urlscan.io logo urlscan.io
SecurityTrails logo

www.dealnews.com Open in urlscan Pro
151.101.2.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dealnews.com/
Effective URL: https://www.dealnews.com/
Submission: On September 16 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 14 countries across 104 domains to perform 536 HTTP transactions. The main IP is 151.101.2.49, located in United States and belongs to FASTLY, US. The main domain is www.dealnews.com. The Cisco Umbrella rank of the primary domain is 128736.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on December 24th 2021. Valid for: a year.
This is the only time www.dealnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.128.92.144 3561 (CENTURYLI...)
16 151.101.2.49 54113 (FASTLY)
38 199.232.196.249 54113 (FASTLY)
7 2606:4700:303... 13335 (CLOUDFLAR...)
4 151.101.193.95 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.40 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 151.139.128.11 20446 (STACKPATH...)
2 2001:4860:480... 15169 (GOOGLE)
1 13.224.189.67 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 13.225.84.168 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 151.101.130.49 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 195.201.242.21 24940 (HETZNER-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 5 142.250.185.134 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 5 2620:1ec:c11:... 8068 (MICROSOFT...)
6 142.250.185.226 15169 (GOOGLE)
3 13.224.195.78 16509 (AMAZON-02)
9 2600:9000:21f... 16509 (AMAZON-02)
7 35.173.165.253 14618 (AMAZON-AES)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.190.77 62713 (AS-PUBMATIC)
3 8 51.38.120.206 16276 (OVH)
1 178.250.2.131 44788 (ASN-CRITE...)
7 34.149.20.76 15169 (GOOGLE)
7 35.157.246.167 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 99.81.203.9 16509 (AMAZON-02)
4 10 185.89.211.12 29990 (ASN-APPNEX)
1 2 104.18.18.126 13335 (CLOUDFLAR...)
1 69.166.1.14 27630 (AS-XFERNET)
7 35.157.192.129 16509 (AMAZON-02)
1 18.158.177.133 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 13.225.87.188 16509 (AMAZON-02)
1 92.123.21.200 16625 (AKAMAI-AS)
1 13.225.78.97 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 8 52.58.8.248 16509 (AMAZON-02)
2 2620:1ec:27::... 8075 (MICROSOFT...)
2 99.80.120.198 16509 (AMAZON-02)
1 184.51.9.34 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 141.95.98.67 16276 (OVH)
5 11 13.248.245.213 16509 (AMAZON-02)
1 198.47.127.19 62713 (AS-PUBMATIC)
4 20.75.32.255 8075 (MICROSOFT...)
3 141.95.98.64 16276 (OVH)
5 52.223.40.198 16509 (AMAZON-02)
18 70 172.217.18.98 15169 (GOOGLE)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 54.229.65.185 16509 (AMAZON-02)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
1 2 209.54.182.161 16509 (AMAZON-02)
6 8 64.202.112.159 22075 (AS-OUTBRAIN)
1 34.102.146.192 15169 (GOOGLE)
1 34.96.70.87 15169 (GOOGLE)
1 3.12.169.211 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 35.190.39.111 15169 (GOOGLE)
9 34.235.242.182 14618 (AMAZON-AES)
4 37.157.3.29 198622 (ADFORM)
2 85.14.248.91 24961 (MYLOC-AS ...)
29 2a00:1450:400... 15169 (GOOGLE)
35 2a00:1450:400... 15169 (GOOGLE)
2 142.251.5.157 15169 (GOOGLE)
3 6 34.247.139.125 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 188.42.196.115 7979 (SERVERS-COM)
3 5 104.18.19.126 13335 (CLOUDFLAR...)
4 14 35.244.159.8 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
7 142.250.184.226 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
3 3 169.50.137.190 36351 (SOFTLAYER)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
4 4 162.19.80.92 16276 (OVH)
1 1 124.146.215.49 2514 (INFOSPHER...)
