www.upstreamonline.com Open in urlscan Pro
2a02:c0:ac:6:fe::146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://upstreamonline.com/
Effective URL:
https://www.upstreamonline.com/
Submission Tags: tranco_l324
Submission: On November 08 via api (November 8th 2021, 7:50:31 am UTC) from DE — Scanned from DE

Summary HTTP 327 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 31 domains to perform 327 HTTP transactions. The main IP is 2a02:c0:ac:6:fe::146, located in Norway and belongs to REDPILL-LINPRO Redpill Linpro, NO. The main domain is www.upstreamonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 17th 2020. Valid for: 2 years.

This is the only time www.upstreamonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	87.238.33.146 87.238.33.146	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
1	2a02:c0:ac:6:... 2a02:c0:ac:6:fe::146	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
123	40.114.8.249 40.114.8.249	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	46.30.126.165 46.30.126.165	47527 (DLX-AS) (DLX-AS)
1	52.208.127.56 52.208.127.56	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	136.243.25.70 136.243.25.70	24940 (HETZNER-AS) (HETZNER-AS)
8	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 46	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:20:... 2606:4700:20::681a:a13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	34.236.246.67 34.236.246.67	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6811:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.0.16.121 52.0.16.121	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
327	43

2 87.238.33.146 (Oslo, Norway) 2 redirects

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)
PTR: global-prod.nhst.cloud

upstreamonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:c0:ac:6:fe::146 (Norway)

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

www.upstreamonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

123 40.114.8.249 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static-global.nhst.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-global.nhst.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.30.126.165 (Hobro, Denmark)

ASN47527 (DLX-AS, DK)
PTR: www-05.e-pages.dk

www.e-pages.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.127.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cl.k5a.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70a2 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

nhst.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.25.70 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.70.25.243.136.clients.your-server.de

pp.lp4.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4adc (United States)

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a13 (United States)

ASN13335 (CLOUDFLARENET, US)

popup.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.236.246.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-246-67.compute-1.amazonaws.com

services.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.0.16.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-16-121.compute-1.amazonaws.com

messaging.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
123	nhst.tech static-global.nhst.tech images-global.nhst.tech	1 MB
53	googlesyndication.com af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	2 MB
48	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	222 KB
18	googletagservices.com www.googletagservices.com	655 KB
12	google.com 1 redirects adservice.google.com www.google.com	2 KB
12	insurads.com cdn.insurads.com services.insurads.com messaging.insurads.com	49 KB
9	onetrust.com cdn-ukwest.onetrust.com geolocation.onetrust.com	124 KB
8	hubspot.com api.hubspot.com forms.hubspot.com app.hubspot.com track.hubspot.com	8 KB
5	ampproject.org cdn.ampproject.org	103 KB
4	adobedtm.com assets.adobedtm.com	87 KB
3	google.de adservice.google.de www.google.de	1 KB
3	lp4.io pp.lp4.io	38 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	upstreamonline.com 2 redirects upstreamonline.com www.upstreamonline.com	187 KB
2	hubapi.com feedback.hubapi.com	485 B
2	hsappstatic.net static.hsappstatic.net	99 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	wisepops.com loader.wisepops.com popup.wisepops.com	19 KB
2	omtrdc.net nhst.d3.sc.omtrdc.net	793 B
2	k5a.io cl.k5a.io	18 KB
1	hsforms.com forms.hsforms.com	519 B
1	googletagmanager.com www.googletagmanager.com	44 KB
1	usemessages.com js.usemessages.com	21 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hubspotfeedback.com js.hubspotfeedback.com	11 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	demdex.net dpm.demdex.net	1 KB
1	e-pages.dk www.e-pages.dk	14 KB
1	hs-scripts.com js.hs-scripts.com	1 KB
327	31

	Domain	Requested by
106	static-global.nhst.tech	www.upstreamonline.com static-global.nhst.tech
46	securepubads.g.doubleclick.net	2 redirects www.googletagservices.com securepubads.g.doubleclick.net www.upstreamonline.com af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
37	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.upstreamonline.com af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com tpc.googlesyndication.com
18	www.googletagservices.com	static-global.nhst.tech securepubads.g.doubleclick.net af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
17	images-global.nhst.tech	www.upstreamonline.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	www.google.com	1 redirects securepubads.g.doubleclick.net www.upstreamonline.com tpc.googlesyndication.com
8	cdn-ukwest.onetrust.com	www.upstreamonline.com cdn-ukwest.onetrust.com
6	services.insurads.com	cdn.insurads.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	assets.adobedtm.com	www.upstreamonline.com assets.adobedtm.com
3	messaging.insurads.com	cdn.insurads.com
3	cdn.insurads.com	www.googletagmanager.com services.insurads.com
3	api.hubspot.com	js.usemessages.com app.hubspot.com
3	pp.lp4.io	www.upstreamonline.com
2	feedback.hubapi.com	static.hsappstatic.net
2	static.hsappstatic.net	app.hubspot.com
2	track.hubspot.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	nhst.d3.sc.omtrdc.net	assets.adobedtm.com
2	cl.k5a.io	assets.adobedtm.com cl.k5a.io
2	upstreamonline.com	2 redirects
1	googleads.g.doubleclick.net	www.upstreamonline.com
1	app.hubspot.com	js.hubspotfeedback.com
1	www.google.de	www.upstreamonline.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	popup.wisepops.com	loader.wisepops.com
1	forms.hsforms.com	www.upstreamonline.com
1	loader.wisepops.com	www.upstreamonline.com
1	vars.hotjar.com	static.hotjar.com
1	www.googletagmanager.com	www.upstreamonline.com
1	script.hotjar.com	static.hotjar.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	geolocation.onetrust.com	cdn-ukwest.onetrust.com
1	static.hotjar.com	www.upstreamonline.com
1	dpm.demdex.net	assets.adobedtm.com
1	www.e-pages.dk	www.upstreamonline.com
1	js.hs-scripts.com	www.upstreamonline.com
1	www.upstreamonline.com
327	48

This site contains links to these domains. Also see Links.

Domain
www.upstreamonlinecareers.com
eepurl.com
info.upstreamonline.com
services.upstreamonline.com
www.futureenergy.events
upstreamadvertise.com
www.nhst.no
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
privacy.nhst.com
www.nhst.com
www.onetrust.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
*.upstreamonline.com DigiCert SHA2 Secure Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
*.nhst.tech RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-28` - `2022-07-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.e-pages.dk RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-01` - `2022-10-01`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
cl.k5a.io R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.lp4.io Go Daddy Secure Certificate Authority - G2	`2020-12-17` - `2022-01-18`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2021-04-05` - `2022-05-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.upstreamonline.com/
Frame ID: 5EF78CB6ACC7371BFB6B3EF4449B611F
Requests: 196 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 09E8E98F45D5B1891D892F47ED5F7774
Requests: 1 HTTP requests in this frame

Frame: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C620D8521176334868EC029B570F1F1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEtX_1uvMy1gORiX1CMgRwcRUa6_w-0PEJ9Ylop6roncOEWaq-tjqxa2U3AaHdZamMqdR_YzFKhbmKnPlVHi8sYFt5lUac9p5DHZgleOw2REZdztmXpE2LHiIpbhjJW86sdhRiqogB87UVRNJmmPU-fIOcvLhRzpY9J5ZlxLzqO1JGCFS9jw8EqknvQHFDUE0itKHPeeEOoKaUWtLOTdMlnIhHjHqj5vnVOwWUnY7nyw1zUrqT5k0C2NHU7NcVDEWkPf0VBBGEMXxwo6SWGq5iPAX-vK1BQGD8HqdQ7khb5kkgzWvgScKcDEjcaq5PAyljkiqt4VkX_BwjeyDu0L70BGUEatcfPlQ&sai=AMfl-YT0QoQ3FV_bz82pEssHNXs1e9Qo5_2b68AHb9hbw8MmUVllqWpnJZgZzmD2eqopJh9oXGmueX3-PHHNiZl0f60qHZlQ3WBD9NRuZe9uJXWGsekQ79PUgmDojS8LdjFp&sig=Cg0ArKJSzM1M9AmrL9igEAE&uach_m=[UACH]&adurl=
Frame ID: 20FEA86640B25202E0A0B4D8AF365DF0
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ7zSmknp8WbFO7IFxujVEVlf6PAMSK0sUvi6p7DuMsL72wwoaEbFK3jQs70gX14dUc-VyxM5C5D4p7zG8ssn1sULwzWCHHt49cZFEzQlefdlcsWCall952B2vb3_gmDillpN5NSrFJtv6jb08HOXv1dEfAci76qunv05n2mqlY_EwLyU_4DmC3HUDKFabr_6P0cO9VzItqwU80qYiKre8XPbvuom9HXlHkwiAmMbGVmcFmxlWZOLmzzSRshBVD_XlGsZc_3qb6yvnkb_YdP_LNhqWCLLEG8oEeHpr2DbaTuwiCWiUrUSQNx9Z03_fTfZu9ABMOWWbAKe4k3KGUfd1BGKYpw03Dq8&sai=AMfl-YSfGDfgRgrJKipZ58FV7JbZ-iU51T2wVxZT5DkZjenjbLdh5TVuJ8OqsI53GGFNCmELxQITacaE7q8_ChZ5b_oHlWx9kN46lnSIXoti_O3Bk5sgWa9sK3GPSMsrUEnC&sig=Cg0ArKJSzIZ5Yu-4MDhWEAE&uach_m=[UACH]&adurl=
Frame ID: F3B5C415285510BCAF06871EBF9A3412
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyrKYJ6k31MoaD0rjhlMNBLOLULqQ0a88FEXMc3FedtH31PWnB0T68XMOWkVPGA2y-vbnNyw_6p_CZX__sVwKXKeCVqIpHWmQIUS16hKW9a31WZG5EUYPnCkIT1GgcjrgI_4MSMxV__tsHZMUa43CQa1jsfXnSEoQqvjB0K6hnO474xCrkOH4S5BTnKmzYVQj5MwIu3GtRQtO6qx1rPYU9FtDQlJxkc1bAnUNrhyqHmsvtwH8WrUWC_INiezd1Oh_CvnwywnBuF3B_j6bW_VUQ6tOuyUiE8XYN1nDH2wbx_kFA7DImW_fIK6ybXwNQ5wBBhzd1Rqtg59PMIPY-lRSe37HreoTK2Wy7f6_825QGxggxeMsEWiM&sai=AMfl-YQ-ZsUcu0VasG_3jQef9lKlObRfbTXvOv4kal1UaNlAX_QLOeNtfOFrNosKwe1z-3lx1ixfZhGStQg7x0CSUcXOfVF2QocBHMKUaUjxJbtA_qwCVNOn7g1NpI4zglQ&sig=Cg0ArKJSzKdYwOaMTNLvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1D74189982622D9B1F7E25551A4CFB9E
Requests: 6 HTTP requests in this frame

Frame: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 92F343E71C6C5F9CE57BE876A0490FC2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx2oM5VVMlPQJM2n2usMwi-kEyL3-cWxmvi04u29tFBCZ8WxcZiXNEObt3CC1m1ssLT4eKgEyoRGxiFCm9Gz18orulyif4s5d6me2g86ihMWqRDclMSqtH27pNwP46PzcBxPA4OxWm_ALH8U-JqLgYxtu4oJMqmcz9jdQFvifjMLs4z3Vlh6xx1P4vjKanS292ez8UA35zawT3Y6bZZEW3jXm_omVMERJWJQvbq_mO-NaL_ORo_PYGJnsq6sYqewjcWbHPekbt9S59cSXHGA9s-k_djvzjOfuDF7L-iU4Sh7mrmNhG1fH3R2fC0RyYB3K7t98v3xatJxwwiZhHbGWcDg5Xx_Repg&sai=AMfl-YSNIU5D_x_gw4mQoUHbvl9_e-U6_JlZXdibVw_CXh6nsseJavqJ3r1T3DxGnDwulgp_piL9jJ05Ws2oWEmZEwjGLbGJ5-pmTLxeQM-Vn6a-VGLQLk514yPTzOpgEmw&sig=Cg0ArKJSzJtTgp0ObzuAEAE&uach_m=[UACH]&adurl=
Frame ID: ACE10BFC49C112A90C4CE5FC01653BD1
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteNbYxxrqaD4rXgvT_Xpx4UZb9IgEw9JUHEKKR6AABuUSaC0vRFgROzoNAd-dfy57ZszSJQ4XXlQxF2Ui0F3cn1U6aHs8vHxxgBglff8f8ooOHl6kfyI589TOvnUr41UXRhliCfivIkbYcTodBQAf4BN3IYFEmcZ5FwLQSHVqNxpeDHXdgIReZTHN2ztHIJTX2O__errgJxoOVYQmOISoUePmM6KrJ3Dbhqt7HSxv_1c3tEX7sJGPeTwp5DPDkERs5N-76vqL_pz4FFHUjRNLpardDjliRjBNZVsZALx_qVZWsODsLNbb1rGdZaenIy9v87fhiJBWNdR0jvOkez0EbWgyPR4nspcb0nuW02Hf8Crgvy2Dazg&sai=AMfl-YQOHTDzHT1JNYWkLoh7myCmvUmtfAiub6K6YzXcCFr5vGlZxutIJWysblXrXPjFA5cnrT0vUCBkzBJnq5UXadZW4j3wUflWejiVksgspeY5ix1z3GFpA2V_ZpNT6wQ&sig=Cg0ArKJSzJlmPnabr-rKEAE&uach_m=[UACH]&adurl=
Frame ID: FA829A9AC6A5311ED1652AF62BAA0999
Requests: 6 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 8454037C03854883672F1759C20B34B9
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 80487C996AF6B4A6EDA1E001CA25934C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4AD9E6C1E27BCF196EC6369DF67BA75
Requests: 2 HTTP requests in this frame

Frame: https://api.hubspot.com/cors-preflight-iframe/
Frame ID: EE36DC64D24C7A9983115EB09E03F467
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbEXBbPdVx4HYrWd31fG58JpiQjZxZvy6A20ciGi_hPJX9xuvB8dB6KLBS14Vfo_VhHCILBfYlccFnl_Z56suXA_n0BkBldyQWyivNSpAhLyF-8gXSXxo0Yix8uvVXFbBfCgVGZ08wx39HcQy3Atlkovu-VAs0TiNipufpGAmvBHMjNX9hRV8qEwu9QDksLT5H0VY9H5Jq1evInWQJh9HiUb_e_ItF5Q5Mg3N0zU0-jKcYYWxQ3RflQCuc_ZY_dFi7TtmMyr2l5Ye9Uf7KJQ30KJ_SdazfsqbIkgyg-BAeEyBajUyPTK0iT_PZSszeOErope6AhN7dQ8wuA8lkyg6CBf9gSkVhnF8&sig=Cg0ArKJSzM1Yb4_EjAVmEAE&uach_m=[UACH]&adurl=
Frame ID: 84A605B79E0294DA8F12D61D7A33BA3F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCKk7l47q5UlA_yxH0cPg-u2yHIzvO8vqcauz0La8tmDWQKxjQLdEtO_OLUgGKa6MkU12JdfnOAGQJ0k9DaH_QFw-vak7ycSSiKlJaJk4NNJyFNzj_Q9gz951359GViQUfOYaV9Sj2vjvZtC9U2g2WSvej2QXFwVBk-ssMC4AOBcKTKtjHD3nsBvddJrbJS9dkGL53Y7Tmm4eSQIDsieqh3PJEJ3_GI_JXnBhuxUFSPlAJda2apwJ_Gn44KOJ6m2pUC81sFsbGn69L7vRdPMXgqARhcIZtfEHSEZjxdRPsuPnyi64Un7jJjS7duRgTQxePDklovQTV9GVNyriO6YsNZIWYUSl8-ipUGOpAWLj3MbOHKg&sig=Cg0ArKJSzLZzwmO12wMLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8B3A224964120244E6538C09ACC362C6
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssarua_QJq27RNZrj9lcY1V3Lj72DFvC4R6mx7l1ZevFZLvkBiYquYJ2k7e144Lhwve05FiCyVoaPFN1UWCYV6oMtE5LgevHgdNWuzotLNLvTFqijjOPTtSK9zoa-B3AWT4Xj0IH1WGhaEPcmvqmZBuKC8wxA1K2JCZAxLZmGUW-CP6RJ8z4FzrmpFE1b1x0WDLo8zCB6WXlbQXjWZEqVObW5DQO5dzMGXswmgn9Vj3QDpEgbOpeIe5ABw5t477NFF8BBIrpq8NlZIuHrEyJE9wecoXByiinTGGlyAvH-9fkMtiQ1-DfuQd2t8FCrf0kzzygD52mGe-8pEgrOKLmWbuI6kCsKvCqg&sig=Cg0ArKJSzKSmsSYWE2xREAE&uach_m=[UACH]&adurl=
Frame ID: 9C1F8BB10C69113CF3E407F50AFE20A5
Requests: 5 HTTP requests in this frame

Frame: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8C4EA79694933E36C614A6A748BE5B1
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfCjSRZshZszfnD5g8a5lfvm5-8Czr_Xo0wp-qUT6xFcot9tYnMm8U3A0fG4lX_AI7m5vkJPb1jdJfb1d4WbvVd_FROe2fkHJCzi0lANbFeFMPDUL37OyDMwxsxdVq_lmqUVzUOyXK_JylS2ocmk5C_e1rXR6wDwo-XJaCQ24AaoCI-t1Yi2pA4LvbO3AZNdIKjaG7lj7hM_UuWsw49e_Cxeypa6G0na4ZJ0Zk2Oc3cZ57EuObN1T5o1oXmZtdabC1hzCZCHhrMi1XsSkxHj1bpG-UM3gH9dIFqOLwCuHBt36mcaHhesTggw0WnKtFP2bbDewqA3xocc6tvL_OT3GK2oNNTYGb2_33yUjZI9gP2-DGM38Fdg&sig=Cg0ArKJSzBCNlOH1_jISEAE&uach_m=[UACH]&adurl=
Frame ID: 2D12CF9A5603A52AE61191C65B39768E
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2lnRaSvHf5D9NjDG-pFDM75BA4rL6xfJVr8qQD8Y4oCb8HAaoTMXnjWnMmv8mGspiRmHihgoA18EQUMuqpUedy-Nfhpy-XGbun3DTQG_-vGvpdq0RB0IUDnqvVoUGD9-Ekb_8VsjmRar6UHKpSWQ38aMhrktP22cDQC3Y95m09Zw3N_6S-IN3by2R2-sJgzrkvHB17DRpsNF1kemJVAcTVlz-dRsSbUVtPKf69gej8UpwQdQelZgPCIX-gg7BB7dBb1re_6tbXX11PhZwMO0NCfQNp_ZOkGjTvdQaXRVTw9hJ3xIvzrRzpMk3v5ktjKhU7FxOtMZOKzj3-SQEY8cYS7siU3OyCJY&sig=Cg0ArKJSzPsL7kMouUZgEAE&uach_m=[UACH]&adurl=
Frame ID: 5C99A0CB893D9908272CB9FE0B338481
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: E26ADA3C1DF6590BD9E7652BFAB4E55A
Requests: 13 HTTP requests in this frame

Frame: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A0D06E0CF6D852891A917B4D18E6C46
Requests: 7 HTTP requests in this frame

Frame: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AFEFC9E0018EFFC63E792F44F9D8AF04
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscdOB2mUZEsfLRW1Umdbyn1gwu0WRSNOnpYkH8FSYT4Tsp43CtBpIXB69_UMRcd7qGmg8gQuReXZp3aiTinMc65TK_a6_KwDMmcSdI_fVk36hb1H5kQTKMyo0idJvlH9GfqBm5m52JrHbs-1wV1q7lsh1l60fhAK6HFaDtNwzpObqrISAzRX9e2kgEfKkawYsY-iPQO1OWP_3RDieaBm_A1DYFFbwcpm7lbkU6IBcbGK6O9nm_E-YG1XVXhvUlxojm2QARv3ga-HJ1sKD_npZYREWjc5FOEpMQtXIPBvQvUoXt1nqrYZTT2ICODeSRQHNS-GP-1xrSYUBtemGD9go4JU7PFAEo69g&sig=Cg0ArKJSzOp5V6Bv2F0MEAE&uach_m=[UACH]&adurl=
Frame ID: BA39009F7D9138D3F5D456F3208F7499
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsNcSeKCtXR_yJeNjMp3WN-l4u--UZ7QQEcC3JUIpTQtRowhHpEaPOwqClLFyGUSrvl2DlbgRFfoIxKJREmjE7nU3ibxvOhtX16XRDIAOvUiJDSBBlVozt8BpSiGxXUPm0xf5SwUl9y76UWOok9Spvhec92bwycHDwKk_Dx7ARtyFlE4tC1YSocUcmU8eTiofxQOWrxAE_fQA3Ms10HxdHnHL26IVBANIWkS8V08tAp7fpYw7oA3ULvrD5Ji_fTQXJ-u7oGBOAHtd34yjNQrDHKED0b4NuylVf4LgKBDhnKdfDgoDVZglqz3eDaBurjTjCvPK70et23GqlXkdnSXjANAEGh29q8S2v58lojFuNBvgcoRc3Kw&sig=Cg0ArKJSzMi-csHZDZ4xEAE&uach_m=[UACH]&adurl=
Frame ID: 0771C8353091C99B93FDC21A6496D119
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQwccQ4d8a3OCZ-QVmp4Pr33SretQXRo-k7SESglm-Lme699OX5YI8eVDK3Vhc7Qq5Ir83COn2f-gRdjaQAQ4ktk3jgM3eUcnzMQ0sON2NJVl7RlsmoUJin86ee-tYgWGqeXqyv59C0fLGuMysosoFC36uic-61EyVQ6di8vTFv-05gQ4Iui7am4b-l_6CfAp0dL5l9DoRJx457sBDOQ1c0oOOG_LjNDVVCR-BJHBLIJqmQrn307AhZCxBf40eqM-2OQC3qSQ5ORaK4-R4BvknmlD9AFPhmZcjn93-FKYM_5D3aECbioBfhHKI_4B--iDYZnMK9XYfqus_5oNMq4qN0ltDrfN6kDKQRIbX9zIDlg&sig=Cg0ArKJSzOyB1y4CVBP6EAE&uach_m=[UACH]&adurl=
Frame ID: BC73D86338ED6C15061A050E2C4314F8
Requests: 7 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=654003&csz=%5B%5D&sz=%5B%5D&appId=1439&s=1761&dm=1&is=0&ct=%7B%7D&h=https%3A%2F%2Fwww.upstreamonline.com%2F&sid=D0BE459EE63729D5&v=1.5.59&ts=1636357825788
Frame ID: 0B12718BE7172B9D14D34752535BDB6A
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1439&requests=[{%22eaup%22:%22/21646926696/upstreamonline.com/billboard%22,%22eoid%22:2927461817,%22eolid%22:5821315849,%22advid%22:5046078460,%22w%22:1272,%22h%22:300,%22eId%22:%22main_upstreamonline.com_billboard_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22eoid%22:2927461817,%22eolid%22:5820072894,%22advid%22:5046078460,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_3%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22eoid%22:2900228327,%22eolid%22:5777444778,%22advid%22:4931783423,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_2%22},{%22eaup%22:%22/21646926696/upstreamonline.com/skyscraper%22,%22w%22:300,%22h%22:600,%22isda%22:true,%22eId%22:%22main_upstreamonline.com_skyscraper_1%22},{%22eaup%22:%22/21646926696/upstreamonline.com/brandbanner%22,%22eoid%22:2926999139,%22eolid%22:5820717977,%22advid%22:5083963193,%22w%22:300,%22h%22:100,%22eId%22:%22main_upstreamonline.com_brandbanner_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22eoid%22:2928938772,%22eolid%22:5822145319,%22advid%22:5085354676,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/skyscraper%22,%22eoid%22:2905164619,%22eolid%22:5786308459,%22advid%22:5066411469,%22w%22:300,%22h%22:600,%22eId%22:%22main_upstreamonline.com_skyscraper_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_1%22},{%22eaup%22:%22/21646926696/upstreamonline.com/leaderboard%22,%22eoid%22:2799601886,%22eolid%22:5581247214,%22advid%22:4579612715,%22w%22:1272,%22h%22:300,%22eId%22:%22main_upstreamonline.com_leaderboard_0%22}]&h=https%3A%2F%2Fwww.upstreamonline.com%2F
Frame ID: 7D34F9EB5557E7F1959061FB9C6B95BB
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=1439&requests=[{%22eaup%22:%22/21646926696/upstreamonline.com/sponsoredcontentfrontpage%22,%22eoid%22:2910512336,%22eolid%22:5795153944,%22advid%22:5071187641,%22w%22:462,%22h%22:122,%22eId%22:%22main_upstreamonline.com_sponsoredcontentfrontpage_1%22},{%22eaup%22:%22/21646926696/upstreamonline.com/sponsoredcontentfrontpage%22,%22eoid%22:2841678208,%22eolid%22:5664312638,%22advid%22:4548612467,%22w%22:462,%22h%22:122,%22eId%22:%22main_upstreamonline.com_sponsoredcontentfrontpage_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/scp%22,%22eoid%22:2848675352,%22eolid%22:5677109981,%22advid%22:4897482403,%22w%22:948,%22h%22:304,%22eId%22:%22main_upstreamonline.com_scp_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/magstripe%22,%22eoid%22:2928938772,%22eolid%22:5822718146,%22advid%22:5085354676,%22w%22:1272,%22h%22:1,%22eId%22:%22main_upstreamonline.com_magstripe_0%22}]&h=https%3A%2F%2Fwww.upstreamonline.com%2F
Frame ID: 2DA593548354045B099E5D4B4421AE53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upstream Online | Latest oil and gas newsNewspaper IconBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://upstreamonline.com/ HTTP 302
https://upstreamonline.com/ HTTP 301
https://www.upstreamonline.com/ Page URL

Page Statistics

327
Requests

98 %
HTTPS

67 %
IPv6

31
Domains

48
Subdomains

43
IPs

7
Countries

5368 kB
Transfer

14220 kB
Size

37
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.upstreamonlinecareers.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://eepurl.com/hbo8A5
Title: Breaking News Newsletter

Search URL Search Domain Scan URL

URL: http://eepurl.com/hcRCZr
Title: Accelerate Newsletter

Search URL Search Domain Scan URL

URL: http://eepurl.com/hzqidT
Title: Accelerate Hydrogen

Search URL Search Domain Scan URL

URL: http://info.upstreamonline.com/events-calendar?__hstc=215245651.f37870753c38d6a5f2ad4dfdebe7573f.1636357824782.1636357824782.1636357824782.1&__hssc=215245651.1.1636357824782&__hsfp=2427650321
Title: Events

