dd964fedbcf22697b882238245b97a
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
fdae10efea5b8c813a5bc81f17ea34d979d463281128b470f811c0532df8d92b

9to5google.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

480 Requests

84 %HTTPS

33 %IPv6

102 Domains

186 Subdomains

130 IPs

14 Countries

7019 kBTransfer

16533 kBSize

134 Cookies

29 Outgoing links

Redirected requests

480 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

9to5google.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

480
Requests

84 %
HTTPS

33 %
IPv6

102
Domains

186
Subdomains

130
IPs

14
Countries

7019 kB
Transfer

16533 kB
Size

134
Cookies

480 HTTP transactions
14 data transactions