2 37.157.2.249 198622 (ADFORM)
10 2600:9000:223... 16509 (AMAZON-02)
3 3 69.173.144.139 26667 (RUBICONPR...)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
14 2600:1f13:800... 16509 (AMAZON-02)
3 3 18.197.134.247 16509 (AMAZON-02)
1 34.96.105.8 15169 (GOOGLE)
2 2 52.2.211.96 14618 (AMAZON-AES)
2 18.158.8.202 16509 (AMAZON-02)
2 2 2600:9000:223... 16509 (AMAZON-02)
1 1 23.35.228.23 16625 (AKAMAI-AS)
3 3 103.229.205.243 30419 (MEDIAMATH...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 37.157.4.40 198622 (ADFORM)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 192.132.33.46 18568 (BIDTELLECT)
2 69.166.1.10 27630 (AS-XFERNET)
1 1 154.59.122.79 174 (COGENT-174)
1 198.47.127.18 3257 (GTT-BACKB...)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 52.29.158.178 16509 (AMAZON-02)
4 213.254.244.112 36062 (DOUBLE-VE...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
6 6 104.111.239.217 16625 (AKAMAI-AS)
2 148.251.139.77 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 185.172.90.252 49981 (WORLDSTREAM)
2 3.11.238.206 16509 (AMAZON-02)
1 1 34.240.38.30 16509 (AMAZON-02)
1 185.86.137.108 201081 (SMARTADSE...)
2 2 162.55.80.222 24940 (HETZNER-AS)
1 151.101.194.49 54113 (FASTLY)
2 2 213.155.156.167 1299 (TWELVE99 ...)
2 13.224.189.115 16509 (AMAZON-02)
2 18.66.15.50 16509 (AMAZON-02)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.15.36 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.160.25.113 14618 (AMAZON-AES)
2 34.205.195.221 14618 (AMAZON-AES)
2 99.83.154.140 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 18.168.156.122 16509 (AMAZON-02)
536 125
1    63.128.92.144 (Lithia Springs, United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: dealnews.com
dealnews.com
16    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
www.dealnews.com
38    199.232.196.249 (United States)

ASN54113 (FASTLY, US)
dealnews.a.ssl.fastly.net
cdlnws.a.ssl.fastly.net
7    2606:4700:3032::ac43:9f63 (United States)

ASN13335 (CLOUDFLARENET, US)
cmp.uniconsent.com
4    151.101.193.95 (United States)

ASN54113 (FASTLY, US)
c.dlnws.com
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.32.99.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-40.fra60.r.cloudfront.net
api.pushnami.com
12    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
v3s8r2c3.stackpathcdn.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.189.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-67.fra2.r.cloudfront.net
tracker.marinsm.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.225.84.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-168.fra2.r.cloudfront.net
dsh7ky7308k4b.cloudfront.net
1    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
api.dealnews.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    195.201.242.21 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.242.201.195.clients.your-server.de
servedbyadbutler.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
5    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
3    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
9    2600:9000:21f3:1600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
7    35.173.165.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-165-253.compute-1.amazonaws.com
prebid-server.pubgalaxy.com
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
7    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
7    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    99.81.203.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-203-9.eu-west-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
10    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
1    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
7    35.157.192.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    18.158.177.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-177-133.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2600:9000:2491:9800:1d:d7f6:39d0:c781 (United States)

ASN16509 (AMAZON-02, US)
m.media-amazon.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
11    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.225.87.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-188.fra2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    52.58.8.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-8-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2620:1ec:27::cafe:1759 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    99.80.120.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-120-198.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