Search URL Search Domain Scan URL

URL: https://services.upstreamonline.com/api/feed/rss
Title: RSS

Search URL Search Domain Scan URL

URL: https://info.upstreamonline.com/en-gb/upstream-news-app?__hstc=215245651.f37870753c38d6a5f2ad4dfdebe7573f.1636357824782.1636357824782.1636357824782.1&__hssc=215245651.1.1636357824782&__hsfp=2427650321
Title: Upstream News App

Search URL Search Domain Scan URL

URL: https://www.futureenergy.events/
Title: NHST Events

Search URL Search Domain Scan URL

URL: https://upstreamadvertise.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.nhst.no/
Title: click here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UpstreamOnlineNews
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/upstreamonline
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/upstream-the-international-oil-&-gas-newspaper
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/UpstreamNewsOnline
Title: YouTube

Search URL Search Domain Scan URL

URL: https://privacy.nhst.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.nhst.com/?__hstc=215245651.f37870753c38d6a5f2ad4dfdebe7573f.1636357824782.1636357824782.1636357824782.1&__hssc=215245651.1.1636357824782&__hsfp=2427650321
Title: here

Search URL Search Domain Scan URL

URL: https://privacy.nhst.com/cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://privacy.nhst.com/privacy-policy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssqmf7g7BQ9hWysnVEZXzdA67-1oSiyOS4XG920zbqlojs6PallO6peLUEeCMr4fVMq1usuA3pdilB_Vjy8URM_yfTTKtINGX9-NsIWW-bASqMizzxxmVuaD_oe35yVW5yN0RbX7TE9vr7GM4twQhSu3pvvsNISjCIp1X4lmgGO1UklCN_uXiWNfCwl02UOcFG99s95I5FLQuFQE-iqhXkNC0EuLix5cnIgsM9LvA8yX_pdTBnWTNBAxSg0CsaSY9WkVAbWWB_4jBDFLHuiJL7rMG6ezT9xuAsMcI5aRUVW0RZ0hie3UL2ZMZyVcgf3_m0Q69ppJtp2iCiME_hL-0P6TaMx&sai=AMfl-YRdHqZj_gleJmSey7KsrUtVw4slgrHqiNkqIshUY8An7C5AsC8ho1-iB9m0WFhrmNH0uwHPR7iXLF0tbm024Cxm9brYGjC8X6_zlEzxHZCSACoMioQkEnldHOvnMVc&sig=Cg0ArKJSzD6j8jVpsf_UEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://bit.ly/3fpXu3Q

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuueB3-vHAG4ODCToMdCT2DIqkqOLANZwWSbH-cGCi4VGGQw4DbvI9pjblHYo17zsmNh7ndLVqZv9XjAgpFNZ8JWRUDhtIeGeDPFrzW5x2R9bQREbpdntv9ANtj7_oKndiFNVvgd6R_FSh90IbeUhsJzUoY6w3wl7bMlQFihdrgOU3iASQSZwfXNGJjBLCSyiaht-d9WynK1lkuty1K-DbzIA551uerQXFtLnc4_GdqqbdTxFdO6kb0n0PnMQuQNiKwu9FGL-IvDJ8BkBgjCG7Q4GWmnBdTYSpqWsajD8rEcsII0OBbqLBJjTWwmO2ZpRkkk1Pa9QDzdvWWgWASS4Q&sig=Cg0ArKJSzCRJDKHxd_feEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://discover.23wpchouston.com/join-us-upstream?utm_medium=website&utm_source=Upstream&utm_campaign=GeneralRegistration

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://upstreamonline.com/ HTTP 302
https://upstreamonline.com/ HTTP 301
https://www.upstreamonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 187

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyrKYJ6k31MoaD0rjhlMNBLOLULqQ0a88FEXMc3FedtH31PWnB0T68XMOWkVPGA2y-vbnNyw_6p_CZX__sVwKXKeCVqIpHWmQIUS16hKW9a31WZG5EUYPnCkIT1GgcjrgI_4MSMxV__tsHZMUa43CQa1jsfXnSEoQqvjB0K6hnO474xCrkOH4S5BTnKmzYVQj5MwIu3GtRQtO6qx1rPYU9FtDQlJxkc1bAnUNrhyqHmsvtwH8WrUWC_INiezd1Oh_CvnwywnBuF3B_j6bW_VUQ6tOuyUiE8XYN1nDH2wbx_kFA7DImW_fIK6ybXwNQ5wBBhzd1Rqtg59PMIPY-lRSe37HreoTK2Wy7f6_825QGxggxeMsEWiM&sai=AMfl-YQ-ZsUcu0VasG_3jQef9lKlObRfbTXvOv4kal1UaNlAX_QLOeNtfOFrNosKwe1z-3lx1ixfZhGStQg7x0CSUcXOfVF2QocBHMKUaUjxJbtA_qwCVNOn7g1NpI4zglQ&sig=Cg0ArKJSzKdYwOaMTNLvEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/17498701450704525879? HTTP 302
https://tpc.googlesyndication.com/simgad/17498701450704525879

Request Chain 252

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCKk7l47q5UlA_yxH0cPg-u2yHIzvO8vqcauz0La8tmDWQKxjQLdEtO_OLUgGKa6MkU12JdfnOAGQJ0k9DaH_QFw-vak7ycSSiKlJaJk4NNJyFNzj_Q9gz951359GViQUfOYaV9Sj2vjvZtC9U2g2WSvej2QXFwVBk-ssMC4AOBcKTKtjHD3nsBvddJrbJS9dkGL53Y7Tmm4eSQIDsieqh3PJEJ3_GI_JXnBhuxUFSPlAJda2apwJ_Gn44KOJ6m2pUC81sFsbGn69L7vRdPMXgqARhcIZtfEHSEZjxdRPsuPnyi64Un7jJjS7duRgTQxePDklovQTV9GVNyriO6YsNZIWYUSl8-ipUGOpAWLj3MbOHKg&sig=Cg0ArKJSzLZzwmO12wMLEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/6254291583630008466? HTTP 302
https://tpc.googlesyndication.com/simgad/6254291583630008466

Request Chain 317

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

327 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.upstreamonline.com/
Redirect Chain

http://upstreamonline.com/
https://upstreamonline.com/
https://www.upstreamonline.com/

1 MB
187 KB

207ms
56ms

Document
text/html

2a02:c0:ac:6:fe::146
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upstreamonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:c0:ac:6:fe::146 , Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),

Reverse DNS

Software

/ Express

Resource Hash

c5a1be0bb4011abd4259a5f280388a34a88b5b2176ccd411be8764178875b73a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

X-Powered-By: Express
Content-Type: text/html; charset=utf-8
X-Frame-Options: DENY
xkey: e-5-1-5d1f2c903ff8b0359d374921
X-Pids: UPFA
X-Allow-Referer-Access: false
X-Access-Control: free
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=5,s-maxage=1800
Date: Mon, 08 Nov 2021 07:37:15 GMT
X-Webcache-Server: fe1-osl3.nhst.c.bitbit.net
X-Varnish: 957090736 954169329
Age: 784
Via: 1.1 varnish (Varnish/6.0)
X-Cache: HIT #143
Accept-Ranges: bytes
Content-Length: 190967
Connection: keep-alive

Redirect headers

Date: Mon, 08 Nov 2021 07:50:20 GMT
Server: Varnish
X-Varnish: 225474138
Location: https://www.upstreamonline.com/
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK manifest.975a70efcc059c392a1a.js Show response
static-global.nhst.tech/assets/ 4 KB
3 KB 549ms
96ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/manifest.975a70efcc059c392a1a.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e190eaec9eb82f10167defacbe3b4e407a124ceb6cee6f4710954fa2af6f9729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:59:16 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #11833
Age: 10264
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2596
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"11a4-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK styles.extracted.ed06e541c15464056616.css
static-global.nhst.tech/assets/ 20 KB
5 KB 534ms
92ms Stylesheet
text/css 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/styles.extracted.ed06e541c15464056616.css
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 5f27272c7218099af31073e67ad85067d9700fec7d8d7d8cf11a8fb17a1c8159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:59 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #10626
Age: 10160
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4366
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"512a-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK vendor.ed06e541c15464056616.js Show response
static-global.nhst.tech/assets/ 2 MB
470 KB 715ms
178ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/vendor.ed06e541c15464056616.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 204ebd5f339894f46b3612eb669bc72324e6a8f0106e66682c7cbbc0a721d5b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:47 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #11826
Age: 10173
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 480848
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"187568-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK styles.extracted.78ce9925578815c4465f.css
static-global.nhst.tech/assets/ 2 MB
257 KB 619ms
177ms Stylesheet
text/css 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/styles.extracted.78ce9925578815c4465f.css
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 168a48a89cbc6866899a25f88acd183c5118355b53bb9ef81d4492bc7adb6847

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:21:07 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #11652
Age: 12553
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 262696
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"20fc92-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK app.78ce9925578815c4465f.js Show response
static-global.nhst.tech/assets/ 311 KB
80 KB 739ms
197ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/app.78ce9925578815c4465f.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 388d78a4eed39a5b1761a730b222bee66718481da66e1d66494e63de992bb67f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:21:07 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #12678
Age: 12553
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 81086
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"4dbeb-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 7.9754f4df7fe0a1b8538c.js Show response
static-global.nhst.tech/assets/ 9 KB
2 KB 661ms
108ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/7.9754f4df7fe0a1b8538c.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: db944cdfbbedf736cf07bf70c3e5176c4d705eb4aff05f3224f38d05d41167fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:04 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #9536
Age: 10216
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2024
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"230d-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H2 200 1545457.js Show response
js.hs-scripts.com/ 3 KB
1 KB 48ms
28ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/1545457.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad5a34868c9d99dce4b630ff94757ca00aa431570cc27eb8642f5662b43c000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16
cf-polished: origSize=3072
x-hubspot-correlation-id: 55e78887-52ca-4fdf-ab58-ccfcfd57af1b
last-modified: Mon, 08 Nov 2021 07:50:05 GMT
server: cloudflare
x-trace: 2B35B96D615CF716FB6E107069C4ADB9874058E85B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.upstreamonline.com
expires: Mon, 08 Nov 2021 07:51:21 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6aad35c29f202b71-FRA
cf-bgj: minify

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 19 KB
7 KB 75ms
29ms Script
application/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:20 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 974110
content-length: 6350
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:50 GMT
server: cloudflare
etag: 0x8D98DB713DDEB61
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 878317a8-401e-0008-3899-cb3fe8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aad35bd2cb30f76-MXP
expires: Tue, 16 Nov 2021 07:50:20 GMT

GET
H/1.1 200
OK global.7440b5dc1eb20bd49bf9.css
static-global.nhst.tech/assets/css/ 191 KB
32 KB 623ms
179ms Stylesheet
text/css 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 8685f697034b8d094f706bcfedbfaf0f6919eb1b829dfd98b776bbcd9b54f724

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:54:00 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8178
Age: 6980
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 31977
Last-Modified: Mon, 08 Nov 2021 04:13:00 GMT
ETag: W/"2fc5c-17cfdbfd4e0"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK upstream.7440b5dc1eb20bd49bf9.css
static-global.nhst.tech/assets/css/ 4 KB
2 KB 537ms
93ms Stylesheet
text/css 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/css/upstream.7440b5dc1eb20bd49bf9.css
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 756d9836f243a1e92d906ccb26c62871a4931991310d793cfec7f4b4263aa51e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:53:11 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #934
Age: 7028
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1118
Last-Modified: Mon, 08 Nov 2021 04:13:00 GMT
ETag: W/"ed9-17cfdbfd4e0"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK NcPulse-streaming-2.0.1-min.js Show response
static-global.nhst.tech/resources/lib/ 6 KB
2 KB 650ms
98ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/resources/lib/NcPulse-streaming-2.0.1-min.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: eaa3294dc76fa723ae94ebac089712da0e75699ea46463a18c9c6e4aa9661212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:33:30 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #69253
Age: 76610
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1855
Last-Modified: Fri, 05 Nov 2021 06:14:05 GMT
ETag: W/"163d-17ceebb9bc8"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK owl.carousel.7440b5dc1eb20bd49bf9.css
static-global.nhst.tech/assets/css/ 10 KB
7 KB 545ms
96ms Stylesheet
text/css 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/css/owl.carousel.7440b5dc1eb20bd49bf9.css
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 0bd5b86b5406e2b3041dc884946dba73e221e79cba70cdec984f89438b132eeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:53:09 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8352
Age: 7030
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6259
Last-Modified: Mon, 08 Nov 2021 04:13:00 GMT
ETag: W/"29df-17cfdbfd4e0"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H2 200 satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js Show response
assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/ 258 KB
65 KB 48ms
14ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c70af531b6b0e04455956f1684a9e76679ffe6c6e46a4c4d580486d8d96a300f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:20 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 09:33:55 GMT
server: AkamaiNetStorage
etag: "239b964d29d163ba8475eab336684294:1635932035.688167"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.upstreamonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 66529
expires: Mon, 08 Nov 2021 08:50:20 GMT

GET
H/1.1 200
OK logo.svg
static-global.nhst.tech/resources/gfx/upstream/ 14 KB
5 KB 92ms
92ms Image
image/svg+xml 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-global.nhst.tech/resources/gfx/upstream/logo.svg
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 42fbfd4a9cf7f382eed9ae69cf6aed35a5910588c5982be50d7e01aad069b300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 07:16:42 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #188
Age: 2018
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4823
Last-Modified: Mon, 08 Nov 2021 04:10:40 GMT
ETag: W/"38b4-17cfdbdb200"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK landscape.gif
static-global.nhst.tech/resources/ 67 B
481 B 94ms
93ms Image
image/gif 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-global.nhst.tech/resources/landscape.gif
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: c0ccc2447cd0cb4a4f3ba03e328f8588cbd4046ad736f2c6d575ef5e0514b29d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 16:49:26 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
Last-Modified: Fri, 05 Nov 2021 06:14:05 GMT
X-CDN-Cache: HIT #45612
Age: 54055
X-Powered-By: Express
Content-Type: image/gif
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67
ETag: W/"43-17ceebb9bc8"

GET
H/1.1 200
OK small.jpg
www.e-pages.dk/upstreamonline/500/teasers/ 14 KB
14 KB 106ms
31ms Image
image/jpeg 46.30.126.165
DLX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.e-pages.dk/upstreamonline/500/teasers/small.jpg
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.30.126.165 Hobro, Denmark, ASN47527 (DLX-AS, DK),
Reverse DNS: www-05.e-pages.dk
Software: nginx /
Resource Hash: 56169ee80a01329e02e4bc53a7ed229f3b2938a05b147fde1fc3c05f81d2e934

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 07:50:22 GMT
Last-Modified: Wed, 03 Nov 2021 23:03:20 GMT
Server: nginx
ETag: "61831538-36fb"
Content-Type: image/jpeg
Cache-Control: max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14075
Expires: Mon, 08 Nov 2021 07:51:22 GMT

GET
H/1.1 200
OK 10.68179e3c96a42d2a7870.js
static-global.nhst.tech/assets/ 0
6 KB 96ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/10.68179e3c96a42d2a7870.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:31 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8749
Age: 10130
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5550
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"432f-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 11.8b0924539aa8dc5e69ab.js
static-global.nhst.tech/assets/ 0
6 KB 98ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/11.8b0924539aa8dc5e69ab.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:18 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8726
Age: 10142
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5530
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"433f-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 12.5fcf0d99518ab50e811f.js
static-global.nhst.tech/assets/ 0
9 KB 100ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/12.5fcf0d99518ab50e811f.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:12 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8790
Age: 10148
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 8949
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"7059-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 13.736dfb77b52f62abce3e.js
static-global.nhst.tech/assets/ 0
6 KB 95ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/13.736dfb77b52f62abce3e.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:08 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8685
Age: 10092
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5624
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"4427-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 14.b8d83784bdf2894e0c65.js
static-global.nhst.tech/assets/ 0
2 KB 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/14.b8d83784bdf2894e0c65.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:39 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8647
Age: 10122
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1385
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"fe7-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 15.754643172f5ffdcafbd5.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/15.754643172f5ffdcafbd5.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:11 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8921
Age: 10150
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1339
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"ff5-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 16.d4fb1ea6dbd2ae52850e.js
static-global.nhst.tech/assets/ 0
2 KB 97ms
97ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/16.d4fb1ea6dbd2ae52850e.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:37 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8562
Age: 10123
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1257
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"ebd-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 17.c6a9d60ba36c562182f2.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/17.c6a9d60ba36c562182f2.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:22 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8637
Age: 10139
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1247
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"eb9-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 18.4235002bfd5234ebdad4.js
static-global.nhst.tech/assets/ 0
2 KB 92ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/18.4235002bfd5234ebdad4.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:06 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #14640
Age: 10154
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1222
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"a02-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 19.3c87a0cf3f38939055aa.js
static-global.nhst.tech/assets/ 0
12 KB 94ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/19.3c87a0cf3f38939055aa.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:30 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #14774
Age: 10131
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11362
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"ad81-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 20.d83a63070a1914dc1619.js
static-global.nhst.tech/assets/ 0
1013 B 93ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/20.d83a63070a1914dc1619.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:54 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8456
Age: 10046
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 523
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"351-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 21.c5fdf5a73a45bb4636c9.js
static-global.nhst.tech/assets/ 0
1 KB 96ms
95ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/21.c5fdf5a73a45bb4636c9.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:34 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8490
Age: 10127
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 536
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"367-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 22.00e30ea40302991c2031.js
static-global.nhst.tech/assets/ 0
2 KB 96ms
95ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/22.00e30ea40302991c2031.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:27 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8496
Age: 10134
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1370
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"c7b-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 23.def5cc57bccd3768b0ef.js
static-global.nhst.tech/assets/ 0
3 KB 95ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/23.def5cc57bccd3768b0ef.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:23 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8371
Age: 10138
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2511
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"1baf-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 24.5a692872abcf47d9a685.js
static-global.nhst.tech/assets/ 0
1 KB 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/24.5a692872abcf47d9a685.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:44 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8374
Age: 10057
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 843
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"694-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 25.716079dbd2cfb8f4d7aa.js
static-global.nhst.tech/assets/ 0
1 KB 93ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/25.716079dbd2cfb8f4d7aa.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:36 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8392
Age: 10126
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 645
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"59e-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 26.ade40225ac4258030860.js
static-global.nhst.tech/assets/ 0
1 KB 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/26.ade40225ac4258030860.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:26 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8418
Age: 10135
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 779
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"740-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 27.9f642bad89f3035abceb.js
static-global.nhst.tech/assets/ 0
2 KB 92ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/27.9f642bad89f3035abceb.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:23 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8513
Age: 10139
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1346
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"d48-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 28.5c9c1faca619077384da.js
static-global.nhst.tech/assets/ 0
1 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/28.5c9c1faca619077384da.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:01 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8339
Age: 10039
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 745
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"50c-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 29.dad153e802e7c2ab971e.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/29.dad153e802e7c2ab971e.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:21 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8313
Age: 10140
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1238
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"c41-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 3.735c48bc6c359dbf99f5.js
static-global.nhst.tech/assets/ 0
2 KB 94ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/3.735c48bc6c359dbf99f5.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:59:41 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8431
Age: 10240
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1709
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"fbc-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 30.51537413c31fbf32b343.js
static-global.nhst.tech/assets/ 0
983 B 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/30.51537413c31fbf32b343.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:42 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8403
Age: 10179
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 493
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"3d8-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 31.f20087e291bd0807fca6.js
static-global.nhst.tech/assets/ 0
2 KB 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/31.f20087e291bd0807fca6.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:40 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8362
Age: 10121
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1100
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"b44-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 32.7904520368f70f201da7.js
static-global.nhst.tech/assets/ 0
2 KB 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/32.7904520368f70f201da7.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:45 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8364
Age: 10177
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1379
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"e22-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 33.29c8b1077caed1ba49e6.js
static-global.nhst.tech/assets/ 0
1 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/33.29c8b1077caed1ba49e6.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:12 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8425
Age: 10149
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 757
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"558-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 34.f2803f23cc62b9616c2a.js
static-global.nhst.tech/assets/ 0
2 KB 95ms
95ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/34.f2803f23cc62b9616c2a.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:39 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8370
Age: 10122
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1130
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"ad3-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 35.659aaec62328e4a1b75b.js
static-global.nhst.tech/assets/ 0
2 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/35.659aaec62328e4a1b75b.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:26 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8409
Age: 10135
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2020
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"120d-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 36.5cc94429c53997924fa2.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/36.5cc94429c53997924fa2.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:35 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8328
Age: 10127
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"f10-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 37.ed5bd926593f67c2ddee.js
static-global.nhst.tech/assets/ 0
2 KB 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/37.ed5bd926593f67c2ddee.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:57 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8368
Age: 10105
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1182
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"944-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 38.35d59be48238cd1d95f3.js
static-global.nhst.tech/assets/ 0
2 KB 92ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/38.35d59be48238cd1d95f3.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:02 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8311
Age: 10159
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1064
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"bd5-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 39.34bfbaaf5d71bb61d03a.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/39.34bfbaaf5d71bb61d03a.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:35 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8364
Age: 10127
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1657
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"eef-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 4.7820c8ab8987fb38c551.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/4.7820c8ab8987fb38c551.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:56 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8223
Age: 10105
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1707
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"fbc-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 40.796e2be9fa685b54b6b1.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/40.796e2be9fa685b54b6b1.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:05:18 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8299
Age: 9903
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1486
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"de3-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 41.20afe5b3c03ec791668f.js
static-global.nhst.tech/assets/ 0
1 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/41.20afe5b3c03ec791668f.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:28 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8355
Age: 10133
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 853
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"649-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 42.cbd3ada23d158dc22180.js
static-global.nhst.tech/assets/ 0
1 KB 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/42.cbd3ada23d158dc22180.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:12 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8296
Age: 10090
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 748
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"64b-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 43.87ed4ccb8202512702af.js
static-global.nhst.tech/assets/ 0
4 KB 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/43.87ed4ccb8202512702af.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:57 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8326
Age: 10164
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3109
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"253f-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 44.dc37ea67a9c0eedf69ba.js
static-global.nhst.tech/assets/ 0
8 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/44.dc37ea67a9c0eedf69ba.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:34 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8266
Age: 10127
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7515
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"6931-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 45.31023976c309b5a7bd85.js
static-global.nhst.tech/assets/ 0
3 KB 94ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/45.31023976c309b5a7bd85.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:00 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8303
Age: 10161
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2558
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"23c8-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 46.73e7c429658db12fbe13.js
static-global.nhst.tech/assets/ 0
4 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/46.73e7c429658db12fbe13.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:02 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8337
Age: 10099
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3263
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"2769-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 47.98dd5a1274b7e1ef7006.js
static-global.nhst.tech/assets/ 0
882 B 93ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/47.98dd5a1274b7e1ef7006.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:30 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8151
Age: 10012
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 392
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"23d-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 48.16ed5d31bcb4745b7562.js
static-global.nhst.tech/assets/ 0
888 B 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/48.16ed5d31bcb4745b7562.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:35 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8224
Age: 10126
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 398
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"244-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 49.623f0d53e8dc238e8747.js
static-global.nhst.tech/assets/ 0
888 B 92ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/49.623f0d53e8dc238e8747.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:19 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8375
Age: 10203
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 398
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"244-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 5.4413ceeef3bb8f774d5d.js
static-global.nhst.tech/assets/ 0
3 KB 95ms
95ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/5.4413ceeef3bb8f774d5d.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:59:57 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8976
Age: 10224
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2924
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"253c-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 50.aadc040540f72bfb3b5f.js
static-global.nhst.tech/assets/ 0
931 B 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/50.aadc040540f72bfb3b5f.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:58 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8267
Age: 10163
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 441
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"29e-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 51.a9f8551528665e30efbe.js
static-global.nhst.tech/assets/ 0
885 B 94ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/51.a9f8551528665e30efbe.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:26 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8322
Age: 10136
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 395
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"241-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 52.de0b820fdad58f18d193.js
static-global.nhst.tech/assets/ 0
1 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/52.de0b820fdad58f18d193.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:22 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8254
Age: 10079
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 765
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"556-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 53.8f8410628ffafd637ced.js
static-global.nhst.tech/assets/ 0
2 KB 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/53.8f8410628ffafd637ced.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:48 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8219
Age: 10174
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1136
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"b62-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 54.16e7ff57bd5c97047209.js
static-global.nhst.tech/assets/ 0
3 KB 92ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/54.16e7ff57bd5c97047209.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:26 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8292
Age: 10135
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2098
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"2ba6-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 55.351695f23bb11fa40daa.js
static-global.nhst.tech/assets/ 0
1 KB 95ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/55.351695f23bb11fa40daa.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:59:51 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8280
Age: 10230
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 919
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"874-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 56.a8d5fd8eb69b2f6895c1.js
static-global.nhst.tech/assets/ 0
6 KB 94ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/56.a8d5fd8eb69b2f6895c1.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:05:05 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8007
Age: 9916
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5514
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"42c4-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 57.d84c12aac2d205aee662.js
static-global.nhst.tech/assets/ 0
2 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/57.d84c12aac2d205aee662.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:40 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8383
Age: 10182
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1219
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"ad0-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 58.1bbe7cb0098fd7110954.js
static-global.nhst.tech/assets/ 0
1 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/58.1bbe7cb0098fd7110954.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:41 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8215
Age: 10001
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 838
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"764-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 59.970e492b9477f418cf81.js
static-global.nhst.tech/assets/ 0
3 KB 92ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/59.970e492b9477f418cf81.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:57 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8250
Age: 10165
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2101
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"2c9c-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 6.7422be9b02199b26f79b.js
static-global.nhst.tech/assets/ 0
3 KB 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/6.7422be9b02199b26f79b.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:11 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8234
Age: 10211
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2218
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"2472-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 60.90658586dca5e115119d.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/60.90658586dca5e115119d.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:07 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8313
Age: 10154
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1112
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"a9f-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 61.7350d1271bee37114edc.js
static-global.nhst.tech/assets/ 0
1 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/61.7350d1271bee37114edc.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:27 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8245
Age: 10014
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 646
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"474-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 62.6a3ed70fde2683c3dabd.js
static-global.nhst.tech/assets/ 0
3 KB 94ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/62.6a3ed70fde2683c3dabd.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:24 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8263
Age: 10138
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2406
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"18fd-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 63.8cf41e4251bd68f761c9.js
static-global.nhst.tech/assets/ 0
1 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/63.8cf41e4251bd68f761c9.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:07 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8362
Age: 10155
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 727
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"4dd-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 64.31d373a5b630431454d8.js
static-global.nhst.tech/assets/ 0
2 KB 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/64.31d373a5b630431454d8.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:24 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8218
Age: 10138
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1054
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"9e7-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 65.8d79c7443d8c02967cc2.js
static-global.nhst.tech/assets/ 0
2 KB 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/65.8d79c7443d8c02967cc2.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:10 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8173
Age: 10091
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1058
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"aa8-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 66.38dd1a1b9a48c0ba56e4.js
static-global.nhst.tech/assets/ 0
781 B 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/66.38dd1a1b9a48c0ba56e4.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:53 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8262
Age: 10169
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 291
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"165-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 67.e11c38351d115be9865a.js
static-global.nhst.tech/assets/ 0
6 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/67.e11c38351d115be9865a.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:20 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8181
Age: 10141
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5496
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"42d4-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 68.b4b13903e120dbc6b683.js
static-global.nhst.tech/assets/ 0
883 B 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/68.b4b13903e120dbc6b683.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:36 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8211
Age: 10185
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 393
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"23d-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 69.786a48351cf7520d8646.js
static-global.nhst.tech/assets/ 0
890 B 93ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/69.786a48351cf7520d8646.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:05 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8324
Age: 10157
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 400
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"244-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 70.f2e23b18f911b4b1edbb.js
static-global.nhst.tech/assets/ 0
886 B 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/70.f2e23b18f911b4b1edbb.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:28 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8072
Age: 10014
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 396
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"244-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 71.e0e30ccaa0e988cacc38.js
static-global.nhst.tech/assets/ 0
930 B 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/71.e0e30ccaa0e988cacc38.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:23 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8067
Age: 10019
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 440
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"29e-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 72.04b1dae5bd1b70ba1b31.js
static-global.nhst.tech/assets/ 0
884 B 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/72.04b1dae5bd1b70ba1b31.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:21 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8280
Age: 10141
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 394
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"241-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 73.140a2d9a7f979638b76a.js
static-global.nhst.tech/assets/ 0
1 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/73.140a2d9a7f979638b76a.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:54 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8197
Age: 10108
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 861
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"615-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 74.dcfe27e97e91307a1e55.js
static-global.nhst.tech/assets/ 0
3 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/74.dcfe27e97e91307a1e55.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:57 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8206
Age: 10105
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2177
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"101e-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 75.3ffbb8de4b2a74da0289.js
static-global.nhst.tech/assets/ 0
3 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/75.3ffbb8de4b2a74da0289.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:44 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8183
Age: 10117
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2716
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"4666-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 76.df6dd923c6d744c3a042.js
static-global.nhst.tech/assets/ 0
2 KB 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/76.df6dd923c6d744c3a042.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:45 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8056
Age: 10116
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1527
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"194e-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 77.f1a22787422ba69aaf29.js
static-global.nhst.tech/assets/ 0
923 B 92ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/77.f1a22787422ba69aaf29.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:21 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8134
Age: 10022
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 433
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"27b-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 78.f8d7408dd9ca82993b75.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/78.f8d7408dd9ca82993b75.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:59:51 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8410
Age: 10231
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1104
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"a72-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 79.85f9c7913b4d5f1722d1.js
static-global.nhst.tech/assets/ 0
9 KB 103ms
102ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/79.85f9c7913b4d5f1722d1.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:05 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8174
Age: 10157
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 8916
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"6fee-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 8.ee5dc19fdba47a2d4631.js
static-global.nhst.tech/assets/ 0
3 KB 97ms
96ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/8.ee5dc19fdba47a2d4631.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:39 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8193
Age: 10182
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2513
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"1baa-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 80.509780c4c17f55f31a0c.js
static-global.nhst.tech/assets/ 0
2 KB 103ms
103ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/80.509780c4c17f55f31a0c.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:11 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8226
Age: 10210
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1135
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"880-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 81.01a2e8d9990c1e14a85e.js
static-global.nhst.tech/assets/ 0
2 KB 105ms
104ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/81.01a2e8d9990c1e14a85e.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:45 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8276
Age: 10177
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"e7d-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 82.61cbb00d02902cd32b50.js
static-global.nhst.tech/assets/ 0
3 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/82.61cbb00d02902cd32b50.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:14 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8079
Age: 10148
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2280
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"fdb-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 83.e6f66df6d9d9ec98f597.js
static-global.nhst.tech/assets/ 0
2 KB 94ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/83.e6f66df6d9d9ec98f597.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:21 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8272
Age: 10141
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1363
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"fa1-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 84.0469363b6687d266613b.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/84.0469363b6687d266613b.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:03:53 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8085
Age: 9988
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1483
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"18a2-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 85.ae775a30114519000b6d.js
static-global.nhst.tech/assets/ 0
924 B 92ms
92ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/85.ae775a30114519000b6d.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:27 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8258
Age: 10136
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 434
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"27b-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 86.99da3c93b51916c102a8.js
static-global.nhst.tech/assets/ 0
782 B 91ms
91ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/86.99da3c93b51916c102a8.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:40 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8099
Age: 10122
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 292
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"166-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 87.a1cf1d209deaf3cd9a69.js
static-global.nhst.tech/assets/ 0
1 KB 94ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/87.a1cf1d209deaf3cd9a69.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:52 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8143
Age: 10110
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 775
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"d5a-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 88.e2c42d4f19d804d97343.js
static-global.nhst.tech/assets/ 0
6 KB 95ms
94ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/88.e2c42d4f19d804d97343.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:02:39 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8087
Age: 10064
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5592
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"43bc-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK 9.43750e3b8190095ca399.js
static-global.nhst.tech/assets/ 0
2 KB 93ms
93ms Other
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/9.43750e3b8190095ca399.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:00:40 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #8273
Age: 10182
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1694
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"f6e-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H2 200 81cde712-3708-4931-8d5e-c38803269176.json Show response
cdn-ukwest.onetrust.com/consent/81cde712-3708-4931-8d5e-c38803269176/ 3 KB
2 KB 59ms
35ms XHR
application/x-javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/81cde712-3708-4931-8d5e-c38803269176/81cde712-3708-4931-8d5e-c38803269176.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d2957853a8a51b36f4dc9501ec09435fbdc056a6743be5379c08b97730d4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:21 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: ezj+x4oafugBtQFgsJJ2xg==
age: 2652
content-length: 1400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Nov 2021 06:31:17 GMT
server: cloudflare
etag: 0x8D99DCA605E5B0C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2fccd99b-701e-0066-64d0-cf96c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aad35c31d6b1f11-FRA

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 213 B
1 KB 121ms
31ms XHR
application/json 52.208.127.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=539A036355B676DE7F000101%40AdobeOrg&d_nsid=0&ts=1636357821561

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.127.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f5e5fff62dbe258477f28da824c79534277b95ec2ab0335eea980fa1d040d38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-0fe9d1f2a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: gXZkLbWSRiw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.upstreamonline.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 208
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/ 33 KB
12 KB 20ms
9ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:21 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 19:44:20 GMT
server: AkamaiNetStorage
etag: "b135e36e0ffbaaaebca4ed5a17a3a5c5:1631821460.47263"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12201
expires: Mon, 08 Nov 2021 08:50:21 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/ 25 KB
9 KB 21ms
11ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1ee5f7b094d98b34cd4ceca892f1ddbc501f44830edb892fb03ffaf18e6bc3bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:21 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 19:44:20 GMT
server: AkamaiNetStorage
etag: "2aedef11dbffdfffc7e7348927f0f82e:1631821460.959901"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8766
expires: Mon, 08 Nov 2021 08:50:21 GMT

GET
H2 200 hotjar-615966.js Show response
static.hotjar.com/c/ 4 KB
2 KB 31ms
9ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-615966.js?sv=6

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9fb4126bd26855d44fca46c1642b761a46e3de1ed26627915d33b59bcf647d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/1ab5894b5c66590095a0c30dc47baba5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 2009
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-id: pm135jeI3IVwYFydalri91bokpOpNXHMw32o_GT4ctPPtAu8GYdB6A==

GET
H2 200 60cb2ce0a314540edb29c9b2.js Show response
cl.k5a.io/ 103 KB
18 KB 40ms
11ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.k5a.io/60cb2ce0a314540edb29c9b2.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: Apache/2.4.46 (Unix) /
Resource Hash: 0d7b37037109b838789f21036b2c3004e8df05e398f30767129755f7b7ab1967

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:21 GMT
content-encoding: gzip
last-modified: Fri, 05 Nov 2021 23:00:41 GMT
server: Apache/2.4.46 (Unix)
etag: "19a8d-5d0129cbb1977"
x-hw: 1636357821.cds138.fr8.hn,1636357821.cds258.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=353
accept-ranges: bytes
content-length: 17986

GET
H/1.1 200
OK AlertPulse.gif
static-global.nhst.tech/resources/gfx/tradewinds/ 6 KB
6 KB 91ms
91ms Image
image/gif 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-global.nhst.tech/resources/gfx/tradewinds/AlertPulse.gif
Requested by: Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 9eeda142b2dc158c64862405e6432b366c1f353c8d91b2a0251c7a8ff4c151b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 16:55:27 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
Last-Modified: Fri, 05 Nov 2021 06:14:05 GMT
X-CDN-Cache: HIT #21815
Age: 53693
X-Powered-By: Express
Content-Type: image/gif
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5912
ETag: W/"1718-17ceebb9bc8"

GET
H/1.1 200
OK flamalight-webfont.woff
static-global.nhst.tech/resources/fonts/woff/ 26 KB
27 KB 459ms
179ms Font
font/woff 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/resources/fonts/woff/flamalight-webfont.woff
Requested by: Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 640cd3b632fca258345a4967eb95d6027dd063ed70f2f4e7d794ea04b4389370

Request headers

Referer: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Origin: https://www.upstreamonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 16:51:02 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
Last-Modified: Fri, 05 Nov 2021 06:14:05 GMT
X-CDN-Cache: HIT #38906
Age: 53958
X-Powered-By: Express
Content-Type: font/woff
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27084
ETag: W/"69cc-17ceebb9bc8"

GET
H/1.1 200
OK suecatx-bold-tta-webfont.woff
static-global.nhst.tech/resources/fonts/woff/ 38 KB
38 KB 461ms
180ms Font
font/woff 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/resources/fonts/woff/suecatx-bold-tta-webfont.woff
Requested by: Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 3623d5d85fdcdeba501a2fadb6cd17c7968c4ccac9f83e677569afe9875f68fd

Request headers

Referer: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Origin: https://www.upstreamonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 06:33:07 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
Last-Modified: Mon, 08 Nov 2021 04:10:40 GMT
X-CDN-Cache: HIT #3691
Age: 4634
X-Powered-By: Express
Content-Type: font/woff
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38584
ETag: W/"96b8-17cfdbdb200"

GET
H/1.1 200
OK flamabold-webfont.woff
static-global.nhst.tech/resources/fonts/woff/ 27 KB
27 KB 461ms
180ms Font
font/woff 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/resources/fonts/woff/flamabold-webfont.woff
Requested by: Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 431bdc4bc2364e753ac262e561b9f9490cb48226c27a6194a606b24ab27a5c90

Request headers

Referer: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Origin: https://www.upstreamonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 16:48:49 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
Last-Modified: Fri, 05 Nov 2021 06:14:05 GMT
X-CDN-Cache: HIT #38225
Age: 54092
X-Powered-By: Express
Content-Type: font/woff
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27552
ETag: W/"6ba0-17ceebb9bc8"

GET
H/1.1 200
OK suecatx-regular-tta-webfont.woff
static-global.nhst.tech/resources/fonts/woff/ 34 KB
35 KB 462ms
180ms Font
font/woff 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/resources/fonts/woff/suecatx-regular-tta-webfont.woff
Requested by: Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: b6d837189ae400c620c7592aff5849dc29d4d611d6eecff0b858d88a4e53b17a

Request headers

Referer: https://static-global.nhst.tech/assets/css/global.7440b5dc1eb20bd49bf9.css
Origin: https://www.upstreamonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:53:31 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
Last-Modified: Mon, 08 Nov 2021 04:10:40 GMT
X-CDN-Cache: HIT #6807
Age: 7010
X-Powered-By: Express
Content-Type: font/woff
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34956
ETag: W/"888c-17cfdbdb200"

GET
H/1.1 200
OK nhst-logo-footer.svg
static-global.nhst.tech/resources/gfx/ 7 KB
3 KB 95ms
95ms Image
image/svg+xml 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-global.nhst.tech/resources/gfx/nhst-logo-footer.svg
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: e88876f7bfe7ad0fcab290f353b3f09b22154bb0fbd3f993aaf378fe8ceab43f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 12:52:27 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #33105
Age: 68274
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2416
Last-Modified: Fri, 05 Nov 2021 06:14:05 GMT
ETag: W/"1bb0-17ceebb9bc8"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H/1.1 200
OK picturefill.min_3.0.2.js Show response
static-global.nhst.tech/resources/lib/ 12 KB
6 KB 93ms
93ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/resources/lib/picturefill.min_3.0.2.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 465986f53ca7b58bbf8e8ecf0bd8f0c844f0f2f8658d325e957c9ef9492ee7ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 20:02:37 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #35719
Age: 42464
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5170
Last-Modified: Fri, 05 Nov 2021 06:14:05 GMT
ETag: W/"2e25-17ceebb9bc8"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
275 B 34ms
33ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6aad35c42ee00f76-MXP

GET
H2 200 1545457.js Show response
js.hs-analytics.net/analytics/1636357800000/ 63 KB
20 KB 57ms
37ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1636357800000/1545457.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06c5b1aa9ebe74db08a85c6def0074435e7bdb866023e6cd80c9a01191350f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 8
x-guploader-uploadid: ADPycdsAXDQemhn1mDfsyoOgdWeAZDwWPeDISxItSNco-VhERIcnOnqiiC9e-8Xse3SeguFOlsJYVXa9kcaevkoxMNidlo5CAg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Tue, 27 Jul 2021 14:15:18 GMT
server: cloudflare
etag: W/"ae32546155ac8a2ff14de8dd14ddd8c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Y/lIuw==, md5=rjJUYVWsii/xTejdFN3Ywg==
x-goog-generation: 1627395318343375
cache-control: max-age=300, public
access-control-allow-credentials: false
x-goog-stored-content-length: 64680
cf-ray: 6aad35c44bf07034-FRA
expires: Mon, 08 Nov 2021 07:55:14 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
26 KB 82ms
28ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0e8f49ce2aa1c4720cc187c184c8d800182aea43645aa3193c0614703d0c8f4

Request headers

Referer: https://www.upstreamonline.com/
Origin: https://www.upstreamonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
via: 1.1 3d65275b81abaf880be10de6f2c71e9b.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 52442
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.247/bundles/project.js&cfRay=6aa83571ac966f1c-EWR
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6aad35c47a5cd618-MXP
last-modified: Tue, 28 Sep 2021 10:08:32 UTC
server: cloudflare
etag: W/"a5dc58d02593ddd2c3c6bbe2230fc074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: s1CYAXlTSydz_cSjotzU3Em8FOsfSJIb
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: __PNsdSeV-3yZephOdwqRCUJsc8wtGsDAu7k7rhGEy7nHj2mYo2atw==
x-hs-target-asset: collected-forms-embed-js/static-1.247/bundles/project.js

GET
H2 200 1545457.js Show response
js.hs-banner.com/ 62 KB
16 KB 78ms
32ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/1545457.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d67e2e0e1e6db1378d44d3acc8b659ef6a2fd973b9faee49828b6d369afe4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 22
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: BP7KT0VMK3M8E81D
x-amz-id-2: nrBX7FiV+4A+JDdmouTsDIm4Q18Q1T8q2si1ehdhdu0Y95iFS5JPpBGDFxrB79UaZxVhbrbPdIo=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 19:30:14 GMT
server: cloudflare
etag: W/"916f3b1680a5440fcea577093569cbd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 0a__u4XGdha13z7imRWud5WMsh1Dsv7w
access-control-allow-origin: https://www.tradewindsnews.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6aad35c47c86d608-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 08 Nov 2021 07:55:00 GMT

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 30 KB
11 KB 621ms
566ms Script
application/javascript 2606:4700::6811:70a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda36c3bc6dc8015acc8edb9b702dcd1d5cc47501b07dcaa8542e72d7dd35154

Request headers

Referer: https://www.upstreamonline.com/
Origin: https://www.upstreamonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
via: 1.1 2ca1a2664d288773b443dc5e52a8b5b9.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.8305/bundles/popupInjector.js&cfRay=6aad35c48d0b3754-MXP
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6aad35c48d0b3754-MXP
last-modified: Thu, 04 Nov 2021 09:43:51 UTC
server: cloudflare
etag: W/"216bdd355659be20d66c1e6e9bee72bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: XhuTLbh9BrCvQlF0c4BTV.3ztoRC.Zob
access-control-allow-origin: *
cache-control: max-age=600
x-hs-cache-status: MISS
content-type: application/javascript; charset=utf-8
x-amz-cf-id: U8eOUDepRIgqTD7hps3TVnF7FrF_qRDkvkfElrdX4wuO9K4vosI6yQ==
x-hs-target-asset: feedback-web-renderer-ui/static-1.8305/bundles/popupInjector.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 82ms
35ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38803f733f36ff943399e6539b7fe1fa26611706ce6878b5b21c6a4f96ec862

Request headers

Referer: https://www.upstreamonline.com/
Origin: https://www.upstreamonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 40698
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1056/bundle/main/lead-flows-release.js&cfRay=6aa95428daa65a43-MXP
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6aad35c47a565995-MXP
last-modified: Thu, 23 Sep 2021 09:11:54 UTC
server: cloudflare
etag: W/"9af442c5acbde436228f228f7502bfc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: BdP6Nyyw4.FdbyHhgb7cfRPPJ2MC6STP
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Qg4fKxQlBj6WQWZZSW70sywVO1WU9MRTcqCIgpWMNqoNTJLyfZDDlA==
x-hs-target-asset: lead-flows-js/static-1.1056/bundle/main/lead-flows-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 73ms
29ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1545457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ba0e742eaf7202cc2db318ce1919f154dbf3f84668ffe58b3bfccbdde7ccb1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 256
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9351/bundles/project.js&cfRay=6aad2f83ec493752-MXP
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 03 Nov 2021 05:58:27 UTC
server: cloudflare
etag: W/"341d74d74a8e3fdb264a0f9172733fda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: uFXA3EeocWN5hQO2JO807Yma163grVYf
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6aad35c479d93755-MXP
x-amz-cf-id: zKo4H0_BBgzs2QyxgdX2trAsQOvoOzGSQ10U9PHMTKOHbXElNEZbzw==
x-hs-target-asset: conversations-embed/static-1.9351/bundles/project.js

GET
H2 200 id Show response
nhst.d3.sc.omtrdc.net/ 2 B
321 B 55ms
15ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nhst.d3.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=539A036355B676DE7F000101%40AdobeOrg&mid=20783429088318847672157126199474372508&ts=1636357821744

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Nov 2021 07:50:22 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-6988cccb6f-kxs2k
vary: Origin
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 modules.d4630e91cffbd6b56a37.js Show response
script.hotjar.com/ 222 KB
59 KB 26ms
9ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-615966.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 10:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 940157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59861
access-control-allow-origin: *
last-modified: Thu, 28 Oct 2021 10:40:59 GMT
etag: "fe2e85deda154f5a6e0e0112bec8a18c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: x-kEoW-L0APUSAfD1iNFC8xZyAxVp-TJy0lc1SzXZWU2akwjSJ74Qg==

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/ 318 KB
76 KB 42ms
41ms Script
application/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:22 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: wv3c0qnkBhaWE//T4i2BGA==
age: 974038
content-length: 77456
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:56 GMT
server: cloudflare
etag: 0x8D98DB717A4B865
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3e1aa669-f01e-0055-0399-cbcfec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aad35c518420f76-MXP
expires: Tue, 16 Nov 2021 07:50:22 GMT

POST
H2 204 /
cl.k5a.io/ 0
119 B 18ms
18ms Ping
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.k5a.io/?i=60cb2ce0a314540edb29c9b2&l=p&u=https%3A%2F%2Fwww.upstreamonline.com%2F&pig=https%3A%2F%2Fwww.upstreamonline.com%2Fresources%2Fgfx%2Fupstream%2Fshare-to-facebook.png&c=desktop&ptp=frontpage&psn=&ptl=Upstream%20Online%20%7C%20Latest%20oil%20and%20gas%20news&pwct=&par=&ptg=&pctg=&ppt=&pmt=&pw=&pd=&sbs=&cs=&r=&ul=&uid=14SFxgSiCPetWAth&ns=1&_h=pageView&_s=js&_l=readystatechange&_m=b
Requested by: Host: cl.k5a.io
URL: https://cl.k5a.io/60cb2ce0a314540edb29c9b2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: Apache/2.4.46 (Unix) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 08 Nov 2021 07:50:22 GMT
server: Apache/2.4.46 (Unix)
x-hw: 1636357822.cds138.fr8.hn,1636357822.cds210.fr8.sc,1636357822.cds210.fr8.p
content-type: application/octet-stream

GET
H/1.1 200
OK 19.3c87a0cf3f38939055aa.js Show response
static-global.nhst.tech/assets/ 43 KB
12 KB 95ms
94ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/19.3c87a0cf3f38939055aa.js
Requested by: Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/manifest.975a70efcc059c392a1a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 82a532fb19c83b4108d017ea5896df52b6fd347cc63b1cf7e47c2e3cd9e39979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:30 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #14779
Age: 10132
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 11362
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"ad81-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/app.78ce9925578815c4465f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1037 / 296 of 1000 / last-modified: 1636149938"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 08 Nov 2021 07:50:23 GMT

GET
H/1.1 200
OK 18.4235002bfd5234ebdad4.js Show response
static-global.nhst.tech/assets/ 3 KB
2 KB 94ms
93ms Script
application/javascript 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-global.nhst.tech/assets/18.4235002bfd5234ebdad4.js
Requested by: Host: static-global.nhst.tech
URL: https://static-global.nhst.tech/assets/manifest.975a70efcc059c392a1a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 60d45b17c0a823ad4f286dc983dfa8adc6ae64f7c2978fdd13175e133ba85ec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 05:01:06 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #14643
Age: 10155
X-Powered-By: Express
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1222
Last-Modified: Mon, 08 Nov 2021 04:17:03 GMT
ETag: W/"a02-17cfdc38a18"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
cache-control: max-age=3600
Accept-Ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
44 KB 65ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MS92C6

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4232147f5b0bc79975447315a98a5e042be1600c8ead4860510af52cb215eeba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45011
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 07:50:23 GMT

GET
H2 200 59e8622ae45a1dfd27a882c9.js Show response
pp.lp4.io/app/59/e8/62/ 135 KB
38 KB 48ms
15ms Script
application/javascript 136.243.25.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/app/59/e8/62/59e8622ae45a1dfd27a882c9.js
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.25.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.25.243.136.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 905079b4cadfc2cd54783123d09980fc8b5dff33401a39c7bc5da748ac282d6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 10:49:58 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "21ae7-5ceeec5bdeee0-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 38152
expires: Mon, 08 Nov 2021 08:20:23 GMT

GET
H2 200 RCae464ba0bfac45778b601cbcb1ef7e97-source.min.js Show response
assets.adobedtm.com/7c39b7bcdd1c/0d402ea23a3d/580ee5ae16a6/ 644 B
688 B 17ms
17ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/7c39b7bcdd1c/0d402ea23a3d/580ee5ae16a6/RCae464ba0bfac45778b601cbcb1ef7e97-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/c9de113fe3f4324b71de8cdd1f35ef2f1a345709/satelliteLib-5eccb123dcdb14f5ae0f47005eaf4bbfd3dab40c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4e658b10ea88b8e640df1a8fedebb3973b416cc8c29a283ae8c8501dc69edd43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 09:33:57 GMT
server: AkamaiNetStorage
etag: "e0baafc15bca3c830ebfc1e5121720fb:1635932037.38305"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.upstreamonline.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 419
expires: Mon, 08 Nov 2021 08:50:23 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 201ms
156ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=1545457&conversations-embed=static-1.9351&mobile=false&messagesUtk=13c93d936fc8478a9123a9a801ecd518&traceId=13c93d936fc8478a9123a9a801ecd518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.upstreamonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6aad35cd3e1c374a-MXP
access-control-allow-origin: https://www.upstreamonline.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 54d47097-502f-44a1-96c0-6f46d056207a
x-trace: 2B1DDB0E8A9E9755C0756262012D1128BD5450178E000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vLbeshW9XetlBpjGY4LGzuahQOE9S9JMyZFf7v0k1diXNfUysGFTjr0TZyEaVtdg6P9PE4FLwTjm1Vs6nfm0Ux9MViPEWmw%2Fq88BGJwQATCoGgGb7FOctGz43apM%2B%2Fbeg%2Fl%2Bv1obSiHZERe2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 265 B
824 B 154ms
152ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e4ea2c9ce29600a81f4d99af9293eee640e10f675e8d41a8a4855d749a408c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.upstreamonline.com/

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ae1b8f13-c75a-4844-b2fd-3da3e906119f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 207
server: cloudflare
x-trace: 2B753578B57603B9EAF6C53BE13391685310F99D3B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV2bjhBRtJRfrwYTUN2w8uxvHTwmcoOqzUO8twBLA4JZ5NEwMWqbdXpZl%2F7lmhgvCrYIQxX%2B%2FxSDpj5RdiYxOt8B8qOIK6vuJDjHYKgaXyThAZqjKyG33TF1yP3yj3ufKGWjgZaJNyFlyNX6nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6aad35ce3fcd374a-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H/1.1 200
OK a384ee20ae33bab4cc4769a090106b69
images-global.nhst.tech/image/ejJndzBML1ovdlFwd1hYYmdoOTRUZ1Vja2FvQ1hTU3dlcVZadmlGSm9BMD0=/nhst/binary/ 7 KB
7 KB 410ms
96ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/ejJndzBML1ovdlFwd1hYYmdoOTRUZ1Vja2FvQ1hTU3dlcVZadmlGSm9BMD0=/nhst/binary/a384ee20ae33bab4cc4769a090106b69?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: f4f7d7372e39253fd8bee8dee260128726f783bac389856bf2844c5795ccfd3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 00:14:37 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #324
Age: 113746
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7318

GET
H/1.1 200
OK e1fa43079f82a79a61e321d78f9004c4
images-global.nhst.tech/image/L0ptNzZ1dHlLdEZwa013UGJYeHBXdjcvT09tajAzNjU2cWZaREdOanNWZz0=/nhst/binary/ 13 KB
14 KB 411ms
97ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/L0ptNzZ1dHlLdEZwa013UGJYeHBXdjcvT09tajAzNjU2cWZaREdOanNWZz0=/nhst/binary/e1fa43079f82a79a61e321d78f9004c4?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 38557eef2f4492201f5b3e6a8f93c102cdf1e97c7b11c30fb1994a25e3ed0380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 12:01:17 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #279
Age: 71346
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13677