1    184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
12    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
8    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
1    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
lb.eu-1-id5-sync.com
11    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
3    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
70    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    54.229.65.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com
ads.avct.cloud
3    2a05:d018:d29:3601:fb24:7ad4:5f4f:4dd3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    64.202.112.159 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    3.12.169.211 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-169-211.us-east-2.compute.amazonaws.com
prod.uidapi.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
9    34.235.242.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-242-182.compute-1.amazonaws.com
gw.geoedge.be
4    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    85.14.248.91 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
29    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
35    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    142.251.5.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net
bid.g.doubleclick.net
6    34.247.139.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
dsum.casalemedia.com
14    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
google-bidout-d.openx.net
u.openx.net
eu-u.openx.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
c.eu1.dyntrk.com
1    124.146.215.49 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
10    2600:9000:223f:ae00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
14    2600:1f13:800:7782:2ffd:4913:b6c3:d37a (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
3    18.197.134.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-134-247.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    52.2.211.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-211-96.compute-1.amazonaws.com
fksnk.com
2    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    2600:9000:223f:8e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
3    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.29.158.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-158-178.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
4    213.254.244.112 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
rtbc-frc.doubleverify.com
4    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
6    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
2    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
2    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
2    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
2    3.11.238.206 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
track.webgains.com
1    34.240.38.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-38-30.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    162.55.80.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.222.80.55.162.clients.your-server.de
sync-dmp.aura-dsp.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    213.155.156.167 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
2    13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net
analytics.webgains.io
2    18.66.15.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-50.vie50.r.cloudfront.net
cdn.track.production.webgains.team
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)
app.viralsweep.com
1    18.66.15.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-36.vie50.r.cloudfront.net
ak.sail-horizon.com
1    2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    54.160.25.113 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-25-113.compute-1.amazonaws.com
psp.pushnami.com
2    34.205.195.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-195-221.compute-1.amazonaws.com
trc.pushnami.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
track.hubspot.com
1    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
4    18.168.156.122 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
102 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
ad.doubleclick.net — Cisco Umbrella Rank: 178
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
bid.g.doubleclick.net — Cisco Umbrella Rank: 428
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
350 KB
72 googlesyndication.com
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