GET
H/1.1 200
OK 3b1285a7da0bc6349b7805ed6be475a1
images-global.nhst.tech/image/L0ptNzZ1dHlLdEZwa013UGJYeHBXdGxwMWFvTGg1emtCV293K0lTWDlXND0=/nhst/binary/ 16 KB
16 KB 495ms
181ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/L0ptNzZ1dHlLdEZwa013UGJYeHBXdGxwMWFvTGg1emtCV293K0lTWDlXND0=/nhst/binary/3b1285a7da0bc6349b7805ed6be475a1?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 48fcbd45a4b6d4ce6b5c0a470563ad51ea96eaa1519e168ae28d4b51b14e884c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 23:24:23 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #163
Age: 30360
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16470

GET
H/1.1 200
OK 0a0ff9504c6474ffcff6deeb73d53b15
images-global.nhst.tech/image/ZFBFNHhpdzFuL0VqdzN1UXBuWGNCcWlDMXNYQUxxajhCVVZHazJFK0FBTT0=/nhst/binary/ 6 KB
6 KB 410ms
96ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/ZFBFNHhpdzFuL0VqdzN1UXBuWGNCcWlDMXNYQUxxajhCVVZHazJFK0FBTT0=/nhst/binary/0a0ff9504c6474ffcff6deeb73d53b15?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 422d2b89f17006fe1a4980ed7fb77eb6b5b004a91d481a235804b624213f74dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 13:00:30 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #347
Age: 154193
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6268

GET
H/1.1 200
OK dbbd7d3fbd55280133d8a9dbb44a5cc4
images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzOWpHZGJrd0RsSzFTMFgwd0VkeUo0dz0=/nhst/binary/ 10 KB
10 KB 390ms
95ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzOWpHZGJrd0RsSzFTMFgwd0VkeUo0dz0=/nhst/binary/dbbd7d3fbd55280133d8a9dbb44a5cc4?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: fcfaadb1fb77388243c1e80b0fb92f539312ddab2fe99d5ac659599a3bb10ddd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 04:38:43 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #114
Age: 11500
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9804

GET
H/1.1 200
OK bbe3b7609a44d2f2c210c1c57bcbb903
images-global.nhst.tech/image/TkViNnFqV09oQ21LNVhnbjFrWUZ2aEZqenpZalNOdnY0U2VKL0RFamdIbz0=/nhst/binary/ 15 KB
15 KB 459ms
180ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/TkViNnFqV09oQ21LNVhnbjFrWUZ2aEZqenpZalNOdnY0U2VKL0RFamdIbz0=/nhst/binary/bbe3b7609a44d2f2c210c1c57bcbb903?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: b98c4831e42397043661597b4e384cce42b4e57396ce271b1e28e616b312f708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:47:29 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #162
Age: 75774
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15124

GET
H/1.1 200
OK faf8d328a9d82e7af75e330113bfa146
images-global.nhst.tech/image/ZzJxREZlazBBZzFxNm1pMkxza2NUd1Vja2FvQ1hTU3dlcVZadmlGSm9BMD0=/nhst/binary/ 9 KB
10 KB 92ms
92ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/ZzJxREZlazBBZzFxNm1pMkxza2NUd1Vja2FvQ1hTU3dlcVZadmlGSm9BMD0=/nhst/binary/faf8d328a9d82e7af75e330113bfa146?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 52a13673c1b29e32b3b6f23a10abb9f796915da0dc609935663ba7fe88e900f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 22:14:39 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #115
Age: 34543
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9588

GET
H/1.1 200
OK 81aedca68c6ad8e70bcb9560aef8de17
images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzL1dEWk5nSHFoVkg3TFdETjdzcklFWT0=/nhst/binary/ 20 KB
20 KB 94ms
94ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzL1dEWk5nSHFoVkg3TFdETjdzcklFWT0=/nhst/binary/81aedca68c6ad8e70bcb9560aef8de17?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 7d8ae2ba169984ca7f411d377fb78a28c18122e3dd4c723f8a5fd4d5d11f888d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 11:18:23 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #699
Age: 160320
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20211

GET
H/1.1 200
OK fb076ca212d5b657a211e18951a49550
images-global.nhst.tech/image/TVpHZFFoZHR2a0JqRmZ1aW5mbEx1Uy9TVnZnblFEUEY3SnA2K3hobXBwQT0=/nhst/binary/ 7 KB
8 KB 93ms
93ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/TVpHZFFoZHR2a0JqRmZ1aW5mbEx1Uy9TVnZnblFEUEY3SnA2K3hobXBwQT0=/nhst/binary/fb076ca212d5b657a211e18951a49550?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 1438f41bb6c022d8d3c4c76dee706c57b11f8569ab0d6b706b24641bdfbf52c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 00:14:50 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #445
Age: 113733
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7514

GET
H/1.1 200
OK 32116bb33149152a9b179136da40a71d
images-global.nhst.tech/image/L0ptNzZ1dHlLdEZwa013UGJYeHBXdWhQczkrMnpGd215b0pNYkpVSkNxRT0=/nhst/binary/ 28 KB
28 KB 96ms
96ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/L0ptNzZ1dHlLdEZwa013UGJYeHBXdWhQczkrMnpGd215b0pNYkpVSkNxRT0=/nhst/binary/32116bb33149152a9b179136da40a71d?image_version=720
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 85e57a72bc14da6765c24e673cd9b34211a787f02a745a55d75009c37ea44155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 02:01:04 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #92
Age: 20958
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28325

GET
H/1.1 200
OK 5347e96378ceaf2ea44e808db0d43d05
images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzMXROblpGeWpTbzVMLzZmaHpyRVd2UT0=/nhst/binary/ 12 KB
12 KB 99ms
98ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzMXROblpGeWpTbzVMLzZmaHpyRVd2UT0=/nhst/binary/5347e96378ceaf2ea44e808db0d43d05?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 9f3f65797087c204763cdc4e52ea674fa3140e0f7b5ee176e8e3dd5d7d0b63d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 18:31:05 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #503
Age: 134358
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12348

GET
H/1.1 200
OK be88b7485f50ff19754733c660b78bd2
images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzeUpYWTFjUjVhcTVMU1k0MFRiWFpJUT0=/nhst/binary/ 16 KB
16 KB 94ms
93ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/dzE0NmVWSjFyWXFJazhCVCtrMlEzeUpYWTFjUjVhcTVMU1k0MFRiWFpJUT0=/nhst/binary/be88b7485f50ff19754733c660b78bd2?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 413763083ff8b2379dcbba7cd8aecac0c8ea524fa35956112bf7c352388bfe4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 23:27:33 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #121
Age: 30170
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15981

GET
H/1.1 200
OK 31c5d64163edec19859a3634cc54aa5a
images-global.nhst.tech/image/czA1MTVTYWF6N2Rna0gyS1QrVHZXUkZqenpZalNOdnY0U2VKL0RFamdIbz0=/nhst/binary/ 18 KB
18 KB 98ms
97ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/czA1MTVTYWF6N2Rna0gyS1QrVHZXUkZqenpZalNOdnY0U2VKL0RFamdIbz0=/nhst/binary/31c5d64163edec19859a3634cc54aa5a?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 4a8af3c4d35c39f88085e845c90510f62fc09f3e5cdbbf8f543d323bafe37283

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 02:05:07 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #121
Age: 20716
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18041

GET
H2 200 s4756877172202 Show response
nhst.d3.sc.omtrdc.net/b/ss/nhstglobals/10/JS-2.22.2-LBWB/ 219 B
472 B 38ms
38ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nhst.d3.sc.omtrdc.net/b/ss/nhstglobals/10/JS-2.22.2-LBWB/s4756877172202?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=8%2F10%2F2021%207%3A50%3A23%201%200&d.&nsid=0&jsonv=1&.d&mid=20783429088318847672157126199474372508&aamlh=6&ce=UTF-8&ns=nhstglobals&cdp=2&pageName=Upstream%20Online%20%7C%20Latest%20oil%20and%20gas%20news&g=https%3A%2F%2Fwww.upstreamonline.com%2F&c.&apl=4.0&inList=3.0&getValOnce=3.0&getNewRepeat=3.0&getPreviousValue=3.0&getQueryParam=4.0&pt=3.0&getTimeParting=6.3&getTimeSinceLastVisit=2.0&formatTime=2.0&.c&cc=NOK&server=www.upstreamonline.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=Upstream%20Online%20%7C%20Latest%20oil%20and%20gas%20news&v2=https%3A%2F%2Fwww.upstreamonline.com%2F&v10=New&c11=year%3D2021%20%7C%20month%3DNovember%20%7C%20date%3D8%20%7C%20day%3DMonday%20%7C%20time%3D8%3A50%20AM&v11=year%3D2021%20%7C%20month%3DNovember%20%7C%20date%3D8%20%7C%20day%3DMonday%20%7C%20time%3D8%3A50%20AM&v13=https%3A%2F%2Fwww.upstreamonline.com%2F&v53=20783429088318847672157126199474372508&c75=JS-2.9.0-L8UK&v80=B&v129=New%20Visitor&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=539A036355B676DE7F000101%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP6326e4d6b32f4a71ad5204459cc57d66/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c9acee73f8d2230959de5d8b5b26e143cd8808f33f73b0ed921e293f4e45196d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-aam-tid: BVIzZcltS+k=
date: Mon, 08 Nov 2021 07:50:23 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 219
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v019-04d6dc97f.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Tue, 09 Nov 2021 07:50:23 GMT
server: jag
xserver: anedge-6988cccb6f-w8w5n
etag: 3514051668756561920-4619719901973763156
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 07 Nov 2021 07:50:23 GMT

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 09E8 2 KB
1 KB 25ms
7ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-615966.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

content-type: text/html
content-length: 1044
date: Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 6WVpPs_QR8GMZn5j_2yfbJmnTWClbkkhLomsjjJFViF2LkMLY1dGYw==
age: 1643718

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
683 B 143ms
142ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=1545457&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df75389c177cfd2638d509f560e9756601041dce099242297c3d4ca108172331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 22bb3894-b04b-476e-92fd-dc144dc71d50
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIx0jRE%2F3tGR2%2BVZN%2F34E6tFxCEBqnMpIL3F1C1r8Qg51h%2BNss%2BRHWV68yzH3KpIoG1hT%2B%2FDaUmja1OWn76rSxZaxFfvsTytQmrB%2FLUMCUFZdxvym8gnB9rheCpOnbdP5XoSwsA48rWdHSDn5T7%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.upstreamonline.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6aad35ce2fbd374a-MXP
access-control-allow-headers: *

GET
H2 200 en.json Show response
cdn-ukwest.onetrust.com/consent/81cde712-3708-4931-8d5e-c38803269176/c61bdbb3-77d1-437b-93a2-fadd01f9e6f7/ 87 KB
18 KB 21ms
21ms Fetch
application/x-javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/81cde712-3708-4931-8d5e-c38803269176/c61bdbb3-77d1-437b-93a2-fadd01f9e6f7/en.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e0c6c26e5e686a0bed5285097c22ff0cc27eafe6672b5378b98c90e8a8251c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: rKp+yQVGl4vzcVTI0qI3dA==
age: 13777
content-length: 18567
x-ms-lease-status: unlocked
last-modified: Tue, 02 Nov 2021 06:31:24 GMT
server: cloudflare
etag: 0x8D99DCA648786CB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b9ec63ab-201e-003a-4ed0-cf6738000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aad35ce5be81f11-FRA

GET
H2 200 get-loader.js Show response
loader.wisepops.com/ 56 KB
18 KB 77ms
30ms Script
text/javascript 2606:4700:20::ac43:4adc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.wisepops.com/get-loader.js?v=1&site=WkLnBNb8jm
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a88f6de29eeb95ef564a5af784f88ce56b95e094a019e04ef25080bbf5f765

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Nov 2021 06:40:50 GMT
server: cloudflare
age: 4173
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zvVQw22HV8RUzgx2%2BzTKLpSVROVgN%2BJblI9s4NbV4%2BJ7rRslIfEFskeo6wN4iVAhu4BDOrjY4CQ%2FDkqUbROCNhzHbAWFD0X8u50VvY0zN8wMns%2B340YkqOls8F%2BSnBW1Bzq2XKGWbBDq%2FjyhaefbMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-cloud-trace-context: 8a0fa3279f1e42e0bbca9f0b779a3924
cache-control: private, max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6aad35ceff3ee8eb-MXP

GET
H2 204 p
pp.lp4.io/ 0
69 B 12ms
12ms Image
text/plain 136.243.25.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pp.lp4.io/p?i=59e8622ae45a1dfd27a882c9&r=&sr=&mt=Upstream%20Online%20%7C%20Latest%20oil%20and%20gas%20news&ma=-1&tg=-1&ctg=-1&mp=-1&mu=-1&mi=https%3A%2F%2Fwww.upstreamonline.com%2Fresources%2Fgfx%2Fupstream%2Fshare-to-facebook.png&md=The%20leading%20global%20oil%2C%20gas%20and%20energy%20news%20resource.%20Covering%20the%20latest%20oil%20and%20gas%20news%20including%20shale%2C%20lng%2C%20drilling%2C%20exploration%20and%20production.&or=-1&wc=-1&pw=&pwu=0&co=0&il=&hv=&sc=-1&p=https%3A%2F%2Fwww.upstreamonline.com%2F&c=desktop&t=frontpage&s=&_r=1636357823736:4.7.22:20211022-124954
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.25.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.25.243.136.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
server: Apache/2.4.29 (Ubuntu)

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
519 B 154ms
131ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: ea53433b-a699-4e0b-8cdb-9a6dc912fc94
x-trace: 2B223430DC2A0409E217AACF72C611D6845C0F86B0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6aad35d0edf32bce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H/1.1 200
OK 45195dea22bc40db1dd75cf4548e9788
images-global.nhst.tech/image/MUpCZkIzVkhJOTdnQzJaSE5FVm52aEZqenpZalNOdnY0U2VKL0RFamdIbz0=/nhst/binary/ 6 KB
6 KB 95ms
95ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/MUpCZkIzVkhJOTdnQzJaSE5FVm52aEZqenpZalNOdnY0U2VKL0RFamdIbz0=/nhst/binary/45195dea22bc40db1dd75cf4548e9788?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 91414dcfe981b2a11cbf76b65be00c2af3ce45d4d171cee5ad68a9840cc7b0e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 12:18:56 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #285
Age: 156686
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5970

GET
H/1.1 200
OK a5f02e20890bc57293fb2502c35620da
images-global.nhst.tech/image/TkViNnFqV09oQ21LNVhnbjFrWUZ2bjJuQVdObWplYTlSTnl1b2xVdlRPST0=/nhst/binary/ 8 KB
8 KB 96ms
95ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/TkViNnFqV09oQ21LNVhnbjFrWUZ2bjJuQVdObWplYTlSTnl1b2xVdlRPST0=/nhst/binary/a5f02e20890bc57293fb2502c35620da?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 1b82697fd8fdf075079e29c67975e949442c4a68818a002bad2f1ee536e21ac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 01:11:33 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #203
Age: 110330
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7856

GET
H/1.1 200
OK 25676a0c96c675f3baf03a75993ce2ff
images-global.nhst.tech/image/YzBpdUtPN3ZISlQzdmZPM1FkalIxd1Vja2FvQ1hTU3dlcVZadmlGSm9BMD0=/nhst/binary/ 8 KB
8 KB 93ms
92ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/YzBpdUtPN3ZISlQzdmZPM1FkalIxd1Vja2FvQ1hTU3dlcVZadmlGSm9BMD0=/nhst/binary/25676a0c96c675f3baf03a75993ce2ff?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 5941723b885cd55d14dce3acf8205227a57ba686f79fef9c5d11733fae010e50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 23:31:55 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #82
Age: 29908
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7784

GET
H/1.1 200
OK f61fbe379d7f51151304b9be28e03194
images-global.nhst.tech/image/OTJRVWsvNWhZNXdpdERSNklqR1gzTmE5cTRtemFrUWFBSVNINUMvZ20xZz0=/nhst/binary/ 9 KB
10 KB 93ms
92ms Image
image/jpg 40.114.8.249
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-global.nhst.tech/image/OTJRVWsvNWhZNXdpdERSNklqR1gzTmE5cTRtemFrUWFBSVNINUMvZ20xZz0=/nhst/binary/f61fbe379d7f51151304b9be28e03194?image_version=360
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.8.249 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 5f25dbb05f2e99a8685708d7d388784116b117c3cba4522096bc9bb9fffde473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 11:17:15 GMT
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish-v4
X-CDN-Location: EUS
X-CDN-Cache: HIT #283
Age: 160387
X-Powered-By: Express
Content-Type: image/jpg
Access-Control-Allow-Origin: *
cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9670

GET
H2 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
117 KB 41ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
718 B 48ms
21ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.upstreamonline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d63fa7682106146d6112f1f042069486cd6a66dab846221523b0d23086379a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS92C6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6558
date: Mon, 08 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 08 Nov 2021 08:01:06 GMT

GET
H2 200 OERBRHGT.js Show response
cdn.insurads.com/bootstrap/ 7 KB
3 KB 179ms
64ms Script
application/x-javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/bootstrap/OERBRHGT.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS92C6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 550355e4adae23c4c8da73268e54479e097f6fb7e646533dcb1c6ebac0c32b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
cdn-edgestorageid: 756
x-amz-request-id: 57FFMTZBKTW4GTJ3
cdn-cachedat: 10/14/2021 13:46:07
cdn-pullzone: 55316
x-amz-id-2: 8oOByR+a3jIVgPBLBf8O5Ec33VOTdW2qjNEszJS32x6imo2lncoEsSS03AuNCle+WUoeEAFF9J0=
server: BunnyCDN-DE1-756
last-modified: Wed, 23 Jun 2021 10:41:07 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=31536000
cdn-requestid: b731e01182aa5e36517b8e45e45a49c8
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 otCenterRounded.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 9 KB
3 KB 29ms
28ms Fetch
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCenterRounded.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: GusGKeZw4BFJM/nj45byyg==
age: 973883
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:46 GMT
server: cloudflare
etag: 0x8D98DB711EF37BF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ef7a63fb-501e-003e-7799-cb92ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aad35d148571f11-FRA
expires: Tue, 16 Nov 2021 07:50:24 GMT

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/v2/ 47 KB
11 KB 35ms
34ms Fetch
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/v2/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: 9E3lVDuBS011aFtnS8Lptg==
age: 973883
content-length: 11581
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:47 GMT
server: cloudflare
etag: 0x8D98DB7124E10A5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1d45da59-b01e-0059-1199-cb211d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aad35d148591f11-FRA
expires: Tue, 16 Nov 2021 07:50:24 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 5 KB
2 KB 26ms
25ms Fetch
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: faMrXPz5JqfF3CH105XLtA==
age: 963007
content-length: 2144
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:32:45 GMT
server: cloudflare
etag: 0x8D98DB710DEBDEA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c318e879-601e-0036-20b3-cb89c9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6aad35d1485a1f11-FRA
expires: Tue, 16 Nov 2021 07:50:24 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/ 20 KB
4 KB 33ms
32ms Fetch
text/css 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/assets/otCommonStyles.css

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 973883
x-ms-lease-status: unlocked
last-modified: Tue, 12 Oct 2021 19:33:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2edcd197-301e-006a-6899-cb7830000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6aad35d1485d1f11-FRA
expires: Tue, 16 Nov 2021 07:50:24 GMT

POST
H2 200 my-wisepop Show response
popup.wisepops.com/ 267 B
829 B 194ms
153ms XHR
application/json 2606:4700:20::681a:a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.wisepops.com/my-wisepop
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=WkLnBNb8jm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed57b435b67b11f8ca012da2f2d5f1eb2ef139a403b7fb2655831a81f06f8f5

Request headers

Accept: application/json
Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST, GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIfGHlFn%2FFi55f%2FCchKXPtw8v7mwJE6LDbm%2F4sACGVbSmQlE9VQAx3D86%2Binj7r1tfc9XsEdFxSvmprXWpLtMM1aBylhoPpHRugA5ym35F%2BCOzMsPFyXoLl9GYFxq22N95EQMA0Xd7qWvmSggnIOaw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context: 6c4b5bec78df4c68da401eba50ec0d4a
cache-control: no-store
cf-ray: 6aad35d1ca02696f-FRA
access-control-allow-headers: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 63ms
25ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upstreamonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 65ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upstreamonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 58ms
56ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463387444747955&correlator=2594790786697379&output=ldjh&impl=fifs&eid=31063280%2C21068030%2C31063182%2C31063246%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=21646926696%2Cupstreamonline.com%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x150%7C320x200%7C300x250%7C980x120%7C980x150%7C980x180%7C980x300%7C768x200%7C970x250%7C1272x300%7C1272x180%7C1272x150%7C1272x120&eri=1&cust_params=ads_env%3Dprod%26user_login%3Dfalse%26ups_section%3Dece_frontpage%26globals_segment%3Dgeneric&cookie_enabled=1&bc=31&abxe=1&lmt=1636357824&dt=1636357824027&dlt=1636357820540&idt=3396&frm=20&biw=1600&bih=1200&oid=2&adxs=12&adys=147&adks=2411967391&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upstreamonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1576x0&msz=1576x0&ga_vid=1031327413.1636357824&ga_sid=1636357824&ga_hid=635271969&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1fc4dd3bed1f1a17fd8cfdb8571b0f0c29534301ba5f968799126c959e5a416c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11562
x-xss-protection: 0
google-lineitem-id: 5676427606
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349619014
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 58ms
56ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463387444747955&correlator=2039479215632174&output=ldjh&impl=fifs&eid=31063280%2C21068030%2C31063182%2C31063246%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=21646926696%2Cupstreamonline.com%2Cmagstripe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C414x1%7C414x52%7C768x1%7C768x52%7C1272x1%7C1272x60%7C1192x60&eri=1&cust_params=ads_env%3Dprod%26user_login%3Dfalse%26ups_section%3Dece_frontpage%26globals_segment%3Dgeneric&cookie_enabled=1&bc=31&abxe=1&lmt=1636357824&dt=1636357824034&dlt=1636357820540&idt=3396&frm=20&biw=1600&bih=1200&oid=2&adxs=164&adys=159&adks=4186927975&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upstreamonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1272x0&msz=1272x0&ga_vid=1031327413.1636357824&ga_sid=1636357824&ga_hid=635271969&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2a0bbfce85ba123533ba99e3c42487c8197d062d34cb7287256541bd8ae24cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10393
x-xss-protection: 0
google-lineitem-id: 5799326872
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138365372277
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 59ms
58ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463387444747955&correlator=983470116358885&output=ldjh&impl=fifs&eid=31063280%2C21068030%2C31063182%2C31063246%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=21646926696%2Cupstreamonline.com%2Cscp&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&eri=1&cust_params=ads_env%3Dprod%26user_login%3Dfalse%26ups_section%3Dece_frontpage%26globals_segment%3Dgeneric&cookie_enabled=1&bc=31&abxe=1&lmt=1636357824&dt=1636357824037&dlt=1636357820540&idt=3396&frm=20&biw=1600&bih=1200&oid=2&adxs=164&adys=1185&adks=960426179&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upstreamonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=948x0&msz=948x0&ga_vid=1031327413.1636357824&ga_sid=1636357824&ga_hid=635271969&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8a8cf0177e1e7a74ffd4e842453f1d8b69ae170c59a47df86f0b4eba25bd4262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9310
x-xss-protection: 0
google-lineitem-id: 5677109981
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369315317
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 52ms
50ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463387444747955&correlator=4392088715398303&output=ldjh&impl=fifs&eid=31063280%2C21068030%2C31063182%2C31063246%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=21646926696%2Cupstreamonline.com%2Cbrandbanner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100&eri=1&cust_params=ads_env%3Dprod%26user_login%3Dfalse%26ups_section%3Dece_frontpage%26globals_segment%3Dgeneric&cookie_enabled=1&bc=31&abxe=1&lmt=1636357824&dt=1636357824041&dlt=1636357820540&idt=3396&frm=20&biw=1600&bih=1200&oid=2&adxs=1136&adys=159&adks=4284824202&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upstreamonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1031327413.1636357824&ga_sid=1636357824&ga_hid=635271969&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b060b10ebfc0a5f284acbb6f8b2af1e264311d47b0f6b68beceaefe70f31de91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11660
x-xss-protection: 0
google-lineitem-id: 5820717977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369807006
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 295ms
293ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463387444747955&correlator=2461470599458088&output=ldjh&impl=fifs&eid=31063280%2C21068030%2C31063182%2C31063246%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=21646926696%2Cupstreamonline.com%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C300x600%7C320x150%7C300x250%7C320x200%7C768x200&prev_scp=Pos%3D1&eri=1&cust_params=ads_env%3Dprod%26user_login%3Dfalse%26ups_section%3Dece_frontpage%26globals_segment%3Dgeneric&cookie_enabled=1&bc=31&abxe=1&lmt=1636357824&dt=1636357824044&dlt=1636357820540&idt=3396&frm=20&biw=1600&bih=1200&oid=2&adxs=1136&adys=171&adks=56772384&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upstreamonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1031327413.1636357824&ga_sid=1636357824&ga_hid=635271969&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

31150a0018f782c4f44fc4e6a1931d592efbfa57720418c4f13ab8e775cd133a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11620
x-xss-protection: 0
google-lineitem-id: 5691735028
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369745290
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 323ms
322ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463387444747955&correlator=1818521946526299&output=ldjh&impl=fifs&eid=31063280%2C21068030%2C31063182%2C31063246%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=21646926696%2Cupstreamonline.com%2Cmediumrectangle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x200%7C300x250%7C768x200&prev_scp=Pos%3D1&eri=1&cust_params=ads_env%3Dprod%26user_login%3Dfalse%26ups_section%3Dece_frontpage%26globals_segment%3Dgeneric&cookie_enabled=1&bc=31&abxe=1&lmt=1636357824&dt=1636357824048&dlt=1636357820540&idt=3396&frm=20&biw=1600&bih=1200&oid=2&adxs=1136&adys=171&adks=999753107&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upstreamonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1031327413.1636357824&ga_sid=1636357824&ga_hid=635271969&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

98f566dc13a357c1c6a0761aef9bb2d2962648bee904fa5f557d06755fc08284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11682
x-xss-protection: 0
google-lineitem-id: 5822145319
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369109515
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C62 6 KB
4 KB 289ms
28ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 07:50:24 GMT
expires: Tue, 08 Nov 2022 07:50:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 28ms
21ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=635271969&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upstreamonline.com%2F&ul=en-us&de=UTF-8&dt=Upstream%20Online%20%7C%20Latest%20oil%20and%20gas%20news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=288749178&gjid=1523282434&cid=1031327413.1636357824&tid=UA-4676970-1&_gid=1142563976.1636357824&_r=1&gtm=2wgb31MS92C6&z=1326388992

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20FE 0
0 43ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEtX_1uvMy1gORiX1CMgRwcRUa6_w-0PEJ9Ylop6roncOEWaq-tjqxa2U3AaHdZamMqdR_YzFKhbmKnPlVHi8sYFt5lUac9p5DHZgleOw2REZdztmXpE2LHiIpbhjJW86sdhRiqogB87UVRNJmmPU-fIOcvLhRzpY9J5ZlxLzqO1JGCFS9jw8EqknvQHFDUE0itKHPeeEOoKaUWtLOTdMlnIhHjHqj5vnVOwWUnY7nyw1zUrqT5k0C2NHU7NcVDEWkPf0VBBGEMXxwo6SWGq5iPAX-vK1BQGD8HqdQ7khb5kkgzWvgScKcDEjcaq5PAyljkiqt4VkX_BwjeyDu0L70BGUEatcfPlQ&sai=AMfl-YT0QoQ3FV_bz82pEssHNXs1e9Qo5_2b68AHb9hbw8MmUVllqWpnJZgZzmD2eqopJh9oXGmueX3-PHHNiZl0f60qHZlQ3WBD9NRuZe9uJXWGsekQ79PUgmDojS8LdjFp&sig=Cg0ArKJSzM1M9AmrL9igEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 20FE 3 KB
2 KB 107ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20FE 120 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 4660865109361831343
tpc.googlesyndication.com/simgad/ Frame 20FE 22 KB
22 KB 108ms
27ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4660865109361831343

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5630e4b4adb07cea66d2c06cdfbc6578f8e4dc2512910b5e5945a3d7e3553b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:19:43 GMT
x-content-type-options: nosniff
age: 1841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22539
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 03:45:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 07:19:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 20FE 0
0 108ms
27ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTjh27uKiIiHMPKvvYNqB1foT5fY_poMF2aAwvLOHBiD4S2NbVNtWjFbxYwg02YFIef4dJr7cusoQ5y9QcPBBRTTIcQA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F3B5 0
0 43ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ7zSmknp8WbFO7IFxujVEVlf6PAMSK0sUvi6p7DuMsL72wwoaEbFK3jQs70gX14dUc-VyxM5C5D4p7zG8ssn1sULwzWCHHt49cZFEzQlefdlcsWCall952B2vb3_gmDillpN5NSrFJtv6jb08HOXv1dEfAci76qunv05n2mqlY_EwLyU_4DmC3HUDKFabr_6P0cO9VzItqwU80qYiKre8XPbvuom9HXlHkwiAmMbGVmcFmxlWZOLmzzSRshBVD_XlGsZc_3qb6yvnkb_YdP_LNhqWCLLEG8oEeHpr2DbaTuwiCWiUrUSQNx9Z03_fTfZu9ABMOWWbAKe4k3KGUfd1BGKYpw03Dq8&sai=AMfl-YSfGDfgRgrJKipZ58FV7JbZ-iU51T2wVxZT5DkZjenjbLdh5TVuJ8OqsI53GGFNCmELxQITacaE7q8_ChZ5b_oHlWx9kN46lnSIXoti_O3Bk5sgWa9sK3GPSMsrUEnC&sig=Cg0ArKJSzIZ5Yu-4MDhWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame F3B5 3 KB
1 KB 95ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3B5 120 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 2152875769586307004
tpc.googlesyndication.com/simgad/ Frame F3B5 87 KB
87 KB 125ms
57ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2152875769586307004

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6b9d04988fc9acdf9de6f4c7cd4faa6971a36ed06f4c3489139293418d98cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 22:29:54 GMT
x-content-type-options: nosniff
age: 120030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89183
x-xss-protection: 0
last-modified: Wed, 12 May 2021 05:42:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Nov 2022 22:29:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D74 0
0 44ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyrKYJ6k31MoaD0rjhlMNBLOLULqQ0a88FEXMc3FedtH31PWnB0T68XMOWkVPGA2y-vbnNyw_6p_CZX__sVwKXKeCVqIpHWmQIUS16hKW9a31WZG5EUYPnCkIT1GgcjrgI_4MSMxV__tsHZMUa43CQa1jsfXnSEoQqvjB0K6hnO474xCrkOH4S5BTnKmzYVQj5MwIu3GtRQtO6qx1rPYU9FtDQlJxkc1bAnUNrhyqHmsvtwH8WrUWC_INiezd1Oh_CvnwywnBuF3B_j6bW_VUQ6tOuyUiE8XYN1nDH2wbx_kFA7DImW_fIK6ybXwNQ5wBBhzd1Rqtg59PMIPY-lRSe37HreoTK2Wy7f6_825QGxggxeMsEWiM&sai=AMfl-YQ-ZsUcu0VasG_3jQef9lKlObRfbTXvOv4kal1UaNlAX_QLOeNtfOFrNosKwe1z-3lx1ixfZhGStQg7x0CSUcXOfVF2QocBHMKUaUjxJbtA_qwCVNOn7g1NpI4zglQ&sig=Cg0ArKJSzKdYwOaMTNLvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D74 120 KB
37 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2

200

17498701450704525879
tpc.googlesyndication.com/simgad/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyrKYJ6k31MoaD0rjhlMNBLOLULqQ0a88FEXMc3FedtH31PWnB0T68XMOWkVPGA2y-vbnNyw_6p_CZX__sVwKXKeCVqIpHWmQIUS16hKW9a31WZG5EUYPnCkIT1GgcjrgI_4MSMxV__...
https://tpc.googlesyndication.com/simgad/17498701450704525879?

91 KB
91 KB

331ms
26ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17498701450704525879?

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3fea75fccffaf6b1d6559684dc9efd9b90f4f483a7d0360e52e5ec84356594b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:35:13 GMT
x-content-type-options: nosniff
age: 476112
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92914
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 17:59:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 19:35:13 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/17498701450704525879?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 container.html Show response
af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 92F3 6 KB
3 KB 47ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 07:50:24 GMT
expires: Tue, 08 Nov 2022 07:50:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 20FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbecf60c272a7e5f0797f93ffcaac8bc29a0933bd2813a72399be9316892467b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F3B5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a832edd20baff1cbc03ed0657267ea525bb69f37c5982afa11817d9b70dfce45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 275ms
24ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-4676970-1&cid=1031327413.1636357824&jid=288749178&gjid=1523282434&_gid=1142563976.1636357824&_u=YAhAAAAAAAAAAC~&z=262614921

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upstreamonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Nov 2021 07:50:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.upstreamonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ACE1 0
0 58ms
57ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx2oM5VVMlPQJM2n2usMwi-kEyL3-cWxmvi04u29tFBCZ8WxcZiXNEObt3CC1m1ssLT4eKgEyoRGxiFCm9Gz18orulyif4s5d6me2g86ihMWqRDclMSqtH27pNwP46PzcBxPA4OxWm_ALH8U-JqLgYxtu4oJMqmcz9jdQFvifjMLs4z3Vlh6xx1P4vjKanS292ez8UA35zawT3Y6bZZEW3jXm_omVMERJWJQvbq_mO-NaL_ORo_PYGJnsq6sYqewjcWbHPekbt9S59cSXHGA9s-k_djvzjOfuDF7L-iU4Sh7mrmNhG1fH3R2fC0RyYB3K7t98v3xatJxwwiZhHbGWcDg5Xx_Repg&sai=AMfl-YSNIU5D_x_gw4mQoUHbvl9_e-U6_JlZXdibVw_CXh6nsseJavqJ3r1T3DxGnDwulgp_piL9jJ05Ws2oWEmZEwjGLbGJ5-pmTLxeQM-Vn6a-VGLQLk514yPTzOpgEmw&sig=Cg0ArKJSzJtTgp0ObzuAEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame ACE1 3 KB
1 KB 288ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACE1 120 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 15753201778565189303
tpc.googlesyndication.com/simgad/ Frame ACE1 165 KB
165 KB 292ms
29ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15753201778565189303

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

686e6748767891fa53946dd376c13935206547eaf0c2a330df696bb55e09848c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:34:19 GMT
x-content-type-options: nosniff
age: 566166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169074
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 18:17:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Nov 2022 18:34:19 GMT

GET
DATA 200
OK truncated
/ Frame 1D74 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4242c810a4f651799b712fee4767d1746ab8068c3dddb4a5a94585aa603dbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D74 0
0 73ms
44ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9ILTIXK2IiaKYwJaaMU2LEQIxwNWlT75-uEJ00WZ1sisrVtaXmIf-zxXnsfuZ7gbTVyZpnKRpjyZDLB32h-k5X4FVqxQ5ipQyT64dwpgP8vObLw0FvcQVCS9aUeHEr2HFWhoZ69hKf5UlKwVAHYuXESCpXUGOu70mvKnm40vx8veCcx5Xnwi-XW9xgllZys4zr9sqUCNCHECVRzZGq8W29buvgyR6-bnCWM0kq7xNEYUl11QmDioV1CVshjzYaye6tig3Y4ptCmZ3-Z2qpTTyl_eY80PQxFqHw8tABF8rXxRSV4GZDQSy8qkCyw4k8etFlBFFxcyayHxXQWri2OaR_BMUwUzf9MFiBVw&sai=AMfl-YSD4tCr1d-aeiXMrAQb_WYlk5sJD9ywyAtS20H9O6S_0s7aGHANQZvFrgyz1zqtzuHlarRDPT4y7iC8q8qBcg-v18KFUeB4Z3pzhKkazdyfAP0XnQHxZ416IEW09OA&sig=Cg0ArKJSzFKeCKw9bjtUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20FE 0
0 45ms
45ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJm9vIQQcL3ldemmZ6EYzUXL8s7WKWEwnWynj1yCWSLaM37id540I9Jl-nPEi1ocLb4eFhUUqdpJ2KnPk_1mZ2RVV0wTminaykK4TivMpmCRAWjmiu8m3j6syOBPdZ8NhrW0hvgacyUnfxcSCVGLT7Vpxx_JHqaDwjKSmXioQLBmulkSi-xcDUGj8JpD6UjFjvl0Y_ISAlaMykkxerAEQrF6-1lxWlyz4NX5o-gCCIBbbyoBkYGjUdv9t7g5xnk008sxbhsqyWFipD0J1BjM9wR5TG8s83uAizGGYPuGSNHDM8KH8PbBFDs1gyUdFWkeYsFkujxkabNN382Es6Puz2ysMx0rBeai7Lrg&sai=AMfl-YR3QIVh7FYtFmvJ9WAYLB2bgql8Qx4A9p-gcKA0ieayQKalOlFYBn8USTVBq8V964cymxJ09zhcYjEbFAhZgCG-uXeAelhVHMIBgqwJ8tErCXN-SQ5R1Xk-EtoZzlUb&sig=Cg0ArKJSzH6ivNSw4E-pEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA82 0
0 47ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteNbYxxrqaD4rXgvT_Xpx4UZb9IgEw9JUHEKKR6AABuUSaC0vRFgROzoNAd-dfy57ZszSJQ4XXlQxF2Ui0F3cn1U6aHs8vHxxgBglff8f8ooOHl6kfyI589TOvnUr41UXRhliCfivIkbYcTodBQAf4BN3IYFEmcZ5FwLQSHVqNxpeDHXdgIReZTHN2ztHIJTX2O__errgJxoOVYQmOISoUePmM6KrJ3Dbhqt7HSxv_1c3tEX7sJGPeTwp5DPDkERs5N-76vqL_pz4FFHUjRNLpardDjliRjBNZVsZALx_qVZWsODsLNbb1rGdZaenIy9v87fhiJBWNdR0jvOkez0EbWgyPR4nspcb0nuW02Hf8Crgvy2Dazg&sai=AMfl-YQOHTDzHT1JNYWkLoh7myCmvUmtfAiub6K6YzXcCFr5vGlZxutIJWysblXrXPjFA5cnrT0vUCBkzBJnq5UXadZW4j3wUflWejiVksgspeY5ix1z3GFpA2V_ZpNT6wQ&sig=Cg0ArKJSzJlmPnabr-rKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FA82 3 KB
1 KB 135ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA82 120 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
H2 200 5484901247567467770
tpc.googlesyndication.com/simgad/ Frame FA82 44 KB
45 KB 141ms
24ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5484901247567467770

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84ff684d4439eeead8243b1c2cf016482801608eb008c8a0ef66f5698f00f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:49:39 GMT
x-content-type-options: nosniff
age: 385246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45498
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 20:31:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 20:49:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F3B5 0
0 43ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0FAbaLc9ZHYyF2g3IPyFy7QcToeUypYPwi7emfruUYcJSAHc9echBLM5qDA9W5hcgWEGWG3_kIoH8un1X7FbYLMYGiup8bnZbPUlMT4xBvVcJHsQONlXr24rSdiwwCLt9Uua5WezQ-7DzMv-WrxXdDZ572Fif5KCxwZjq4i2GozbFc5KOBQBbmY93XWBW2L4CDhlFh15aEQ2-ZkmWypO5_pJPjEuRpRfY_KBStyI1la98-eFknRNn6g2KG590S-wj8n3MJqH5zZHf1hsWxd3vGcNoUErtIztApMW1E6Ws2GpKf7s8HCK08YAgHuG6k6BX09nrQextMdcTHJqryXw-T4i1VY16CZ0zYA&sai=AMfl-YSLI6C5b0YECGqYc50HKooMHz5usQroQ_V-dp2qe7dlkn2P0CoaIDhquSrquhGJ9pymoCu1JK0RR8HQW2pnTYpM1J25NUfAcIF-INpbj3ZhUyOJjqeYH64rNUmtHnET&sig=Cg0ArKJSzLjjGzCIKRcrEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
DATA 200
OK truncated
/ Frame ACE1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86cfac1ec02d71eb277cc42c5a1c5ecbb91d2eadaff251b1bc9213445757f080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 92F3 22 KB
7 KB 66ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 15:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Nov 2022 15:57:43 GMT

GET
H2 200 14964246494670641642
tpc.googlesyndication.com/simgad/ Frame 92F3 50 KB
51 KB 91ms
43ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14964246494670641642?

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e51f142acc3041a15292dcec8b693b6132295c4d357f0def33f7101db8620557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 01:57:11 GMT
x-content-type-options: nosniff
age: 21194
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51634
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 09:08:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 01:57:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92F3 120 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:24 GMT

GET
DATA 200
OK truncated
/ Frame FA82 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0d2d896ff5deb1765e871cb56bdd681ac53cace3ab433b585e5495e26219a0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 31ms
17ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-4676970-1&cid=1031327413.1636357824&jid=288749178&_u=YAhAAAAAAAAAAC~&z=113640359

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 69ms
25ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-4676970-1&cid=1031327413.1636357824&jid=288749178&_u=YAhAAAAAAAAAAC~&z=113640359

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA82 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEScL6_0j7SuXRe74oR74xz3_DoKAuaXx2AfZoO7d-7GM_j6NqI5c33jlhU_nWKrbUg_17MO2QxICzjE1nBlGz0SMnMKzLdoBNANsHQs1AOp88qbvaNhTBMd2DAWObXbFKPnhd30xh6gQ_5mGnMr1BuyP9MG7k5rccCG_B77vTtvdeWQqzXJNkaL2VaUEGfaW_oM_TRzWQnjGKI7gVPYF7an0JxlQ6F0lvZRSW9M3HtucEIA2eN7L9ZOiOPWvd_NfSjxBqKgmmuX56dWDhLESGbi5SNofNt9a7MUUA6-AO49zChCcN9iGmnq566iBaolR_KJLV8kECt73LilvLSaPwnQ6ypf-FryMYXA&sai=AMfl-YRCKAQQa4PF2bvCLjyxIt-LafJGW81Rlb_JG28lkJxkeDsCS3i04U8e3hL3JEUzw_55GVYPxMDiRPybqrQvF7cUOTU-RmI6oBKniEiBTEHJG-iWWkWALiSmTv3-iXM&sig=Cg0ArKJSzNEF7g0FVtr8EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92F3 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcZ-Vk5gRm4SFqhyA7U2pDqyJTqR1fck9QvsYXUgNoQXW8A9qo9PGtLQgLaTibd4l4UO-FWM7Ijwee7VKmMHXv-lUgMNAHOYjU45w7DCDnfZ7JEkBmZkaiuMRivm3RGQu5jOnd6vMrKLG-Quszga7nr_NAuc3qbWDylvqDODMH55zY3TvqlI67KOdvJFiAaV4-9Vwr5oJ8PpLkGJvcmUxal3PScTjaP73BEl7elDP2JS-pezFcb3kYIXpo6d4aQHSjK3hUcxYdKqUDM3MA2cDY1pcOZpClD7c_oRMTsltydXZdVGKu273hMGZlQ7_WSZ-I9dDxB9dk4HRf22cRRuI&sai=AMfl-YTMQfDRuznALs1WJ43MY3Jsccf7YKOrCLbJf0PSAceuAFDCGwCoSILeuCV269J23o72aD2_n_NEZsIWYcTw3Zjv2DU8UN4PSxrce9bG7zc_WD34Ym4w8iUT7DKDrhk&sig=Cg0ArKJSzLmV_5Rd7gvAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 92F3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dca4c8f50886ab95fe36a4b2db67ad11a77716228eeb7cccbcdbe64cdc4e997e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92F3 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBoQMr78Q5lzlzD_EdfAqgRevDFWIu6L6gkf2C5YEcqVoDNxqtJ1pZAjwkXWT3c8OINl6IGre8hd4aZATal0gvbdgmtUU5RDMvZbZPkHTPQtUO31B9y5guS3kHjqLieEnQCnFAyF2kZZFkivybtl1jKOLbk7eYEZ_8V8WCPzwKTOcaaoUipYty-rvmnMCl8zBdQ0h_PEik6uP44sZ8QeJqnCo4Cx2x2buZ177PzITowNUPtIJeqtkhQS2yabjA1ADOCfSfvHE-hanctatL81HGmqBGot7OH0Namz76826rRMAdxZoU9VnBy7OwXN4X1GwAgMHVsCwpeR8UdSHh3w0RhQ&sai=AMfl-YSn3_wQp6Iv17wlTInbtspAY27__SWwR77yKOeIlSImxR7J8WWysj4YGMK1vo1r6XJbRzg3iqP9PnEeyAloAbtrEeTufktBHPA3uCPDHZf1a_4RvfrCQK3E_Xf5qbw&sig=Cg0ArKJSzKcxIsTq-qMmEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ACE1 0
0 42ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstD97akSGznhhObPurrlZvbWnNpuaqMvs6SHS6AcC2x8hP8I-QSmO6MsH3YVyEN-7sKxXknB8sbQy7F9movHeiA0E853sgt7T9CcCCMoZ6untd0XTlRoQ5ScN8dzPHUEEFPk3gOXXxjOeThlk7ngICChyY_dLgh5KB57klHwP0OLD1dNNEQf44KLFaV8gtiFPKHWPJXWDsMgqeIm1_X7hxSHD_8mFkk9055GLa_CPbTtW6aOTQVpCfKRvTP8GeTSQEPB6xSfejOgU0Son6EXTEVsb4LwVwwY5btAVA2wy83-7cFvCjMfVluWk4Soy2Xv2UjagY6kDxWJIf33ZxMTjhL-zYgbyDRqW2N&sai=AMfl-YTHP5M7dVNvsEt6jzHWXgse5trnSYqpITdlU-Jp_5cBBIpr3YSnUIWBWzJG3453MlNIuJxKo_OWZXsx5Yu4C2AYBXaMDQLHMWhW8tZIh6B-EtTv80mcyWme3s5u010&sig=Cg0ArKJSzMXNqUl-Y9hvEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:25 GMT

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame 8454 2 KB
3 KB 201ms
159ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee220ecac6b954755c3e109de1d5e52fa6d20d98ad96d34f7dbcb0ad4befa4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
content-type: text/html; charset=utf-8
cf-ray: 6aad35d79fba59a1-MXP
age: 2411
cache-control: max-age=0, no-cache, no-store
etag: W/"2c79e84cc06030797f364599ad3858f2"
last-modified: Thu, 04 Nov 2021 09:43:51 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 9349b115ae66d16aae68deb9bb5eebc2.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
content-security-policy-report-only: script-src 'self' www.hubspot.com js.hs-analytics.net *.hsappstatic.net js.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com js.hubspotfeedback.com *.usemessages.com js.hubspot.com js.hsadspixel.net js.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net *.google-analytics.com static.hotjar.com script.hotjar.com www.googletagmanager.com *.fullstory.com fullstory.com *.convertexperiments.com cdn.pdst.fm d.impactradius-event.com cdn.getambassador.com mbsy.co pixel.cdnwidget.com snap.licdn.com connect.facebook.net js.stripe.com checkout.stripe.com survey.survicate.com surveys-static.survicate.com sdk.canva.com www.dropbox.com www.google.com www.gstatic.com apis.google.com maps.googleapis.com www.googleadservices.com tpc.googlesyndication.com googleads.g.doubleclick.net static.ads-twitter.com analytics.twitter.com play.vidyard.com app.vidyard.com fast.wistia.com fast.wistia.net s.yimg.jp www.redditstatic.com 'unsafe-inline' 'unsafe-eval'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.8305/html/fetcher.html&cfRay=6aad35d79fba59a1&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fwww.upstreamonline.com%2F&cfenv=prod&csp=ro
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
x-amz-cf-id: ia4aHGygBF14Lk-88Bev5TyDx7oG0-UOC8F-KpmjUjucpVlZL6jUNw==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: PwxeyN7AvF5fX3AAIqZB7piD6OxCHr3A
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-hs-worker-debug-mode: false
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1002 B 123ms
85ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=1545457&rcu=https%3A%2F%2Fwww.upstreamonline.com%2F&pu=https%3A%2F%2Fwww.upstreamonline.com%2F&t=Upstream+Online+%7C+Latest+oil+and+gas+news&cts=1636357824785&vi=f37870753c38d6a5f2ad4dfdebe7573f&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 287b10d4-22ae-4364-9976-7f43f8cf4f38
cf-ray: 6aad35d78b9059cb-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwupgNEMldCX6LgdmqGk8MctevUi4Nwtw9MyIg3mSESylwrDxM2yUYqMs0wRoJpLYbJM8uJVsPYw5Hgw1vdykdVDymzbnFUmb81OxqKPG7%2BXBDco%2FJKkE%2B0G9q5%2FnZHEd6awO2fLIX%2FIvZh1ZOiJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 65ms
27ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dbc656511d87c916d93c43af201cb867fb1b0764b26a9e24491ba3d7515bb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9303
x-xss-protection: 0

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 198ms
196ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1545457&utk=f37870753c38d6a5f2ad4dfdebe7573f&__hstc=215245651.f37870753c38d6a5f2ad4dfdebe7573f.1636357824782.1636357824782.1636357824782.1&__hssc=215245651.1.1636357824782&currentUrl=https%3A%2F%2Fwww.upstreamonline.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a59984588e93b9271f308b864c1a3d019980d90df2dfeb184e0b56e08196774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1410d14b-e96d-4ef2-bd46-d00058680562
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iEt4sauRYlAvhmZyHq2mNrZwRAiDqlHiMDzTQs%2F4bN4yTSuakaFrZf6XvF77BJhjybLo5F6SNLjvlja4Y1wxXOxlVpkuJNA3OPtqNpuBl1J2%2F8qpuYmEO9KBnb4e0%2FPZ8t%2B9Hsfh2D4m49gx6ML"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.upstreamonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6aad35d7ce9f374a-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 08 Nov 2021 07:50:25 GMT

GET
H2 204 pl
pp.lp4.io/ 0
69 B 14ms
13ms Image
text/plain 136.243.25.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pp.lp4.io/pl?i=59e8622ae45a1dfd27a882c9&ct=4.194&rt=0.565&pt=4.759&pvr=&lp=3.028&p=https%3A%2F%2Fwww.upstreamonline.com%2F&c=desktop&t=frontpage&s=&tg=-1&ctg=-1&_r=1636357824907:4.7.22:20211022-124954
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.25.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.25.243.136.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
server: Apache/2.4.29 (Ubuntu)

GET
H2 200 init Show response
services.insurads.com/ 2 KB
1 KB 339ms
131ms Script
application/javascript 34.236.246.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/init?appId=OERBRHGT&h=https%3A%2F%2Fwww.upstreamonline.com%2F&t=1636357824908
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/OERBRHGT.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.246.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-246-67.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6f8fc6a5cb54399138e1280dbe5598a0a160e0c5d9d6883114bb35c7bf6e303a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8048 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 08 Nov 2021 07:13:05 GMT
expires: Tue, 08 Nov 2022 07:13:05 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F4AD 783 B
969 B 17ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5f2868d5e5fb8354a05ce3b5c9c3048bd257ea7a11b568e074b144d7603dba8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TPw1JLPQZBMlMLOy/Jg+cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 08 Nov 2021 07:50:25 GMT
date: Mon, 08 Nov 2021 07:50:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-TPw1JLPQZBMlMLOy/Jg+cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F4AD 0
0 102ms
66ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=463387444747955&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.178/ Frame 8454 292 KB
92 KB 43ms
22ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.178/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

045dd0541404dc8d6646f10246a6783753969d6f315cf9b35c282cd91f368bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1530963
x-amz-server-side-encryption: AES256
cf-ray: 6aad35d8e9694e44-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 21 Oct 2021 14:21:26 GMT
server: cloudflare
etag: W/"d799fa9e88a0f0a3078be08bdeeb93d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWC4tpWs6bvBpeRbcQSoJnL4MJwvOehgrhoYWEXsWclO7UkljKjUELYmnWHCxHGLhp6bQQ1S4ePu%2FIPbQyh3iecr69VRFD%2BwsFN1GL1B48Ji3M0jUM%2Fgll%2Fm%2FXdLzWcYz%2FYAUEpC2%2FgqxcF1PDs2Rt4Zeg4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NBABkiYWCGZdvHAdnH6dEuO0DbFLq32F
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: hm266eQmyxvvQ65ecnXjbvcBbyU4Dg-p3RkvMSJ2PacNJW5fOvsKJw==
expires: Tue, 08 Nov 2022 07:50:25 GMT