406 KB
38 fastly.net
dealnews.a.ssl.fastly.net — Cisco Umbrella Rank: 244396
cdlnws.a.ssl.fastly.net — Cisco Umbrella Rank: 132537
382 KB
30 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
fw.adsafeprotected.com — Cisco Umbrella Rank: 774
static.adsafeprotected.com — Cisco Umbrella Rank: 575
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
301 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27692
ad4m.at — Cisco Umbrella Rank: 2111
assets.ad4m.at — Cisco Umbrella Rank: 34810
966 KB
21 google.com
www.google.com — Cisco Umbrella Rank: 2
accounts.google.com — Cisco Umbrella Rank: 77
apis.google.com — Cisco Umbrella Rank: 98
adservice.google.com — Cisco Umbrella Rank: 75
158 KB
19 dealnews.com
dealnews.com — Cisco Umbrella Rank: 113965
www.dealnews.com — Cisco Umbrella Rank: 128736
api.dealnews.com — Cisco Umbrella Rank: 228237
414 KB
18 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1496
gw.geoedge.be — Cisco Umbrella Rank: 1714
1 MB
16 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3068
us-u.openx.net — Cisco Umbrella Rank: 396
google-bidout-d.openx.net — Cisco Umbrella Rank: 2960
u.openx.net — Cisco Umbrella Rank: 650
eu-u.openx.net — Cisco Umbrella Rank: 1768
2 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
5 KB
12 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 953
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
4 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
365 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
10 KB
8 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 470
rtb0.doubleverify.com — Cisco Umbrella Rank: 675
rtbc-frc.doubleverify.com — Cisco Umbrella Rank: 19264
44 KB
8 adform.net
track.adform.net — Cisco Umbrella Rank: 3979
s1.adform.net — Cisco Umbrella Rank: 8482
c1.adform.net — Cisco Umbrella Rank: 637
40 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
4 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
b.clarity.ms — Cisco Umbrella Rank: 5126
c.clarity.ms — Cisco Umbrella Rank: 998
27 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
4 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
9 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
2 KB
7 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 991
1 KB
7 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
ssum.casalemedia.com — Cisco Umbrella Rank: 1370
12 KB
7 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1513
1 KB
7 pubgalaxy.com
prebid-server.pubgalaxy.com — Cisco Umbrella Rank: 28547
8 KB
7 uniconsent.com
cmp.uniconsent.com — Cisco Umbrella Rank: 23268
95 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 23027
api.webgains.io — Cisco Umbrella Rank: 59421
170 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
49 KB
6 gstatic.com
www.gstatic.com
550 KB
6 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 5805
psp.pushnami.com — Cisco Umbrella Rank: 19857
trc.pushnami.com — Cisco Umbrella Rank: 6049
20 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
1 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 375
c.bing.com — Cisco Umbrella Rank: 220
13 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16122
3 KB
4 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 4836
2 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
203 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 120642
static-de.ad4mat.net — Cisco Umbrella Rank: 157656
8 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1122
id5-sync.com — Cisco Umbrella Rank: 463
16 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
image8.pubmatic.com — Cisco Umbrella Rank: 607
6 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
5 KB
4 dlnws.com
c.dlnws.com — Cisco Umbrella Rank: 266303
6 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
3 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1273
bcp.crwdcntrl.net — Cisco Umbrella Rank: 838
id.crwdcntrl.net — Cisco Umbrella Rank: 1389
10 KB
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1504
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2989
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
178 KB
2 hubspot.com
forms.hubspot.com — Cisco Umbrella Rank: 3106
track.hubspot.com — Cisco Umbrella Rank: 2260
2 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2703
333 B
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69591
171 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4933
651 B
2 aura-dsp.com
sync-dmp.aura-dsp.com — Cisco Umbrella Rank: 48927
805 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48798
4 KB