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.8305/bundles/ Frame 8454 18 KB
7 KB 43ms
23ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.8305/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190753d716235e0e5cf75cb640085e1dd503074f67626d03499fb5a2fb2ce24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 338490
x-amz-server-side-encryption: AES256
cf-ray: 6aad35d8e96c4e44-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Nov 2021 00:37:32 GMT
server: cloudflare
etag: W/"970ea5efbccf12a7de2539a6ce067ef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlbXjmbtOtk59h4DWuvtBFSWUHOlf9YHWqE2tRmIaVo1JXFtxxtmKHWgU%2BtGInQ35EQ0%2BFGWq5RYM0nVhuOc5iptUci5DPZyGmE8FgoMfh9l7Dk4yvhUEurQ5ZZkhyMUMUyVNcssjQADb5HGRnw0%2FD4fpLw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: v43l7b69I0HfQiBs_5rumGqK1FHx8hbR
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: vWveO9EfMAZZD8Bm-1YoaTyZUX2ymVxN2PvGspCRW53PI2h22M4isQ==
expires: Tue, 08 Nov 2022 07:50:25 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8048 35 KB
14 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:02:04 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
360 B 86ms
84ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=1b578eb5-bef3-45e2-a446-fb36413d54aa&lfi=2534824&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=1545457&rcu=https%3A%2F%2Fwww.upstreamonline.com%2F&pu=https%3A%2F%2Fwww.upstreamonline.com%2F&t=Upstream+Online+%7C+Latest+oil+and+gas+news&cts=1636357825074&vi=f37870753c38d6a5f2ad4dfdebe7573f&nc=true&u=215245651.f37870753c38d6a5f2ad4dfdebe7573f.1636357824782.1636357824782.1636357824782.1&b=215245651.1.1636357824782&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 766bc405-8a5b-44aa-8f95-1e71338e5931
cf-ray: 6aad35d91f1a59cb-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVHnnNed48h6RH6w6KtZ2khOEgRYoZc7zqYOVTAcqn47ZK5wvGf%2FfNauHqMHw%2BtwHKC%2F6hIdvXKfQI7hTFtL%2FpE49L2rdULhc7hvKBhSjpfqATsZqp8O8lvB7OLmueKGlhylzTdEtgOv7wMQOzjC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 / Show response
api.hubspot.com/cors-preflight-iframe/ Frame EE36 171 B
868 B 38ms
38ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cors-preflight-iframe/

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
content-type: text/html; charset=utf-8
cf-ray: 6aad35d96fb759cb-MXP
age: 320103
cache-control: public, max-age=31536000
etag: W/"e0a6d24f4774b193114cde59bad7a9b7"
expires: Tue, 08 Nov 2022 07:50:25 GMT
last-modified: Thu, 07 Oct 2021 02:55:13 UTC
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: HIT
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-cf-id: 2fpltIp0XOMvBU8HRFe_GidpovUAHLsZWz2dt7UgzPOA-UFpDzn9ng==
x-amz-cf-pop: IAD89-P1
x-amz-meta-ao: {}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: yrxzoMHVzxy.3kySr0w_cTXqVwLq5VG5
x-cache: Hit from cloudfront
x-hs-cache-status: EXPIRED
x-hs-target-asset: cors-preflight-iframe/static-1.67/html/iframe.html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdNmFiDy7ahM4r4jJ3aT0gM781XfHz80J%2BTQnRA9eHP32lk5jqxt1cZWwYUCTZoxhpjmCGkxx2IwKyLRB5m6ZC0TbYUxdt5DC6c%2FxPm0eZQyWBrMMPXoSahkSRg9CAJLHXQ85sFMuY2DKU6gag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame 8454 72 B
485 B 467ms
166ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=1545457&utk=f37870753c38d6a5f2ad4dfdebe7573f&bundleVersion=1.8305&pageUrl=https%3A%2F%2Fwww.upstreamonline.com%2F

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.8305/bundles/fetcher.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e356ca0ad6053f929f7c23723bcff0099ad65adb43ae515200a77d22354137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-HS-Referer: https://www.upstreamonline.com/

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: aa9d746d-277e-43d8-aa99-ffd910c6f584
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B766DA6B1425B3FBCFABBDE30DE6A9C5701844897000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Uce001hQ7TaeZlhquYGjTY1OKrrzMAs8n2787E1G2AU6xuGP8MLS1RfGtEyQtF7SGl05saU%2B20HFHvVaYWdEvfgeOSMrHZjWbvoxNt%2BKb2yt%2F0p2t0%2BzEgQ3I0lwFq9nGOdp01lOBYwZ3vuFvKNOoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6aad35dcdeb2374e-MXP
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 197ms
136ms Preflight
text/plain 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=1545457&utk=f37870753c38d6a5f2ad4dfdebe7573f&bundleVersion=1.8305&pageUrl=https%3A%2F%2Fwww.upstreamonline.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hs-referer
Origin: https://app.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2B27FABE6F9AE0E984C39D2E69697161DB2853F830000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
x-hubspot-correlation-id: 9312c8e0-f1fb-409b-a8ae-8752749b1755
access-control-allow-credentials: true
access-control-allow-origin: https://app.hubspot.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXMMrm%2B8B3fju0eTvUFDs%2FymjFQPOs5P8Oetmo8ufaJn%2BJTk98NQg%2FP56loue6mAkRx4Zla%2BK%2BoNO6b5x5Pi8nOaSPe9Z4hoC1pxg0choBJxq%2Bk%2F4%2FOVSzkrzeujT9V5fUjbf%2FAQJbcGeYl40lZ6dOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 6aad35da19e3374e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 26ms
24ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.upstreamonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upstreamonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 322 KB
37 KB 418ms
418ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=463387444747955&correlator=3566260513060689&output=ldjh&impl=fifs&eid=31063280%2C21068030%2C31063182%2C31063246%2C44748552&vrg=2021110201&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211108&iu_parts=21646926696%2Cupstreamonline.com%2Cleaderboard%2Cmagstripe%2Cstickyleft%2Cskyscraper%2Cscp%2Cmediumrectangle%2Cbrandbanner%2Cpanorama%2Cparallax%2Csponsoredcontentfrontpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F5%2C%2F0%2F1%2F7%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F11%2C%2F0%2F1%2F7%2C%2F0%2F1%2F7%2C%2F0%2F1%2F12%2C%2F0%2F1%2F9%2C%2F0%2F1%2F12&prev_iu_szs=320x150%7C320x200%7C300x250%7C980x120%7C980x150%7C980x180%7C980x300%7C768x200%7C970x250%7C1272x300%7C1272x180%7C1272x150%7C1272x120%2C1x1%7C414x1%7C414x52%7C768x1%7C768x52%7C1272x1%7C1272x60%7C1192x60%2C320x50%7C768x200%7C320x200%7C300x600%7C300x250%7C320x150%2C160x600%7C300x600%7C320x150%7C300x250%7C320x200%7C768x200%2C320x50%2C320x200%7C300x250%7C768x200%2C300x100%2C160x600%7C300x600%7C320x150%7C300x250%7C320x200%7C768x200%2C320x200%7C300x250%7C768x200%2C320x150%7C320x200%7C300x250%7C980x120%7C980x150%7C980x180%7C980x300%7C768x200%7C970x250%7C1272x300%7C1272x180%7C1272x150%7C1272x120%2C320x50%7C1920x1080%7C768x432%7C375x667%7C300x250%2C320x50%7C435x120%7C320x200%7C320x150%2C320x50%7C435x120%7C320x200%7C320x150%2C320x200%7C300x250%7C768x200%2C320x200%7C300x250%7C768x200%2C320x150%7C320x200%7C300x250%7C980x120%7C980x150%7C980x180%7C980x300%7C768x200%7C970x250%7C1272x300%7C1272x180%7C1272x150%7C1272x120%2C320x150%7C320x200%7C300x250%7C980x120%7C980x150%7C980x180%7C980x300%7C768x200%7C970x250%7C1272x300%7C1272x180%7C1272x150%7C1272x120%2C320x150%7C320x200%7C300x250%7C980x120%7C980x150%7C980x180%7C980x300%7C768x200%7C970x250%7C1272x300%7C1272x180%7C1272x150%7C1272x120&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2C0&ris=1~1~0~0~1~0~1~1~1~0~0~0~0~0~0~0~0~0&rcs=1%2C1%2C0%2C0%2C1%2C0%2C1%2C1%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&prev_scp=%7C%7CPos%3D1%7CPos%3D1%7C%7CPos%3D1%7C%7CPos%3D1%7CPos%3D1%7CPos%3D1%7CPos%3D1%7CPos%3D1%7CPos%3D2%7CPos%3D2%7CPos%3D3%7CPos%3D1%7CPos%3D2%7CPos%3D2&eri=1&cust_params=ads_env%3Dprod%26user_login%3Dfalse%26ups_section%3Dece_frontpage%26globals_segment%3Dgeneric&cookie=ID%3D27e2bf36d5d20598-22bc1ea037cb0049%3AT%3D1636357824%3AS%3DALNI_MaPunj9tec9OHYm4VxQvPHynTMOMA&bc=31&abxe=1&lmt=1636357825&dt=1636357825265&dlt=1636357820540&idt=3396&frm=20&biw=1600&bih=1200&oid=2&adxs=12%2C164%2C-12245933%2C-12245933%2C164%2C-12245933%2C1136%2C1136%2C1136%2C164%2C12%2C164%2C650%2C1136%2C1136%2C164%2C164%2C164&adys=147%2C339%2C-12245933%2C-12245933%2C1386%2C-12245933%2C360%2C472%2C1084%2C2096%2C2452%2C3013%2C3013%2C2452%2C2464%2C4214%2C5216%2C6218&adks=2411967391%2C4186927975%2C762095341%2C1940459298%2C960426179%2C3663322440%2C4284824202%2C56772384%2C999753107%2C2556966802%2C1094396168%2C3515346484%2C3938254361%2C3656579711%2C3510424167%2C235908867%2C2253190%2C1874726599&ucis=1%7C2%7C7%7C8%7C3%7C9%7C4%7C5%7C6%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.upstreamonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1576x180%7C1272x21%7C0x0%7C0x0%7C948x304%7C0x0%7C300x100%7C300x600%7C300x250%7C1272x0%7C1576x0%7C462x0%7C462x0%7C300x0%7C300x0%7C1272x0%7C1272x0%7C1272x0&msz=1576x180%7C1272x21%7C0x0%7C0x0%7C948x304%7C0x0%7C300x100%7C300x600%7C300x250%7C1272x0%7C1576x0%7C462x0%7C462x0%7C300x0%7C300x0%7C1272x0%7C1272x0%7C1272x0&ga_vid=1031327413.1636357824&ga_sid=1636357824&ga_hid=635271969&ga_fc=true&fws=0%2C0%2C640%2C128%2C0%2C128%2C0%2C0%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C-1%7C-1%7C1%7C-1%7C0%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b6ecb91758cd0996c1618389d6d8325bc19b1053c0409cc69646da6c84bfe47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38254
x-xss-protection: 0
google-lineitem-id: 5581247214,5822718146,-2,5786308459,5677109981,5822145319,5820717977,-1,-2,-2,-2,5664312638,5795153944,5777444778,5820072894,5821315849,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368054991,138369071327,-2,138365680062,138369315317,138369109515,138369807006,-1,-2,-2,-2,138369602353,138370499505,138361794504,138369399967,138368976141,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upstreamonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iat-realtime-1.0.0.js Show response
cdn.insurads.com/ 45 KB
10 KB 53ms
52ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-realtime-1.0.0.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=OERBRHGT&h=https%3A%2F%2Fwww.upstreamonline.com%2F&t=1636357824908
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: e40debd2efac39fc0e362436fd698949e34793e7ee371619a0aadab075c3ee27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
cdn-edgestorageid: 756
x-amz-request-id: NWNY1M0W63M4GH1A
cdn-cachedat: 08/11/2021 05:07:53
cdn-pullzone: 55316
x-amz-id-2: kFQeCtQAQaHdehLuOm8em4ZYKcLC6d8kQgT9GUBnHOy9yL+TDkoR14LGgnrKqCNpY3JeyzjNT3Q=
server: BunnyCDN-DE1-756
last-modified: Tue, 13 Jul 2021 14:45:42 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: 0582f6930b09506c7f31bbfb72717040
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 iat-1.5.59.js Show response
cdn.insurads.com/ 112 KB
31 KB 53ms
52ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-1.5.59.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=OERBRHGT&h=https%3A%2F%2Fwww.upstreamonline.com%2F&t=1636357824908
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 16a1b4d2d632f5ffcf01adc7004f644bd12a652603b46156813608fab8e98f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
cdn-edgestorageid: 756
x-amz-request-id: CBFXWJ5VE9X6VB4D
cdn-cachedat: 11/05/2021 17:32:22
cdn-pullzone: 55316
x-amz-id-2: cuO97xzYV9WrrBnk3nW+XMorne2HUjMwuBRDeZejmYAvC0XVvJePENmLH619q8/QEHTXK6o6leY=
server: BunnyCDN-DE1-756
last-modified: Fri, 05 Nov 2021 16:30:19 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: aea24c654aff36a16f36efef80b7decf
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 initcb Show response
services.insurads.com/ 95 B
419 B 109ms
109ms Script
application/javascript 34.236.246.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/initcb?appId=1439&vId=D0BE459EE63729D5&iatId=432585710&iatIdB=4073287031&s=1761&dads=0&fpc=1&lts=0&lIatId=0&lIatIdB=0&nv=1&npv=1&h=https%3A%2F%2Fwww.upstreamonline.com%2F&ts=1636357825564&v=1.0.4
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/OERBRHGT.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.246.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-246-67.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43cdd151a1eebf8b2436d4e99d63f494244869fcc99d747f3b9f9b07a132b323

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:25 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D74 42 B
174 B 35ms
35ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrkYnkkBOj6x95WeuWjHXmxRhTbuvu1kSgpMoGRSba6hBvtB9pKd8cJ-tZRxRo6nLEnO499KmtJoTbWK_tXzVmhdg9EcwwG4L7xf2e06jVTSMCsfFG&sig=Cg0ArKJSzHasN3pyNbtxEAE&id=lidar2&mcvt=1111&p=359,164,360,1436&mtos=1111,1111,1111,1111,1111&tos=1111,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4186927975&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636357824254&rpt=201&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20FE 42 B
108 B 36ms
35ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv81SmmzayCCeYmgsAQRdljAYhD-XhNcTYmh4ZfsTg2GiETOPKwwfXgda38ZibtcHjGsn8UoyjcfCAMVzqVcZaAXsa8pacgkdfljKBMaUpLupLfIkfG&sig=Cg0ArKJSzI4oesu_PCydEAE&id=lidar2&mcvt=1033&p=360,1136,460,1436&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4284824202&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636357824229&rpt=280&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F3B5 42 B
108 B 35ms
35ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssT6P4W4I_xDotctCpQUUGpqIeHWfaKwIYfkl9UqJPxNgO5VikWdnBs-p8OlxB4thwSwM9MfkntrxUZJT-ZILeJN0udtRSkXGnssFATCxZaHgWxy3k4&sig=Cg0ArKJSzAlMbjD3oBaEEAE&id=lidar2&mcvt=1013&p=147,164,327,1436&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2411967391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636357824244&rpt=327&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 endpoint Show response
messaging.insurads.com/rt-pub/node/messaging/ 68 B
481 B 306ms
98ms Script
application/javascript 52.0.16.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://messaging.insurads.com/rt-pub/node/messaging/endpoint
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.5.59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.16.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-16-121.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 4273d635b75c6f10d8e436bc9734f4204d7d1330076e1e64bf1561ccdda8bb1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
server: Kestrel
content-length: 68
content-type: application/javascript

GET activeview
pagead2.googlesyndication.com/pcs/ Frame F3B5 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 1D74 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 84A6 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbEXBbPdVx4HYrWd31fG58JpiQjZxZvy6A20ciGi_hPJX9xuvB8dB6KLBS14Vfo_VhHCILBfYlccFnl_Z56suXA_n0BkBldyQWyivNSpAhLyF-8gXSXxo0Yix8uvVXFbBfCgVGZ08wx39HcQy3Atlkovu-VAs0TiNipufpGAmvBHMjNX9hRV8qEwu9QDksLT5H0VY9H5Jq1evInWQJh9HiUb_e_ItF5Q5Mg3N0zU0-jKcYYWxQ3RflQCuc_ZY_dFi7TtmMyr2l5Ye9Uf7KJQ30KJ_SdazfsqbIkgyg-BAeEyBajUyPTK0iT_PZSszeOErope6AhN7dQ8wuA8lkyg6CBf9gSkVhnF8&sig=Cg0ArKJSzM1Yb4_EjAVmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 84A6 3 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84A6 120 KB
37 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 84A6 0
0 17ms
16ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUchc5RDeC9QviGHvIToG2haBk7QYKGR9fj8mNtEwDW6i6x_UKjeG4f3EN6UpIc05ukXYR
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 13305352159424044967
tpc.googlesyndication.com/simgad/ Frame 84A6 190 KB
190 KB 15ms
15ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13305352159424044967

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e21ad40b4d3312494cf1ec1c60a97a257c4f4eed16989ddb3aa51eacd0332f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 04:59:41 GMT
x-content-type-options: nosniff
age: 10245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194703
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:18:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 04:59:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B3A 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCKk7l47q5UlA_yxH0cPg-u2yHIzvO8vqcauz0La8tmDWQKxjQLdEtO_OLUgGKa6MkU12JdfnOAGQJ0k9DaH_QFw-vak7ycSSiKlJaJk4NNJyFNzj_Q9gz951359GViQUfOYaV9Sj2vjvZtC9U2g2WSvej2QXFwVBk-ssMC4AOBcKTKtjHD3nsBvddJrbJS9dkGL53Y7Tmm4eSQIDsieqh3PJEJ3_GI_JXnBhuxUFSPlAJda2apwJ_Gn44KOJ6m2pUC81sFsbGn69L7vRdPMXgqARhcIZtfEHSEZjxdRPsuPnyi64Un7jJjS7duRgTQxePDklovQTV9GVNyriO6YsNZIWYUSl8-ipUGOpAWLj3MbOHKg&sig=Cg0ArKJSzLZzwmO12wMLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B3A 120 KB
37 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2

200

6254291583630008466
tpc.googlesyndication.com/simgad/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCKk7l47q5UlA_yxH0cPg-u2yHIzvO8vqcauz0La8tmDWQKxjQLdEtO_OLUgGKa6MkU12JdfnOAGQJ0k9DaH_QFw-vak7ycSSiKlJaJk4NNJyFNzj_Q9gz951359GViQUfOYaV9Sj2v...
https://tpc.googlesyndication.com/simgad/6254291583630008466?

153 KB
153 KB

16ms
16ms

Image
image/gif

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6254291583630008466?

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6827c746fd62c5a12ea40905656e26230b8296ddcdc89cc98639a93ab6fac6d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:50:41 GMT
x-content-type-options: nosniff
age: 349185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156442
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 20:44:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 06:50:41 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/6254291583630008466?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 92F3 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 20FE 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame ACE1 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C1F 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssarua_QJq27RNZrj9lcY1V3Lj72DFvC4R6mx7l1ZevFZLvkBiYquYJ2k7e144Lhwve05FiCyVoaPFN1UWCYV6oMtE5LgevHgdNWuzotLNLvTFqijjOPTtSK9zoa-B3AWT4Xj0IH1WGhaEPcmvqmZBuKC8wxA1K2JCZAxLZmGUW-CP6RJ8z4FzrmpFE1b1x0WDLo8zCB6WXlbQXjWZEqVObW5DQO5dzMGXswmgn9Vj3QDpEgbOpeIe5ABw5t477NFF8BBIrpq8NlZIuHrEyJE9wecoXByiinTGGlyAvH-9fkMtiQ1-DfuQd2t8FCrf0kzzygD52mGe-8pEgrOKLmWbuI6kCsKvCqg&sig=Cg0ArKJSzKSmsSYWE2xREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 9C1F 3 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C1F 120 KB
37 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 200 1725150098708649463
tpc.googlesyndication.com/simgad/ Frame 9C1F 244 KB
244 KB 16ms
15ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1725150098708649463

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca44e74edd2e8aeb3f0048d1791f4bd4e130499814713aca7338baf42b96244b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:01:42 GMT
x-content-type-options: nosniff
age: 312524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249401
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 09:56:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 17:01:42 GMT

GET
H2 200 container.html Show response
af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8C4 6 KB
3 KB 315ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 07:50:24 GMT
expires: Tue, 08 Nov 2022 07:50:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D12 0
0 44ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfCjSRZshZszfnD5g8a5lfvm5-8Czr_Xo0wp-qUT6xFcot9tYnMm8U3A0fG4lX_AI7m5vkJPb1jdJfb1d4WbvVd_FROe2fkHJCzi0lANbFeFMPDUL37OyDMwxsxdVq_lmqUVzUOyXK_JylS2ocmk5C_e1rXR6wDwo-XJaCQ24AaoCI-t1Yi2pA4LvbO3AZNdIKjaG7lj7hM_UuWsw49e_Cxeypa6G0na4ZJ0Zk2Oc3cZ57EuObN1T5o1oXmZtdabC1hzCZCHhrMi1XsSkxHj1bpG-UM3gH9dIFqOLwCuHBt36mcaHhesTggw0WnKtFP2bbDewqA3xocc6tvL_OT3GK2oNNTYGb2_33yUjZI9gP2-DGM38Fdg&sig=Cg0ArKJSzBCNlOH1_jISEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 5484901247567467770
tpc.googlesyndication.com/simgad/ Frame 2D12 44 KB
45 KB 15ms
14ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5484901247567467770

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84ff684d4439eeead8243b1c2cf016482801608eb008c8a0ef66f5698f00f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:49:39 GMT
x-content-type-options: nosniff
age: 385247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45498
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 20:31:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 20:49:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2D12 3 KB
2 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D12 120 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C99 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2lnRaSvHf5D9NjDG-pFDM75BA4rL6xfJVr8qQD8Y4oCb8HAaoTMXnjWnMmv8mGspiRmHihgoA18EQUMuqpUedy-Nfhpy-XGbun3DTQG_-vGvpdq0RB0IUDnqvVoUGD9-Ekb_8VsjmRar6UHKpSWQ38aMhrktP22cDQC3Y95m09Zw3N_6S-IN3by2R2-sJgzrkvHB17DRpsNF1kemJVAcTVlz-dRsSbUVtPKf69gej8UpwQdQelZgPCIX-gg7BB7dBb1re_6tbXX11PhZwMO0NCfQNp_ZOkGjTvdQaXRVTw9hJ3xIvzrRzpMk3v5ktjKhU7FxOtMZOKzj3-SQEY8cYS7siU3OyCJY&sig=Cg0ArKJSzPsL7kMouUZgEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 4660865109361831343
tpc.googlesyndication.com/simgad/ Frame 5C99 22 KB
22 KB 16ms
14ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4660865109361831343

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5630e4b4adb07cea66d2c06cdfbc6578f8e4dc2512910b5e5945a3d7e3553b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:19:43 GMT
x-content-type-options: nosniff
age: 1843
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22539
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 03:45:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 07:19:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 5C99 3 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C99 120 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5C99 0
0 17ms
16ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQECLQKt7HW1ZQlbbZWYvGEdUrbO1-yz7J9F0LslsuoM6v2vvZOml-z5gRIo8fh50kgIOjs
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame E26A 190 KB
55 KB 58ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Fri, 05 Nov 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 05 Nov 2022 11:45:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E26A 13 KB
5 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Fri, 05 Nov 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 05 Nov 2022 11:45:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E26A 89 KB
28 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Fri, 05 Nov 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 05 Nov 2022 11:45:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E26A 4 KB
2 KB 72ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Fri, 05 Nov 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 05 Nov 2022 11:45:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame E26A 40 KB
13 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 245068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Fri, 05 Nov 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 05 Nov 2022 11:45:58 GMT

GET
DATA 200
OK truncated
/ Frame E26A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c659faf8d77694c18092a7e1e87bd4e8ab6383cc491333455a65374ec0f954d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A0D 6 KB
3 KB 275ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 07:50:24 GMT
expires: Tue, 08 Nov 2022 07:50:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AFEF 6 KB
3 KB 272ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 08 Nov 2021 07:50:24 GMT
expires: Tue, 08 Nov 2022 07:50:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA39 0
0 47ms
46ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscdOB2mUZEsfLRW1Umdbyn1gwu0WRSNOnpYkH8FSYT4Tsp43CtBpIXB69_UMRcd7qGmg8gQuReXZp3aiTinMc65TK_a6_KwDMmcSdI_fVk36hb1H5kQTKMyo0idJvlH9GfqBm5m52JrHbs-1wV1q7lsh1l60fhAK6HFaDtNwzpObqrISAzRX9e2kgEfKkawYsY-iPQO1OWP_3RDieaBm_A1DYFFbwcpm7lbkU6IBcbGK6O9nm_E-YG1XVXhvUlxojm2QARv3ga-HJ1sKD_npZYREWjc5FOEpMQtXIPBvQvUoXt1nqrYZTT2ICODeSRQHNS-GP-1xrSYUBtemGD9go4JU7PFAEo69g&sig=Cg0ArKJSzOp5V6Bv2F0MEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame BA39 3 KB
2 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA39 120 KB
37 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BA39 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8A_j3YPN8-P9PE6-Kj94Tt8N16oG0ocxRAHI_Zd3KeTG6uTQ34GBxGjGTZy_gu6GKt48h
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 718514714241368461
tpc.googlesyndication.com/simgad/ Frame BA39 83 KB
83 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/718514714241368461

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

212f92565c8dd2c10c6941d5adab021c09ceb7d63ff108317ec5290167bcfd9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 06:08:16 GMT
x-content-type-options: nosniff
age: 524530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84798
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 07:23:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 06:08:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0771 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsNcSeKCtXR_yJeNjMp3WN-l4u--UZ7QQEcC3JUIpTQtRowhHpEaPOwqClLFyGUSrvl2DlbgRFfoIxKJREmjE7nU3ibxvOhtX16XRDIAOvUiJDSBBlVozt8BpSiGxXUPm0xf5SwUl9y76UWOok9Spvhec92bwycHDwKk_Dx7ARtyFlE4tC1YSocUcmU8eTiofxQOWrxAE_fQA3Ms10HxdHnHL26IVBANIWkS8V08tAp7fpYw7oA3ULvrD5Ji_fTQXJ-u7oGBOAHtd34yjNQrDHKED0b4NuylVf4LgKBDhnKdfDgoDVZglqz3eDaBurjTjCvPK70et23GqlXkdnSXjANAEGh29q8S2v58lojFuNBvgcoRc3Kw&sig=Cg0ArKJSzMi-csHZDZ4xEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0771 3 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0771 120 KB
37 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0771 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRswwTFtyWLrwIUiDTZKtf0-YHZoGMoyrzuZejGOaY0yZHkfJb-64Vb6KBHRf4W7KiNJ6w5
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 13870531938889061629
tpc.googlesyndication.com/simgad/ Frame 0771 53 KB
53 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13870531938889061629

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1f1f4ca0a562e0b8d299156f54d351f3227de855649bf938d96c77d50fcdf50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:56:20 GMT
x-content-type-options: nosniff
age: 446046
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54370
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 03:07:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 03:56:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC73 0
0 42ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQwccQ4d8a3OCZ-QVmp4Pr33SretQXRo-k7SESglm-Lme699OX5YI8eVDK3Vhc7Qq5Ir83COn2f-gRdjaQAQ4ktk3jgM3eUcnzMQ0sON2NJVl7RlsmoUJin86ee-tYgWGqeXqyv59C0fLGuMysosoFC36uic-61EyVQ6di8vTFv-05gQ4Iui7am4b-l_6CfAp0dL5l9DoRJx457sBDOQ1c0oOOG_LjNDVVCR-BJHBLIJqmQrn307AhZCxBf40eqM-2OQC3qSQ5ORaK4-R4BvknmlD9AFPhmZcjn93-FKYM_5D3aECbioBfhHKI_4B--iDYZnMK9XYfqus_5oNMq4qN0ltDrfN6kDKQRIbX9zIDlg&sig=Cg0ArKJSzOyB1y4CVBP6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame BC73 3 KB
2 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Nov 2021 07:29:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC73 120 KB
37 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BC73 0
0 17ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-HdaA4QWtLqXcbJ4J8QkAX7kx4CmasuXRDASZ9tMkx4_rS3z-VJyZXLfiy95qC48AwJIM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 2017850214753966912
tpc.googlesyndication.com/simgad/ Frame BC73 210 KB
211 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2017850214753966912

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7bf7d9e58a95f987da6e3df0dbb0916373c445b417d5c163fe74c4bc55db5e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:56:20 GMT
x-content-type-options: nosniff
age: 446046
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215385
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 03:27:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 03:56:20 GMT

GET
H2 200 11661700965885936209
tpc.googlesyndication.com/daca_images/simgad/ Frame E26A 54 KB
54 KB 16ms
15ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11661700965885936209

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ecd239128b21445c4aae4c4151e5a0eb0cd1a19d4d9ec583e237bba859da3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 08:58:57 GMT
x-content-type-options: nosniff
age: 82289
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55258
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 23:21:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Nov 2022 08:58:57 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E26A 2 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 05:32:00 GMT
x-content-type-options: nosniff
server: cafe
age: 8306
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 09 Nov 2021 05:32:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E26A 295 B
408 B 15ms
14ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 23:42:59 GMT
x-content-type-options: nosniff
server: cafe
age: 29247
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 08 Nov 2021 23:42:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E26A 0
0 22ms
21ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5xNMf5dwBFQEJOzSFc8Q80bScXArSIzvN0YdiLwQMnjviEs912ZzJ5siCUGZ0yijhl2A5
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E26A 0
0 53ms
52ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CB-U8wdaIYe3XLdWP9u8P-fyA8AqSvNmYZu6g6fi1Dr_hHhABIOOnzlZgleKQgqAHoAGbiNGfA8gBAqkCCL4yBLposz7gAgCoAwHIAwiqBPMBT9CK8WLYouUHvcFTDzg1Nysjp3sqhP6chleU1ePAU1DWBwM5joP6iC8rcNaqfPoWFEEm_TcMqYUnOkx6VDd3qhe2LNZD_Gkf0MNH7zA_hnddXWbDsHmakvZpjsMPRvhGbW6D3Te9DjOWbZi0WYtx2ovXCvsNuv7fJDuKc9Bzwn3WoSmdTZIcUKLVueRanqCCtpBntto6g2PQhXmBpaljBpYwLK3bzqTJ2I86d_yGxUn03ocALOHPabhx3GDWvxXTJT2KpA1JKI2gtbcDFlTAP-rPdldQwRdcoZ6CAKmI1tbG9YnGpddR4s4Qx6nAU6KLuqzZwATfm8z_rQPgBAGSBQQIBBgBkgUECAUYBKAGAoAHzfeuYKgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRDQmtcB0ggJCIDhgHAQARgdgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTc1MDIyMjQwODM5NTMwNzUYpqxq&sigh=Hg6mAKaOFZ8&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 84A6 0
0 42ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJW5d7Fg6ZwcdD2rtmbeNtj1oUYdf7wnkc-jpENtA1XhlWqU_s0ahNNZWkZM7fh4eK6d5PwGZcZhNJZgfmcR5UEhIx3iO_FCsV5IDTxoXbSea3gysuHEfgBUCYvB2VUWPtpNzBXx5N6Vxd5jZEJBFRl9gBHfhyjN8yjcnk44YsysEzAZz0Im3903qlMZvPl7uzpxoB5ZGoEwZMy8Xd85lfNDrYRsoOd_kfo5NXXHoJVg2v03xpa2Os3wTg63HN3A_7dRvn2hr13XjNnffjH5Ubrl-YUGCpvd3HWgacFk1Qo5L_ziZX4T_G3Q_XE0nGzhgOKCROKVv10EcqPbyjvtTT6vlbAwm2ra-8KA&sig=Cg0ArKJSzA2cOVjrojKWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame 84A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83c9df2ed10c9df955568a146b380fe0476cde67a470c3e40015ee4404f23bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8B3A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 897734df74505ac4451b79d90206de989339d9c9ed4b29c8c335aad7fda0f9d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8B3A 0
0 42ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-bj-WD2YahV1rUA1Q17Fqx_s5bUe17fb2_jtkdfJ36CQd6heK_gVbd9AzXN_K5r9H42Gv-f5jNQWaarCJMubU7hk0oQ0ZF2mEoaNnbH18ljk1HiscLJb2dntr6OMJDTZLbDbX52i16ha-Ex9F1TkBdsoxl7FlszSx5xajx2HjIDO9d0TOdVh96hkhshRgbHlQU4hmolbmqpUzi70Tjn8odhwbhn08qFpd9rFf6cHqEz0m8ppMoxBfFX-3nXO22QU1OXtUStJ1wYWX00cCibxNGDNwqeN2jF76jPMB9e6Ug4wxkMn5eidZXSEZpSBEciwgC6WcFxlZP1NbYbj13aXEvChHBZtSeg&sig=Cg0ArKJSzK2S9JeZFusJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 200 ad Show response
services.insurads.com/ Frame 0B12 131 B
460 B 163ms
162ms Script
application/javascript 34.236.246.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/ad?auid=654003&csz=%5B%5D&sz=%5B%5D&appId=1439&s=1761&dm=1&is=0&ct=%7B%7D&h=https%3A%2F%2Fwww.upstreamonline.com%2F&sid=D0BE459EE63729D5&v=1.5.59&ts=1636357825788
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.5.59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.246.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-246-67.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1aba624edb63a1067c1347f189cce35ff8c521ab1ef5bb4ac968687a343cfed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 batch Show response
services.insurads.com/dfp/mapping/ Frame 7D34 4 KB
905 B 106ms
105ms Script
application/javascript 34.236.246.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/dfp/mapping/batch?appId=1439&requests=[{%22eaup%22:%22/21646926696/upstreamonline.com/billboard%22,%22eoid%22:2927461817,%22eolid%22:5821315849,%22advid%22:5046078460,%22w%22:1272,%22h%22:300,%22eId%22:%22main_upstreamonline.com_billboard_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22eoid%22:2927461817,%22eolid%22:5820072894,%22advid%22:5046078460,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_3%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22eoid%22:2900228327,%22eolid%22:5777444778,%22advid%22:4931783423,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_2%22},{%22eaup%22:%22/21646926696/upstreamonline.com/skyscraper%22,%22w%22:300,%22h%22:600,%22isda%22:true,%22eId%22:%22main_upstreamonline.com_skyscraper_1%22},{%22eaup%22:%22/21646926696/upstreamonline.com/brandbanner%22,%22eoid%22:2926999139,%22eolid%22:5820717977,%22advid%22:5083963193,%22w%22:300,%22h%22:100,%22eId%22:%22main_upstreamonline.com_brandbanner_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22eoid%22:2928938772,%22eolid%22:5822145319,%22advid%22:5085354676,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/skyscraper%22,%22eoid%22:2905164619,%22eolid%22:5786308459,%22advid%22:5066411469,%22w%22:300,%22h%22:600,%22eId%22:%22main_upstreamonline.com_skyscraper_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/mediumrectangle%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_upstreamonline.com_mediumrectangle_1%22},{%22eaup%22:%22/21646926696/upstreamonline.com/leaderboard%22,%22eoid%22:2799601886,%22eolid%22:5581247214,%22advid%22:4579612715,%22w%22:1272,%22h%22:300,%22eId%22:%22main_upstreamonline.com_leaderboard_0%22}]&h=https%3A%2F%2Fwww.upstreamonline.com%2F
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.5.59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.246.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-246-67.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 903e3a06c2f0615c6c7b01c7b877ce9cf5af99e96c7a9ee6b5f13e19aacc924c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=463387444747955&bg=!3d6l3prNAAYH3anuB907ACkAdvg8Wu7TUSFctRubf01jrvWU7KEe13UfukwQkNRex0QBXCGCNLeeUAIAAAJhUgAAARloAQcKAGcqLGFAJ14KnPG6lxe2V2CdkOY6UpmMqHvLk-5lFGaCe8JN3mrVUvPbmInvOIvI17tyQCSYcfWEOl4yNsq80N1ksZ1ewV-I_Vv0nIYn9cRTFrGj8Q93nHRte5hjIVl18e9iHtWlMWcSmQLepmVUR7e2_D7CTA3ht5cKJ3lKnBDbMKKp2BlAYaRd3I9HWBL9h5QKCSBlKEhw7YwejLYbLAg0oouLTyrLXweHG59Gfat0EM5qdp7CHEzwUGfHC4IiygkWignutCOViIGbx20Ua6jvDMFejVFgfy-MsbeM1k7m01rpY_W-7MY-5i6qv2LFJp9z5OrQDqk1C7bgklEIzyY-Nxe29znHw-SPIivkSy4V-gwpgPxJ9gBahzBpplhsPyxx9UvhnfR_c5sxA9H0Fat3FgzQomPKmAvK-tJd-LU1Ev9HtPul5uEJcpc9T5UWEiLZ94AQ_Oke4Mbas-vPhg8ZLKZthmxtNWtFuBHSAmRY4vNl9WIVeL7Ctj_BkXinAau0V23X-ZHxXXZYDZ-X7D5Y7l24-IRqFBdQSb2fxaL_0mM0JUPbEvziu2UDR8K5JgiTpoz--_p4WtUz4F9-q2TIkyoUqkuo-URQe2cHg3R66uU5OCVMpQvOqSUWEmXiQrRFKNGC7kMwp88jUhW56ecL9Cfe65NXWoxjkXhJqP6m-6elfhAzDvRvPO3LaouBRCqh4QM0PGXAgKCXOZo6lX_shjUr07LJqT1qD3vy3GPUypoo12Alx7RZ--mEH8UKyrgj3dGnInB697osTKrNxKH6E2fSA5s0oUAwa49S6KDobpxjmZD6G1NbTvuwHUFfPXrmmKDB_EBGn9XCEreZQWAYtq1kPn0O-pS162gYV0gNI06wlQ7GveEOBirqU4KP_bBCgTGeIXujxV5ScK8gp1U4ahjGlOHYC_wcfnCMO3pIyv83qLwlY9Eat_0xpM08yL3yqwYjovyTBNEVUBmza8aQ0jFBR_8vyuq8kOZrPPOqvGuaFpQt9IFYNRrMWaNYXQJkdcG_AgDl6ygOvgsNptvnqp2D1APhuq4zA2m9vIBa9i2eYLPhZJTSRp98RgzH80bEw6RSIf2nl4y3coozotxOa-tOSdA0y_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 negotiate
messaging.insurads.com/rt-pub/node/hub/ Frame 0
0 309ms
105ms Preflight 52.0.16.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://messaging.insurads.com/rt-pub/node/hub/negotiate?appId=1439&dev=Personal%20computer&br=Chrome&os=Windows&cc=DE&rc=HE&v=0.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.16.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-16-121.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.upstreamonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://www.upstreamonline.com

POST
H2 200 negotiate Show response
messaging.insurads.com/rt-pub/node/hub/ 273 B
752 B 102ms
101ms XHR
application/json 52.0.16.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://messaging.insurads.com/rt-pub/node/hub/negotiate?appId=1439&dev=Personal%20computer&br=Chrome&os=Windows&cc=DE&rc=HE&v=0.2
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-realtime-1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.16.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-16-121.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 6c95ea4eba06999e88a0a21e9ef513b127453502546ea55357619b779904462c

Request headers

Referer: https://www.upstreamonline.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upstreamonline.com
date: Mon, 08 Nov 2021 07:50:26 GMT
access-control-allow-credentials: true
server: Kestrel
content-length: 273
content-type: application/json

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C1F 0
0 47ms
47ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuepkbpTNieTmn73nx7ZgmDwD02ovBcnDzyfFMLL579Em3JbHv78xI6OxoqnCFzOBdiz0LJXQXs_IxUIYC_RXX2C2Mk0nuT_rFQLfN-60dnUzKs_hWAhdscQRj36K_Hrmg7y1hOW00XVlpvD3cbT8LiuJKohM5IWhYg4HrZ418N_YXLEIb5iLzIqj81-7lRVKLuEC5cH8eeehTgVQ8XQ_X8QimIOMA251cJL8K0bzOz2qAiWKB91GXkXuqA1PGFhQfyun61Niw2QYsLBbLGBcwn7-5jk0F_q3VIq6pm79rV81y7tPsAzVIfJJoy0VIQPCPY8gaVfkKwb1olDCSSTjHdRnlKrV2EMpQg&sig=Cg0ArKJSzEu-rC2zhLVoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA39 0
0 42ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvXW9LWNrCZ3Y2zblnP_eZVSppZLmmxm1ZjgppZ-y013EyFyRObxbDmEQvI4UJ_NBT67f9XvpAYv9vjCWiMvxJiTeTYz4b-trniMaVjgd8VronXsaqT9BkG_wTMMjNc4o8LsiML2Zr5gTRXGW2om-R3PnKjz0sbIqe_3fQ2xNB0BKUdK5KANGvM338BtQ2lAFxb_BMGcB6Dj_xVgIoc3cem6c6JVpG5JM0e2sM7ZJ2HigDVSwiCOp00FKp8TuJEReIliLQpmEdpAWWrVzIrvxBro-t2TAAOSgf0ITb3TS_mc7tv9WEjuKyjJs_n_VWrPFMfP13A1DTyMg3osR7PwA1sEZPEsavmnt-pw&sig=Cg0ArKJSzLb-nwEWPWogEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame BA39 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f9a8bd562ab37259191fe14048ae0a7dba3839e2ab4a2c1571cc47b36337858

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0771 0
0 41ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvozlotiTDOqVpdzIK96Z8-rxRSrP0MLwBle6c1JB8KFCymCrrdPhpwJtpLZT7wNMvW8fshnVlFgngrNktFxaBUTlMVgQ0VR2adYKYQHSxcum6Pql8oSaozS4khhBBvYRnG-VoP8WO7tJQEuIPlf5Zh0DmJKdq6LGVMB1siGIH_tRZQ3OUVuR84OSleOlmYAWogNA-rHMB_n6Z9BxG6uMPHwZi_XKJGdo1Pe7Jx9Jh1WRtGIqBYVZFyRLvoEwrfLZ0exkFfdujztQ_Um5J13Hqp4L_dIo7TWOwFeTtX4R_gQ_J1ax3JPL_VtbH0CLrXv1c8F5k6-e-_pdjYkbX6ufF8ezjGU-27lR2t3g&sig=Cg0ArKJSzCDPzGlPQ_YPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame 0771 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 006558903066c434527180c296bb9acb909c0f53062e430aee57a2291749915b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC73 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOyuyTQCYRoAcXXU_YsitaBE7VgjgGBgp3yhF4saLeSyiuHFDq-hL37w7HpfkvNOV_m5GT1tM-ACCn7I_DVsLpOBVvVGer0FySZKpr26YLnRmfDRKNiN1Ylrzh5leu3zItKD2jrRA3kzcuXMC5JbA4H2TTCl_TClJdnH-oBC2Bywtd-hhQMGnBDwRtKxVgFCqrZzAMVNLbqkObYnq4G7-NOQoT_9QenkUIeUNgj_UiCh0ZoOY0ZbKB56UnQX0pU4Q4XLUNCHYU8_UEEzdWIkM1gI4Wjm__I6IYZ090ju9daHKwDYx8hAso-PUVf7JBTw1Xb9qqAk-WZFfiRmJucs3CsUOMxA&sig=Cg0ArKJSzBApeU0-XiTmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame BC73 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a28a07bc1d81bc8e3a40667f072ed068d816d081f7118671af6dbfe18c279d26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C99 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvXvGxsRnR6yWdbB7_JP8-JiroPls-NFcqV8iHZkkCQ4l708k9vxD3AVi9RGof8YKFIOYOtXGs0niTodPYFdxRMcZlytsDvZ-bS8ibdD_SUFwKP3R3-fRteF9T5P8gT79vYuwJ31YYlemJf2LXpWu71kLtHkQX1uFen3iFmbVzi6J360tPB4A47MpYWWfXswd6eDh8zdXG1qUFVOwM3lIXlqLuJR8aCkpcskPcxYcCiP74nFZ0_D77BachvEt0eX8tVtpTJ8P0ErXXaT-fdZEqtjlVFPpfBfhsO0MMFHQrKMkgLqObAkOB5jUzP5xvIgv4j9BYTjCxp5SrWXcAYumjI1jCJeHOQbHGYQ&sig=Cg0ArKJSzG3DzbWBA4pEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame 5C99 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7037d942e956b59aa762e18b1f72615e9be6a9acb2e96a2a604640b988f0c1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D12 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4_niDKfF7TBCkiT5ShVGY_RmFOMsVmNl9YJg3n6jjGXME5D_Q63uQ9bIoaDYiGHJWMDZCgTKPgTp84BKso3a6rh8EyBIHIQ3dq_adaGjG2j__WT6GqBcNTlf8_phN2GMUObyaUihHzKhvUUpXvXOkjCtOtbk3-DbPdIDBTbfJ9VHNIIFGMiaUoEi7yz_siUUg4qqdO779UVY2FXKcNZxuN_NtjZLr3Joq6yshiI4RduWJ-Y5BKCP20e5r8Z44YeuYnEhwXgEpFHXqUr-zn8kNDFKiYjIVU8kjVlxCtv23jix-TgYo_S5oHskS2_8P9N9k5y_75jp1qYniJLH3uTt9efqPbHlLaP1tpQ&sig=Cg0ArKJSzOkcE4NlnD5KEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E26A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

106ms
82ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.upstreamonline.com
URL: https://www.upstreamonline.com/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 lb
services.insurads.com/ 0
156 B 100ms
100ms Image
text/plain 34.236.246.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.insurads.com/lb?appid=1439&acid=310&s=1761&sid=D0BE459EE63729D5&auid=654003&ts=1636357826400&iid=p03d3092159609446143424be7e6c839c9c2279e1e8&is=0&m=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.246.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-246-67.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nocache: true
pragma: no-cache
date: Mon, 08 Nov 2021 07:50:26 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.18.0 (Ubuntu)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E8C4 22 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 15:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Nov 2022 15:57:43 GMT

GET
H2 200 14964246494670641642
tpc.googlesyndication.com/simgad/ Frame E8C4 50 KB
51 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14964246494670641642?

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e51f142acc3041a15292dcec8b693b6132295c4d357f0def33f7101db8620557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 01:57:11 GMT
x-content-type-options: nosniff
age: 21195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51634
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 09:08:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 01:57:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8C4 120 KB
37 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame AFEF 22 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 15:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Nov 2022 15:57:43 GMT

GET
H2 200 14148650645127080967
tpc.googlesyndication.com/simgad/ Frame AFEF 253 KB
254 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14148650645127080967?

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b4378121c3db9afc1948845c7866cfec76202966f7fca1e0f30d49d4ec69983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 01:57:12 GMT
x-content-type-options: nosniff
age: 21194
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259366
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:35:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 01:57:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFEF 120 KB
37 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8A0D 22 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 15:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Nov 2022 15:57:43 GMT

GET
H2 200 4975030904423983559
tpc.googlesyndication.com/simgad/ Frame 8A0D 81 KB
81 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4975030904423983559?

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c25fe3065f26205ff7c4168efdc1985fd1dfea7f03d007bd1e8ee6bd4725665d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 01:05:09 GMT
x-content-type-options: nosniff
age: 24317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83042
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 09:51:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 01:05:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A0D 120 KB
37 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8C4 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi60ayZDG29Z2Hwglem2FbM4Vo-KU4eFYZdHJzvsl7LrFTEiTUNpZCLKRqMoET_jYZhX4X4-kzR0buNiU_X_rbSuBLxBbkPHMWguEKX5vSY2j_qN3Ua2iwQ6qDKpOp66hUDtxb_hTFyx5DRkf6fIVg2F0Ll41UwdFsn8FQ6jyRWfyybbn5OeJxJryEuAPIVKXqSN8ZzwZbpLb0vjVMv7rklGlkZVavPzBGB6GiSY7i7wqrCZP1zJ12nkZWnYw9VnQGQcaOvFaOKbYq19Iq4eS1Qj8cdgtYj1f3gYXRWpXzXqg-q3HNih4Klt79FZm7erAIr2Qs7ytNmo3QKF7LOTo&sig=Cg0ArKJSzFPKrLNo834KEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFEF 0
0 43ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5RNe9TJmbtyNXosxrHFGkJf9swCL-oYAIsGOqzyBJ0OVefpjOdSYYUZlXw0xUYalrG1gxx2VSd5426dh1D8vwsyP6Nc1CnbVFsSoEexslWxPniXbCUEumLf_ulqhdjdrx6I6GaeIFW024_hzDMdQYoIzSwVs5Rs0vGAcZyoPLiXNLndvld_g_3aXMdZhT9XtsdgjFs9xuzpetlCVFxBmyIBQRshnqwRPs7P6w8sRxCshb5kirfDmNT7iFF83oSwh5rZR56ezMRl0tlYgh4DKu0IcVvLbNaF2ZzRWHGtoWo8Bhjts8TE6D-PTocaKAbhC9AdlttHrl35JLEIhSQk5pXnwSh_7ysUhHOEnAHVdWSZEpssX0&sig=Cg0ArKJSzPlFh7Hj2nyMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A0D 0
0 42ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9qG_WNbXo8zR-iMdAwtshp20V4PZqwYA6LXZihnN8IGgHttaZeL_yoiTBRD4wDXtSSVMZzK_f6tDEU_jROh51PSgvQBB87vcuz5giqbgUmIvhQm-BhvD5B3ttCrOKhlXHE2BgcD6IXzwpWg71CmfBfiM5c0mU7FJuVIJm5E_sTfjiLmcm-PHZkXRDFpPLvhd_uBlIseaanCW7-AglbujQBeukcs-Jqz4mrdMAnDy7OTcxGim0XVolZoAnTtdka-6GXvNpyQzGWb-QUt6A8zlrVZTnf530SfeKlakzPV2c4iEWKq5-NEDIKReioAR6EXr7NSQ3l2uMGxi47R6u_Tm8LDO2bLtGJJvVAynyGfcU152BvUEr&sig=Cg0ArKJSzKGmKK5ZqF5XEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
URL: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8C4 0
0 44ms
44ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui0dR-AHn_WsOjqvOQfNmGnIoitheJyM6YHcfnOQJZODjfHH49zc3Cdwxs3Syyld4_oXUly3Uuhhs5oVrROXN-8UJaWufPgtrz7pTYQ_n2GMoRLlZ-tV1y77xb_bso0wtPjX6HukPX2gPXDUSsEOCey3TCMfr_5RRGXEb1KM_nCq46431BavdOFbmSkJ2nP4NjL5fcStE-GcHx2RMdaZEPNnw_B49CsXkKAtyYmV632vTZGhflSMtouNxMqh_lSzk5BVwqVAa3uR3acWJ5UFhtLXKdHo3ghvuJrS9DUocnfohz0H395DCRIVrbw4ydTT_DGN3brhGNijWevr7dYKPcZw&sig=Cg0ArKJSzNikOVEG6HkBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame E8C4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9aef9b1977434a3a33ca0753bd333e02b79ec61315478e3f46119c90244fd908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFEF 0
0 41ms
41ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzdWNkohSEtQPzvYcYuC_ge5H_DyAtDIZ56NzV9S6Wp30ToIfNMxuDqLtLWXjFZMhFXMwFY1m5QyyCVcAmG04vMmpX5q9v_nBNts2RVLb_EIb640rNeFHsfJnvUtYCi2MguYyBRyxRhipN0W2qE3e77msI1ROsQYI0Q_WwjkGsTB6SA6ebqJm25neVCkA6iBj-b_2ZpYQXlB8O-N5Y4uj5le0rATOiEKjJnChs_IOVmNKUhAP-FYy4NYqlZQmA4gpbffBcHso78xRTt9Nrnu30S55bMyJkgNu6arOEWzY3PUgHXLiHbz_itCHn7F-mqIFcgbXaYnYugdxW1LbfJC0jB-V3mkNXL8JpeUofmx3bkaBhFgGXF9A&sig=Cg0ArKJSzNoqZ3kavC0fEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame AFEF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd72c5a59a184a1b49b1ab82cdd66a37ee1cd015a842de7a793a402e402bf4ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A0D 0
0 43ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy5CeGyybNedhmbWhj58vmRJM-eM5fKcb5hsW4VfmCv7MvDaeYWnkFPmn81WbQUFgP3wRyIDs1Dkg6eb7BfY8rExFi9YCFMV4BVKkdPTW6_bPqHJUBWB3EY2vxsZdfaBLVenKZKa1hg0zSPkbJr1vMbHlYcY-nFfKQQJkdVxkToJd1w-iyk1bdVu9PTIqoEcI8a-K4tPbQpHzcQFLt-kSnhL4LJ9FIBu4FZ4LFd0MynavThQbm7TXKT48fbtGI4gagNLm3gKhLuqJbvSMMoMobotr_zs5BamiFJE6b0bMy5tuwxmFfLpMDP1442d2C6irs3frMMpHoTWlQa_lOV3pFtOyDRHopafu6PpU5aRNOXrq0Kn9k0NY&sig=Cg0ArKJSzF7DY7Km5Gi4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 07:50:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 08 Nov 2021 07:50:26 GMT