2 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5432
444 B
2 conrad.de
www.conrad.de — Cisco Umbrella Rank: 73156
950 B
2 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 20138
1 KB
2 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 82540
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2203
1 KB
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
cms.quantserve.com — Cisco Umbrella Rank: 1020
957 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
883 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 985
100 B
2 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4584
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2092
2 KB
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 13833
2 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 7394
238 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2715
898 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de — Cisco Umbrella Rank: 9081
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
match.360yield.com — Cisco Umbrella Rank: 3665
677 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1041
1 KB
2 servedbyadbutler.com
servedbyadbutler.com — Cisco Umbrella Rank: 14689
5 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 915
api.btloader.com — Cisco Umbrella Rank: 1033
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
88 KB
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4400
445 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2156
16 KB
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4853
23 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2138
20 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2212
903 B
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2700
44 KB
1 viralsweep.com
app.viralsweep.com — Cisco Umbrella Rank: 70009
34 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
178 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 873
75 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 658
469 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1333
704 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 689
263 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 804
254 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1318
1 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2350
173 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2025
709 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
1019 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1578
582 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3290
5 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 6751
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3109
8 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1406
330 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1360
17 KB
1 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 594
143 KB
1 4dex.io
mp.4dex.io — Cisco Umbrella Rank: 2010
664 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 cloudfront.net
dsh7ky7308k4b.cloudfront.net
215 KB
1 marinsm.com
tracker.marinsm.com — Cisco Umbrella Rank: 18539
321 B
1 stackpathcdn.com
v3s8r2c3.stackpathcdn.com — Cisco Umbrella Rank: 30385
356 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
297 B
536 104
Domain Requested by
70 cm.g.doubleclick.net 18 redirects eb2.3lift.com
googleads.g.doubleclick.net
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
u.openx.net
35 pagead2.googlesyndication.com rumcdn.geoedge.be
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
31 cdlnws.a.ssl.fastly.net www.dealnews.com
29 tpc.googlesyndication.com rumcdn.geoedge.be
16 www.dealnews.com www.dealnews.com
dealnews.a.ssl.fastly.net
14 dt.adsafeprotected.com 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
12 assets.ad4m.at as.ad4m.at
12 www.google.com www.dealnews.com
www.gstatic.com
www.google.com
rumcdn.geoedge.be
11 www.googletagservices.com rumcdn.geoedge.be
11 eb2.3lift.com 5 redirects dsh7ky7308k4b.cloudfront.net
eb2.3lift.com
www.dealnews.com
11 googleads.g.doubleclick.net www.googleadservices.com
rumcdn.geoedge.be
10 static.adsafeprotected.com rumcdn.geoedge.be
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
srcdoc
10 us-u.openx.net 4 redirects googleads.g.doubleclick.net
u.openx.net
10 ib.adnxs.com 4 redirects dsh7ky7308k4b.cloudfront.net
googleads.g.doubleclick.net
9 gw.geoedge.be rumcdn.geoedge.be
9 rumcdn.geoedge.be dsh7ky7308k4b.cloudfront.net
rumcdn.geoedge.be
www.dealnews.com
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at rumcdn.geoedge.be
as.ad4m.at
ad4m.at
8 b1sync.zemanta.com 6 redirects 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