GET
DATA 200
OK truncated
/ Frame 8A0D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b29a2fa9b706aa6b0e2e2a1674862080149ac2b87085a9d26c60e1e2f287cf41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 84A6 42 B
108 B 36ms
36ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutcdGjt4yGyIPTwv-colMcdyoO_OU0-DCGuCv75KMEwRO6JyByi6Wf040ufJbmQ9nrJcOaS3ZxSaP-WrvmN287aV_G_3Q9La8v4UDGzNLdhzFr_4Y5&sig=Cg0ArKJSzAVw7Yrw5tDcEAE&id=lidar2&mcvt=1005&p=147,164,447,1436&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2411967391&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636357825740&rpt=274&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B3A 42 B
108 B 36ms
35ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugiZb-O-mEdQYPtvvUC4UawQSRBD_rvcaj5njDhY0MQRqjFLZQbP_Up_nz9Z7LZCW1y0DR6bUF4ikPYCpndRfoaWCx6pRWnGKqZdFpkRzX-ys062Kz&sig=Cg0ArKJSzNF3EpJFXtrNEAE&id=lidar2&mcvt=1008&p=479,164,480,1436&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4186927975&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636357825746&rpt=288&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C99 42 B
108 B 36ms
36ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWr6ymAnuDf5KLTs5GQSpuf49PzTTNtBSIURL_8ma-y7eBchUSnkUPPZx9FMzA1DFGeIR8_mTwjMJw6hOUTvDwxiQvAMKwNRZAc_G_ft_aHa8IzUhz&sig=Cg0ArKJSzHkMxP9rdp2DEAE&id=lidar2&mcvt=1000&p=480,1136,580,1436&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4284824202&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636357825891&rpt=354&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E26A 42 B
113 B 37ms
37ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsug5uVuUmVnWdlV09LfYINjwl_lRzH-c62OumzxNqxCcPrTcX-QJvJZsVD5N82mYkjTzuTC-wP4TOwnPXVPcp4np1ZNq8geNRX1AognxxSLbmtSh0k1yQ&sai=AMfl-YSuI79600O85mb6TXrglTdVNOcJORYxUFpkDfe_MgvOl8I-OqdN0cYm_0fk2IZiTQw5wLako3k4ezSLKy9HvQMNMoSbAMJEVxxDUKN2MZFYbWRBhQ49vH8xkkw&sig=Cg0ArKJSzEIlaFQqxWPGEAE&cid=CAASPeRocF5jCBE_UEAAdV8srdEex1xtm7XovsPaBoRO9Vg3OfWVnPB80AWHe5HEBhdsH797KC0P9bE8Hkq1l3E&id=ampim&o=1136,592&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=280&tls=1280&g=100&h=100&tt=1280&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=56772384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.upstreamonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 07:50:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 batch Show response
services.insurads.com/dfp/mapping/ Frame 2DA5 2 KB
733 B 237ms
237ms Script
application/javascript 34.236.246.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/dfp/mapping/batch?appId=1439&requests=[{%22eaup%22:%22/21646926696/upstreamonline.com/sponsoredcontentfrontpage%22,%22eoid%22:2910512336,%22eolid%22:5795153944,%22advid%22:5071187641,%22w%22:462,%22h%22:122,%22eId%22:%22main_upstreamonline.com_sponsoredcontentfrontpage_1%22},{%22eaup%22:%22/21646926696/upstreamonline.com/sponsoredcontentfrontpage%22,%22eoid%22:2841678208,%22eolid%22:5664312638,%22advid%22:4548612467,%22w%22:462,%22h%22:122,%22eId%22:%22main_upstreamonline.com_sponsoredcontentfrontpage_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/scp%22,%22eoid%22:2848675352,%22eolid%22:5677109981,%22advid%22:4897482403,%22w%22:948,%22h%22:304,%22eId%22:%22main_upstreamonline.com_scp_0%22},{%22eaup%22:%22/21646926696/upstreamonline.com/magstripe%22,%22eoid%22:2928938772,%22eolid%22:5822718146,%22advid%22:5085354676,%22w%22:1272,%22h%22:1,%22eId%22:%22main_upstreamonline.com_magstripe_0%22}]&h=https%3A%2F%2Fwww.upstreamonline.com%2F
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.5.59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.246.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-246-67.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8c1035a6a2ecb574019542184ba3a9e47bed00121d3c198d2d5b611ac6ffd954

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 07:50:28 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssT6P4W4I_xDotctCpQUUGpqIeHWfaKwIYfkl9UqJPxNgO5VikWdnBs-p8OlxB4thwSwM9MfkntrxUZJT-ZILeJN0udtRSkXGnssFATCxZaHgWxy3k4&sig=Cg0ArKJSzAlMbjD3oBaEEAE&id=lidartos&mcvt=1150&p=147,164,327,1436&mtos=1150,1150,1150,1150,1150&tos=1150,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2411967391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=u&rst=1636357824244&rpt=327&isd=0&lsd=0&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrkYnkkBOj6x95WeuWjHXmxRhTbuvu1kSgpMoGRSba6hBvtB9pKd8cJ-tZRxRo6nLEnO499KmtJoTbWK_tXzVmhdg9EcwwG4L7xf2e06jVTSMCsfFG&sig=Cg0ArKJSzHasN3pyNbtxEAE&id=lidartos&mcvt=1259&p=359,164,360,1436&mtos=1259,1259,1259,1259,1259&tos=1259,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4186927975&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=u&rst=1636357824254&rpt=201&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiW23ML0zZ31EYG0Ku9KceYA3J4079dHVX8N0BBToo6gqVdOW4EjF2coEWhY4F4N9yNtQRkVUPAgMpQ0lwopEu-IYEb_bf6cVrC-yuUiZYZqmLO_HS&sig=Cg0ArKJSzNhcQvGqk1yMEAE&id=lidartos&mcvt=0&p=1407,164,1711,1112&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=7&adk=960426179&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1636357824281&rpt=478&isd=0&lsd=0&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv81SmmzayCCeYmgsAQRdljAYhD-XhNcTYmh4ZfsTg2GiETOPKwwfXgda38ZibtcHjGsn8UoyjcfCAMVzqVcZaAXsa8pacgkdfljKBMaUpLupLfIkfG&sig=Cg0ArKJSzI4oesu_PCydEAE&id=lidartos&mcvt=1285&p=360,1136,460,1436&mtos=1285,1285,1285,1285,1285&tos=1285,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4284824202&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=u&rst=1636357824229&rpt=280&isd=0&lsd=0&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssae8x5yDFYVyVQYn56UKca0PXE07kPluqKWk9mBMdeu5hIulrL0otzNlTKQRsiTd6qpXfHJCM-zNIjuaRmBIMK2yxSrNLXH8UTB0MS4uISCP9lw4jr&sig=Cg0ArKJSzJVTLo6KnqVoEAE&id=lidartos&mcvt=994&p=472,1136,1072,1436&mtos=994,994,994,994,994&tos=994,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=56772384&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1636357824384&rpt=382&isd=0&lsd=0&ec=0&met=mue&wmsd=0

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upstreamonline.com/	1970-01-20 07:18:13	Name: sat_track Value: true
.demdex.net/	1970-01-20 02:51:49	Name: demdex Value: 20532582190220778312109589516582753732
.upstreamonline.com/	1969-12-31 23:59:59	Name: AMCVS_539A036355B676DE7F000101%40AdobeOrg Value: 1
.upstreamonline.com/	1970-01-20 16:03:49	Name: AMCV_539A036355B676DE7F000101%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18940%7CMCMID%7C20783429088318847672157126199474372508%7CMCAAMLH-1636962621%7C6%7CMCAAMB-1636962621%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1636365021s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.upstreamonline.com/	1970-01-20 07:18:13	Name: _k5a Value: %7B%22u%22%3A%5B%7B%22uid%22%3A%2214SFxgSiCPetWAth%22%2C%22ts%22%3A1636357821%7D%2C1636447821%5D%7D
www.upstreamonline.com/	1970-01-20 07:18:13	Name: DTM_AB Value: B
.upstreamonline.com/	1970-01-19 22:32:39	Name: gpv Value: Upstream%20Online%20%7C%20Latest%20oil%20and%20gas%20news
.upstreamonline.com/	1970-01-19 23:15:49	Name: s_nr30 Value: 1636357823270-New
.upstreamonline.com/	1970-01-20 16:03:49	Name: s_tslv Value: 1636357823270
.upstreamonline.com/	1970-01-19 22:32:39	Name: s_inv Value: 0
.upstreamonline.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.upstreamonline.com/	1970-01-20 07:18:13	Name: _hjid Value: 307141c1-897a-4fcf-b62d-17f9c86e7848
.upstreamonline.com/	1970-01-19 22:32:39	Name: _hjFirstSeen Value: 1
.upstreamonline.com/	1970-01-20 00:42:13	Name: gpt_aamsegments Value: globals_segment%3Dgeneric
.upstreamonline.com/	1970-01-19 23:15:49	Name: aam_uuid Value: 20532582190220778312109589516582753732
.upstreamonline.com/	1970-01-20 07:18:13	Name: _lp4_c Value:
.upstreamonline.com/	1970-01-20 16:03:49	Name: wisepops Value: %7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A36%2C%22cid%22%3A%2241939%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.upstreamonline.com/	1970-01-20 16:03:49	Name: wisepops_visits Value: %5B%222021-11-08T07%3A50%3A23.413Z%22%5D
.upstreamonline.com/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222021-11-08T07%3A50%3A23.413Z%22%2C%22mtime%22%3A1636357823875%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%2C%22testIp%22%3Anull%7D
www.upstreamonline.com/	1970-01-19 22:32:37	Name: _hjIncludedInSessionSample Value: 0
.upstreamonline.com/	1970-01-19 22:32:39	Name: _hjAbsoluteSessionInProgress Value: 0
.upstreamonline.com/	1970-01-20 16:03:49	Name: _ga Value: GA1.2.1031327413.1636357824
.upstreamonline.com/	1970-01-19 22:34:04	Name: _gid Value: GA1.2.1142563976.1636357824
.upstreamonline.com/	1970-01-19 22:32:37	Name: _gat_UA-4676970-1 Value: 1
.upstreamonline.com/	1970-01-20 07:18:13	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Nov+08+2021+07%3A50%3A24+GMT%2B0000+(GMT)&version=6.25.0&hosts=&consentId=e8f4e2cd-8e1b-4c48-a083-99888fe6864a&interactionCount=0&landingPath=https%3A%2F%2Fwww.upstreamonline.com%2F&groups=C0003%3A1%2CC0002%3A0%2CC0005%3A0%2CC0001%3A0
.doubleclick.net/	1970-01-20 07:54:13	Name: IDE Value: AHWqTUmlWD1jkMsw-zUdwjmyMfES96EiaU4KOmEwib_oEcUuOQ7gHW8P1dEhJ07dajc
www.upstreamonline.com/	1970-01-20 07:54:13	Name: __hstc Value: 215245651.f37870753c38d6a5f2ad4dfdebe7573f.1636357824782.1636357824782.1636357824782.1
www.upstreamonline.com/	1970-01-20 07:54:13	Name: hubspotutk Value: f37870753c38d6a5f2ad4dfdebe7573f
www.upstreamonline.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.upstreamonline.com/	1970-01-19 22:32:39	Name: __hssc Value: 215245651.1.1636357824782
.hubspot.com/	1970-01-19 22:32:39	Name: __cf_bm Value: 2MaXeU25KB8f.vqCsPfTQ0Vij3mWMX._IhsfYOOyzaI-1636357825-0-ARzFrSirZWn/dwppoPQl/4wTv0Nt3dMn9iMacW15BEw82gsJ5jI1z5fujDOeqcDqSxa1Fxqr85n+EalSMxlw040=
.insurads.com/	1970-01-20 07:18:13	Name: ___iat_gid Value: D0BE459EE63729D5
.upstreamonline.com/	1970-01-19 22:32:39	Name: ___iat_ses Value: D0BE459EE63729D5.1
.upstreamonline.com/	1970-01-20 02:51:49	Name: ___iat_vis Value: D0BE459EE63729D5.432585710.1636357825562.4073287031.BAOAIOJIAA
.upstreamonline.com/	1970-01-20 07:54:13	Name: __gads Value: ID=27e2bf36d5d20598:T=1636357824:S=ALNI_Man-LcyEjNAAnG2y-ITKc1YntrEpQ
.doubleclick.net/	1970-01-19 22:32:41	Name: DSID Value: NO_DATA
messaging.insurads.com/	1970-01-19 22:42:42	Name: AWSALBCORS Value: 5y/TWwU3Lngr2S+rDQZEwqJDenVpScqrhddNhu5oGveMM5zrihliWUUQNzFlCdRAXIZU9pHXUPdMn9weU78gbzS2BvAYP+CJjenSljOVwUGL13J7GYbDgzRKwNtd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
af0775a538ae82bf1bf0795de90c4d2a.safeframe.googlesyndication.com
api.hubspot.com
app.hubspot.com
assets.adobedtm.com
cdn-ukwest.onetrust.com
cdn.ampproject.org
cdn.insurads.com
cl.k5a.io
dpm.demdex.net
feedback.hubapi.com
forms.hsforms.com
forms.hubspot.com
geolocation.onetrust.com
googleads.g.doubleclick.net
images-global.nhst.tech
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
js.hubspotfeedback.com
js.usemessages.com
loader.wisepops.com
messaging.insurads.com
nhst.d3.sc.omtrdc.net
pagead2.googlesyndication.com
popup.wisepops.com
pp.lp4.io
script.hotjar.com
securepubads.g.doubleclick.net
services.insurads.com
static-global.nhst.tech
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.hubspot.com
upstreamonline.com
vars.hotjar.com
www.e-pages.dk
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.upstreamonline.com
pagead2.googlesyndication.com
13.36.218.177
136.243.25.70
142.250.185.130
151.139.128.11
18.66.139.117
18.66.97.53
2606:4700:10::6814:b944
2606:4700:20::681a:a13
2606:4700:20::ac43:4adc
2606:4700::6810:5505
2606:4700::6811:43b0
2606:4700::6811:70a2
2606:4700::6811:7fab
2606:4700::6811:8d2
2606:4700::6811:c8cc
2606:4700::6811:d4cc
2606:4700::6811:e6cc
2606:4700::6811:eccc
2606:4700::6812:15bf
2606:4700::6813:9b53
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c09::9a
2a02:26f0:6c00:299::1e80
2a02:c0:ac:6:fe::146
34.236.246.67
40.114.8.249
46.30.126.165
52.0.16.121
52.208.127.56
52.222.236.63
87.238.33.146
89.187.169.47
006558903066c434527180c296bb9acb909c0f53062e430aee57a2291749915b
02e1c4508320ee6bc6b884c4de9a0d73e541b6735fa139cbd957a27f42c72140
045dd0541404dc8d6646f10246a6783753969d6f315cf9b35c282cd91f368bb0
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
06c5b1aa9ebe74db08a85c6def0074435e7bdb866023e6cd80c9a01191350f04
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0a59984588e93b9271f308b864c1a3d019980d90df2dfeb184e0b56e08196774
0b4378121c3db9afc1948845c7866cfec76202966f7fca1e0f30d49d4ec69983
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd5b86b5406e2b3041dc884946dba73e221e79cba70cdec984f89438b132eeb
0d7b37037109b838789f21036b2c3004e8df05e398f30767129755f7b7ab1967
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
1438f41bb6c022d8d3c4c76dee706c57b11f8569ab0d6b706b24641bdfbf52c4
168a48a89cbc6866899a25f88acd183c5118355b53bb9ef81d4492bc7adb6847
16a1b4d2d632f5ffcf01adc7004f644bd12a652603b46156813608fab8e98f17
190753d716235e0e5cf75cb640085e1dd503074f67626d03499fb5a2fb2ce24e
1aba624edb63a1067c1347f189cce35ff8c521ab1ef5bb4ac968687a343cfed6
1b82697fd8fdf075079e29c67975e949442c4a68818a002bad2f1ee536e21ac4
1ba0e742eaf7202cc2db318ce1919f154dbf3f84668ffe58b3bfccbdde7ccb1f
1ee5f7b094d98b34cd4ceca892f1ddbc501f44830edb892fb03ffaf18e6bc3bb
1f4242c810a4f651799b712fee4767d1746ab8068c3dddb4a5a94585aa603dbe
1fc4dd3bed1f1a17fd8cfdb8571b0f0c29534301ba5f968799126c959e5a416c
204ebd5f339894f46b3612eb669bc72324e6a8f0106e66682c7cbbc0a721d5b1
212f92565c8dd2c10c6941d5adab021c09ceb7d63ff108317ec5290167bcfd9d
2a0bbfce85ba123533ba99e3c42487c8197d062d34cb7287256541bd8ae24cae
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2dbc656511d87c916d93c43af201cb867fb1b0764b26a9e24491ba3d7515bb88
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
31150a0018f782c4f44fc4e6a1931d592efbfa57720418c4f13ab8e775cd133a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3623d5d85fdcdeba501a2fadb6cd17c7968c4ccac9f83e677569afe9875f68fd
38557eef2f4492201f5b3e6a8f93c102cdf1e97c7b11c30fb1994a25e3ed0380
388d78a4eed39a5b1761a730b222bee66718481da66e1d66494e63de992bb67f
413763083ff8b2379dcbba7cd8aecac0c8ea524fa35956112bf7c352388bfe4a
422d2b89f17006fe1a4980ed7fb77eb6b5b004a91d481a235804b624213f74dc
4232147f5b0bc79975447315a98a5e042be1600c8ead4860510af52cb215eeba
4273d635b75c6f10d8e436bc9734f4204d7d1330076e1e64bf1561ccdda8bb1a
42fbfd4a9cf7f382eed9ae69cf6aed35a5910588c5982be50d7e01aad069b300
431bdc4bc2364e753ac262e561b9f9490cb48226c27a6194a606b24ab27a5c90
43cdd151a1eebf8b2436d4e99d63f494244869fcc99d747f3b9f9b07a132b323
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
465986f53ca7b58bbf8e8ecf0bd8f0c844f0f2f8658d325e957c9ef9492ee7ba
48fcbd45a4b6d4ce6b5c0a470563ad51ea96eaa1519e168ae28d4b51b14e884c
4a8af3c4d35c39f88085e845c90510f62fc09f3e5cdbbf8f543d323bafe37283
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4e658b10ea88b8e640df1a8fedebb3973b416cc8c29a283ae8c8501dc69edd43
4f9a8bd562ab37259191fe14048ae0a7dba3839e2ab4a2c1571cc47b36337858
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
51e0c6c26e5e686a0bed5285097c22ff0cc27eafe6672b5378b98c90e8a8251c
52a13673c1b29e32b3b6f23a10abb9f796915da0dc609935663ba7fe88e900f3
550355e4adae23c4c8da73268e54479e097f6fb7e646533dcb1c6ebac0c32b86
55ecd239128b21445c4aae4c4151e5a0eb0cd1a19d4d9ec583e237bba859da3b
56169ee80a01329e02e4bc53a7ed229f3b2938a05b147fde1fc3c05f81d2e934
5630e4b4adb07cea66d2c06cdfbc6578f8e4dc2512910b5e5945a3d7e3553b80
5941723b885cd55d14dce3acf8205227a57ba686f79fef9c5d11733fae010e50
5f25dbb05f2e99a8685708d7d388784116b117c3cba4522096bc9bb9fffde473
5f27272c7218099af31073e67ad85067d9700fec7d8d7d8cf11a8fb17a1c8159
60d45b17c0a823ad4f286dc983dfa8adc6ae64f7c2978fdd13175e133ba85ec3
640cd3b632fca258345a4967eb95d6027dd063ed70f2f4e7d794ea04b4389370
6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0
6827c746fd62c5a12ea40905656e26230b8296ddcdc89cc98639a93ab6fac6d3
686e6748767891fa53946dd376c13935206547eaf0c2a330df696bb55e09848c
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c6b9d04988fc9acdf9de6f4c7cd4faa6971a36ed06f4c3489139293418d98cc
6c95ea4eba06999e88a0a21e9ef513b127453502546ea55357619b779904462c
6e4ea2c9ce29600a81f4d99af9293eee640e10f675e8d41a8a4855d749a408c2
6f8fc6a5cb54399138e1280dbe5598a0a160e0c5d9d6883114bb35c7bf6e303a
7037d942e956b59aa762e18b1f72615e9be6a9acb2e96a2a604640b988f0c1a6
756d9836f243a1e92d906ccb26c62871a4931991310d793cfec7f4b4263aa51e
75a88f6de29eeb95ef564a5af784f88ce56b95e094a019e04ef25080bbf5f765
75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7d8ae2ba169984ca7f411d377fb78a28c18122e3dd4c723f8a5fd4d5d11f888d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82a532fb19c83b4108d017ea5896df52b6fd347cc63b1cf7e47c2e3cd9e39979
83c9df2ed10c9df955568a146b380fe0476cde67a470c3e40015ee4404f23bb0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e57a72bc14da6765c24e673cd9b34211a787f02a745a55d75009c37ea44155
8685f697034b8d094f706bcfedbfaf0f6919eb1b829dfd98b776bbcd9b54f724
86cfac1ec02d71eb277cc42c5a1c5ecbb91d2eadaff251b1bc9213445757f080
897734df74505ac4451b79d90206de989339d9c9ed4b29c8c335aad7fda0f9d8
8a8cf0177e1e7a74ffd4e842453f1d8b69ae170c59a47df86f0b4eba25bd4262
8c1035a6a2ecb574019542184ba3a9e47bed00121d3c198d2d5b611ac6ffd954
903e3a06c2f0615c6c7b01c7b877ce9cf5af99e96c7a9ee6b5f13e19aacc924c
905079b4cadfc2cd54783123d09980fc8b5dff33401a39c7bc5da748ac282d6a
91414dcfe981b2a11cbf76b65be00c2af3ce45d4d171cee5ad68a9840cc7b0e7
97e356ca0ad6053f929f7c23723bcff0099ad65adb43ae515200a77d22354137
98f566dc13a357c1c6a0761aef9bb2d2962648bee904fa5f557d06755fc08284
9aef9b1977434a3a33ca0753bd333e02b79ec61315478e3f46119c90244fd908
9c659faf8d77694c18092a7e1e87bd4e8ab6383cc491333455a65374ec0f954d
9eeda142b2dc158c64862405e6432b366c1f353c8d91b2a0251c7a8ff4c151b1
9f3f65797087c204763cdc4e52ea674fa3140e0f7b5ee176e8e3dd5d7d0b63d1
9fb4126bd26855d44fca46c1642b761a46e3de1ed26627915d33b59bcf647d30
a0e8f49ce2aa1c4720cc187c184c8d800182aea43645aa3193c0614703d0c8f4
a28a07bc1d81bc8e3a40667f072ed068d816d081f7118671af6dbfe18c279d26
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7bf7d9e58a95f987da6e3df0dbb0916373c445b417d5c163fe74c4bc55db5e2
a832edd20baff1cbc03ed0657267ea525bb69f37c5982afa11817d9b70dfce45
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
b060b10ebfc0a5f284acbb6f8b2af1e264311d47b0f6b68beceaefe70f31de91
b0d2d896ff5deb1765e871cb56bdd681ac53cace3ab433b585e5495e26219a0e
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b29a2fa9b706aa6b0e2e2a1674862080149ac2b87085a9d26c60e1e2f287cf41
b38803f733f36ff943399e6539b7fe1fa26611706ce6878b5b21c6a4f96ec862
b6d837189ae400c620c7592aff5849dc29d4d611d6eecff0b858d88a4e53b17a
b6ecb91758cd0996c1618389d6d8325bc19b1053c0409cc69646da6c84bfe47a
b8e21ad40b4d3312494cf1ec1c60a97a257c4f4eed16989ddb3aa51eacd0332f
b98c4831e42397043661597b4e384cce42b4e57396ce271b1e28e616b312f708
bbecf60c272a7e5f0797f93ffcaac8bc29a0933bd2813a72399be9316892467b
bd72c5a59a184a1b49b1ab82cdd66a37ee1cd015a842de7a793a402e402bf4ec
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c0ccc2447cd0cb4a4f3ba03e328f8588cbd4046ad736f2c6d575ef5e0514b29d
c25fe3065f26205ff7c4168efdc1985fd1dfea7f03d007bd1e8ee6bd4725665d
c5a1be0bb4011abd4259a5f280388a34a88b5b2176ccd411be8764178875b73a
c70af531b6b0e04455956f1684a9e76679ffe6c6e46a4c4d580486d8d96a300f
c7d67e2e0e1e6db1378d44d3acc8b659ef6a2fd973b9faee49828b6d369afe4a
c84ff684d4439eeead8243b1c2cf016482801608eb008c8a0ef66f5698f00f69
c9acee73f8d2230959de5d8b5b26e143cd8808f33f73b0ed921e293f4e45196d
ca44e74edd2e8aeb3f0048d1791f4bd4e130499814713aca7338baf42b96244b
cda36c3bc6dc8015acc8edb9b702dcd1d5cc47501b07dcaa8542e72d7dd35154
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
d1f1f4ca0a562e0b8d299156f54d351f3227de855649bf938d96c77d50fcdf50
d63fa7682106146d6112f1f042069486cd6a66dab846221523b0d23086379a99
db944cdfbbedf736cf07bf70c3e5176c4d705eb4aff05f3224f38d05d41167fe
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dca4c8f50886ab95fe36a4b2db67ad11a77716228eeb7cccbcdbe64cdc4e997e
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df75389c177cfd2638d509f560e9756601041dce099242297c3d4ca108172331
e190eaec9eb82f10167defacbe3b4e407a124ceb6cee6f4710954fa2af6f9729
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40debd2efac39fc0e362436fd698949e34793e7ee371619a0aadab075c3ee27
e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00
e51f142acc3041a15292dcec8b693b6132295c4d357f0def33f7101db8620557
e88876f7bfe7ad0fcab290f353b3f09b22154bb0fbd3f993aaf378fe8ceab43f
e9d2957853a8a51b36f4dc9501ec09435fbdc056a6743be5379c08b97730d4a9
eaa3294dc76fa723ae94ebac089712da0e75699ea46463a18c9c6e4aa9661212
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fea75fccffaf6b1d6559684dc9efd9b90f4f483a7d0360e52e5ec84356594b
f4f7d7372e39253fd8bee8dee260128726f783bac389856bf2844c5795ccfd3d
f5e5fff62dbe258477f28da824c79534277b95ec2ab0335eea980fa1d040d38e
f5f2868d5e5fb8354a05ce3b5c9c3048bd257ea7a11b568e074b144d7603dba8
fad5a34868c9d99dce4b630ff94757ca00aa431570cc27eb8642f5662b43c000
fcfaadb1fb77388243c1e80b0fb92f539312ddab2fe99d5ac659599a3bb10ddd
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
fed57b435b67b11f8ca012da2f2d5f1eb2ef139a403b7fb2655831a81f06f8f5
fee220ecac6b954755c3e109de1d5e52fa6d20d98ad96d34f7dbcb0ad4befa4c

www.upstreamonline.com Open in urlscan Pro 2a02:c0:ac:6:fe::146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

327 Requests

98 %HTTPS

67 %IPv6

31 Domains

48 Subdomains

43 IPs

7 Countries

5368 kBTransfer

14220 kBSize

37 Cookies

21 Outgoing links

Page URL History

Redirected requests

327 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.upstreamonline.com Open in urlscan Pro
2a02:c0:ac:6:fe::146 Public Scan

Screenshot
Live screenshot

Full Image

327
Requests

98 %
HTTPS

67 %
IPv6

31
Domains

48
Subdomains

43
IPs

7
Countries

5368 kB
Transfer

14220 kB
Size

37
Cookies

327 HTTP transactions
16 data transactions