8 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
8 x.bidswitch.net 8 redirects
8 onetag-sys.com 3 redirects dsh7ky7308k4b.cloudfront.net
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
www.dealnews.com
7 googleads4.g.doubleclick.net bid.g.doubleclick.net
www.dealnews.com
7 btlr.sharethrough.com dsh7ky7308k4b.cloudfront.net
7 c2shb.ssp.yahoo.com dsh7ky7308k4b.cloudfront.net
7 ssc.33across.com dsh7ky7308k4b.cloudfront.net
7 prebid-server.pubgalaxy.com dsh7ky7308k4b.cloudfront.net
www.dealnews.com
eb2.3lift.com
u.openx.net
7 cmp.uniconsent.com www.dealnews.com
cmp.uniconsent.com
7 dealnews.a.ssl.fastly.net www.dealnews.com
dealnews.a.ssl.fastly.net
6 securepubads.g.doubleclick.net dsh7ky7308k4b.cloudfront.net
securepubads.g.doubleclick.net
rumcdn.geoedge.be
6 www.gstatic.com www.google.com
accounts.google.com
6 accounts.google.com www.dealnews.com
accounts.google.com
apis.google.com
www.gstatic.com
5 match.adsrvr.org eb2.3lift.com
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
u.openx.net
dsh7ky7308k4b.cloudfront.net
www.dealnews.com
5 ad.doubleclick.net 4 redirects www.dealnews.com
4 api.webgains.io analytics.webgains.io
4 www.awin1.com 4 redirects
4 gum.criteo.com 2 redirects rumcdn.geoedge.be
4 cdn.doubleverify.com rumcdn.geoedge.be
4 c.eu1.dyntrk.com 4 redirects
4 s0.2mdn.net 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
rumcdn.geoedge.be
s0.2mdn.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 pixel.adsafeprotected.com 2 redirects rumcdn.geoedge.be
4 track.adform.net rumcdn.geoedge.be
4 b.clarity.ms www.clarity.ms
4 c.dlnws.com www.dealnews.com
3 mug.criteo.com www.dealnews.com
3 sync.mathtag.com 3 redirects
3 pm.w55c.net 3 redirects
3 pixel.rubiconproject.com 3 redirects
3 um.simpli.fi 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects eb2.3lift.com
3 px.ads.linkedin.com 2 redirects eb2.3lift.com
3 id5-sync.com cdn.id5-sync.com
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
dsh7ky7308k4b.cloudfront.net
3 c.amazon-adsystem.com dsh7ky7308k4b.cloudfront.net
c.amazon-adsystem.com
3 bat.bing.com www.dealnews.com
bat.bing.com
3 www.googletagmanager.com www.dealnews.com
www.googletagmanager.com
2 api.sail-personalize.com ak.sail-horizon.com
2 trc.pushnami.com api.pushnami.com
2 psp.pushnami.com api.pushnami.com
2 c.clarity.ms 1 redirects
2 cdn.track.production.webgains.team as.ad4m.at
track.webgains.com
2 analytics.webgains.io track.webgains.com
2 d5p.de17a.com 2 redirects
2 sync-dmp.aura-dsp.com 2 redirects
2 track.webgains.com as.ad4m.at
2 ads.us.e-planning.net 1 redirects dsh7ky7308k4b.cloudfront.net
2 www.conrad.de as.ad4m.at
2 www.zenaps.com 2 redirects
2 banner.congstar.de as.ad4m.at
2 rtbc-frc.doubleverify.com cdn.doubleverify.com
2 rtb0.doubleverify.com rumcdn.geoedge.be
2 a.sportradarserving.com 2 redirects
2 sync.go.sonobi.com www.dealnews.com
2 c1.adform.net 2 redirects
2 eu-u.openx.net u.openx.net
2 s.ad.smaato.net 2 redirects
2 cs.emxdgt.com 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
2 fksnk.com 2 redirects
2 static-de.ad4mat.net as.ad4m.at
2 ups.analytics.yahoo.com 2 redirects
2 s1.adform.net rumcdn.geoedge.be
2 fw.adsafeprotected.com 1 redirects rumcdn.geoedge.be
2 a.tribalfusion.com 1 redirects 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
2 static.criteo.net dsh7ky7308k4b.cloudfront.net
static.criteo.net
2 ads.betweendigital.com 2 redirects
2 prod-rtb.ad4mat.net rumcdn.geoedge.be
2 bid.g.doubleclick.net rumcdn.geoedge.be
2 m.exactag.com rumcdn.geoedge.be
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 oajs.openx.net 1 redirects www.dealnews.com
2 c.bing.com 1 redirects eb2.3lift.com
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 ads.avct.cloud 2 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 ad-delivery.net www.dealnews.com
2 servedbyadbutler.com www.dealnews.com
2 api.dealnews.com dealnews.a.ssl.fastly.net
2 www.google-analytics.com www.dealnews.com
www.google-analytics.com
2 apis.google.com www.dealnews.com
apis.google.com
2 connect.facebook.net www.dealnews.com
connect.facebook.net
2 api.pushnami.com www.dealnews.com
api.pushnami.com
1 forms.hsforms.com
1 track.hubspot.com
1 forms.hubspot.com js.hscollectedforms.net
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-scripts.com www.googletagmanager.com
1 ak.sail-horizon.com www.googletagmanager.com
1 app.viralsweep.com www.googletagmanager.com
1 ssum.casalemedia.com 1 redirects
1 sync-tm.everesttech.net 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
1 ads.yieldmo.com 1 redirects
1 cms.quantserve.com 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
1 image8.pubmatic.com www.dealnews.com
1 ums.acuityplatform.com 1 redirects
1 bttrack.com www.dealnews.com
1 dsum.casalemedia.com 1 redirects
1 id.crwdcntrl.net dsh7ky7308k4b.cloudfront.net
1 api.rlcdn.com dsh7ky7308k4b.cloudfront.net
1 pixel.quantserve.com 1 redirects
1 cs.media.net 1 redirects
1 tr.blismedia.com 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
1 u.openx.net dsh7ky7308k4b.cloudfront.net
1 sync.inmobi.com 1 redirects
1 match.360yield.com 1 redirects
1 google-bidout-d.openx.net rumcdn.geoedge.be
1 tg.socdm.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
1 prod.uidapi.com rumcdn.geoedge.be
1 invstatic101.creativecdn.com rumcdn.geoedge.be
1 oa.openxcdn.net rumcdn.geoedge.be
1 image6.pubmatic.com ads.pubmatic.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 adservice.google.com rumcdn.geoedge.be
1 adservice.google.de rumcdn.geoedge.be
1 ads.pubmatic.com dsh7ky7308k4b.cloudfront.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 www.google.de www.dealnews.com
1 cdn.id5-sync.com rumcdn.geoedge.be
1 tags.crwdcntrl.net rumcdn.geoedge.be
1 secure.cdn.fastclick.net rumcdn.geoedge.be
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 api.btloader.com btloader.com
1 m.media-amazon.com www.dealnews.com
1 tlx.3lift.com dsh7ky7308k4b.cloudfront.net
1 apex.go.sonobi.com dsh7ky7308k4b.cloudfront.net
1 htlb.casalemedia.com dsh7ky7308k4b.cloudfront.net
1 ad.360yield.com dsh7ky7308k4b.cloudfront.net
1 mp.4dex.io dsh7ky7308k4b.cloudfront.net
1 bidder.criteo.com dsh7ky7308k4b.cloudfront.net
1 hbopenbid.pubmatic.com dsh7ky7308k4b.cloudfront.net
1 fastlane.rubiconproject.com dsh7ky7308k4b.cloudfront.net
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 btloader.com www.dealnews.com
1 dsh7ky7308k4b.cloudfront.net www.dealnews.com
1 region1.google-analytics.com www.googletagmanager.com
1 tracker.marinsm.com www.dealnews.com
1 v3s8r2c3.stackpathcdn.com cmp.uniconsent.com
1 www.facebook.com www.dealnews.com
1 dealnews.com 1 redirects
536 164
Subject Issuer Validity Valid
www.dealnews.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
default.ssl.fastly.net
GlobalSign RSA OV SSL CA 2018		 2021-12-17 -
2023-01-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
c.dlnws.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.pushnami.com
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-25 -
2022-09-23		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-04 -
2023-05-31		 a year crt.sh
*.marinsm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-27 -
2023-05-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
api.dealnews.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
servedbyadbutler.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-08 -
2023-01-11		 4 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
*.pubgalaxy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-30 -
2022-10-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-09-14 -
2022-12-13		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-02-01 -
2023-01-02		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-08-21 -
2022-11-19		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-08-03 -
2023-02-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
invstatic101.creativecdn.com
R3		 2022-07-29 -
2022-10-27		 3 months crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2022-07-29 -
2022-10-27		 3 months crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2022-01-02 -
2023-02-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-08-16 -
2022-11-14		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
viralsweep.com
Cloudflare Inc ECC CA-3		 2022-07-04 -
2023-07-04		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
api.sail-personalize.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh

This page contains 49 frames:

Primary Page: https://www.dealnews.com/
Frame ID: 7D447179D7FF9923F73C746F334153B9
Requests: 198 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=zc3tve37nr4y
Frame ID: 48E7FB1F6388EC5059D2F5B668C79C2D
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: C9747304F10AA13653AB2F8BF3921E3D
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys
Frame ID: 305661003FD388BA9DEB579A34D0AD3B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D
Frame ID: AEC3492BA14E01872609319C9DDBC3C9
Requests: 2 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ED049B75AA9F918D1E4DFAD3CB315B1B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 2B5F25E6CD2BC72687746D90DE436305
Requests: 12 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA2C33EAFFE99D6FD04F0E301969C75B
Requests: 25 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CE94EF1A13ECBC14F814499100B7944F
Requests: 24 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAA04D6D7ABA4E58E777CE2C580997E9
Requests: 10 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B26360B3E5B9A9F3C9AA34F4B088A4E7
Requests: 12 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A69EDC5C2AA01C1789403D69D4AA7100
Requests: 23 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BD80B585303C8F9DC31C84795DEF519B
Requests: 25 HTTP requests in this frame

Frame: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 786442D3F018CF4032AC128DAEB75F7F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYy7LD0wEwAQ&v=APEucNUQAYEMS8_BEAJslooUf-bTrlw6NrNThvIH5vJJU5tVPrF0XHLWbEFNQkR6oosjd2d9D36rO1lHykjPR70GsdldVEzHYFX77gw8BS2xThq3yyFMOks
Frame ID: F92AEBD0612C5CF2AE9212BB4D2D84B4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNXflX8Kq1MCVkcVC6vl1_7KY9do6Ed_6qLNtuZ_9sNkyDle4Ogo7XqXQtFjyLgeID6_mg8bDqKupt3It9Uk-xi7lxy2XZrICPU4TQHanlfZsAxT30s
Frame ID: 12FA44AD2A45F164D4C308ABDA569CAA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNUYnlI49VqBM8ESArH7AzExy4SxDmaeR5NVQpey1cktymIGLc4kNZ8Il95tjYK7yiPlYCzIvRN5E5slI6F2r-RSZs3fyf3BUEwmRtgxZPG6_n3nSPo
Frame ID: 128337E131B510168816819EE36DAA54
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hcpq9ym0nt9naeqvk6bekrc8h3a9439yd67gk3yrat678jh5hwehvmms3fja2ak5z1p5z9093zahceekyy0bqaz5m8ckpe2hg9qrh3sgd0y5gtrnwpphd6xvf5wga72ept8n48e73dgygmmryrc9z6y94rtrdp3zx983d88ymd5gg96t5r7a8mjrgfqthfxm9ywvjw8dd4gv7thtm0r82p0wqshca5bgm79zbh4dgx579er1ztyqys2zvs8f0ah98sqqsvcm4e2yv89ynky3k2b2wr96tshrsxhk8kwbfnjq3t0yjqqm12x8rnpad11h3qx6m7ktpb0pv8gasp5nphexf1j3aqjcgq1qymqzka1bm28k49d4tvxpmcnm23q0nt6697edbkq8cf32g5csz69dkdmwsp5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%26client%3Dca-pub-6163857992956964%26adurl%3D
Frame ID: 75BD491FF3969EDB4829C5F0C928EC93
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCBB03AE56E778116F6E574DCE72C8F8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY6Nbp0QEwAQ&v=APEucNWe7zX8ur8w4-pbzdvapwt0X8ATjOP0vAXlyu71F2nC0JhoYJh3feFuINUOGV9pysULCsxy7K9AJH0kA-1ErPuMjEBz-eTvu8B9KrPmsJhgEdGvpnw
Frame ID: 8F7EB904F90C7986D5A2375452A53837
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXszpWpnZhGMrM7zmWKvDqdOEjUNrogqtjFA0_KR_EP2oY75d4eLHIP-RHTJMJgdlBw1PibDiTPgvlwIBFyVPyq8qf4i8qlrkMAjD1Yx7E3RcK3RUw
Frame ID: 5FB0E9AE72CA0FBA824D1D78A0BF07B0
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hzdykbkd3v30yhmrct6b8jbj001jqhzd60xyc3fzz0eqe440663a2r94b1rj6mqy3ka1qcts63jnm08814sspev72wsybkqd8k37em2262v33b7pbpd4w1stghns7n21785wb1cfgfb376ry05j1s917tz5krgbc144qwmv6s1tkfqaj50s5rxskbsprzmwjzmpzy25w282qt1gg7a6zkwd9dcvm6taxxjxx99cpdvrrdqyk24f8qy4ja55crx04af5h3x0p3h1cxackwsdw0pm3y1thdgmabrfqh3vf17dcg0rv0s3f9pe5mx4hyvd32sc494qf0s9sqq4zsrqcppnxcmz67ryhctp387grs2k59h25b8a66snyn0e8hybr9fbcnx4bjezgkwzr0xz8asmnmehnwyh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%26client%3Dca-pub-6163857992956964%26adurl%3D
Frame ID: 3EBF1D25FAD0444CEE83895129435BA6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EB3BCC853560546C05796A0A0E244AA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF0F7D0ECFB9591B759CF62CEE1AC35D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41BCCAFB6305DDA3E84C483DCC78C692
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4EC72BF85CC9BBD01D8C89138FFE1BB
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6DF08F2A5076CC48C4A387467AC40892
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3098EF6630E9EDDF91F9772602EFC140
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D5F38D4B73BE34A09BE1CDE00ADF1B4D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: BCC68D7FA57BC09A3BDC4F695310E7D6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26824DA13396EDBFDB4CAEB31ABB3BC7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: EA2280AF3EDD5F28501187FEC1657DF2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: C952E5FF44226F67C72E676AC250AB49
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E9425519960CE66B9077574003AD41DB
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 16B6EC368FEADDD3A3975AA1007CF7DD
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 9F6F680BE7F802B6454EE39E1747A004
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Frame ID: AAABD18A5E5EAF3C121925B9BB178A6E
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 525E26A5D084A6D058FC18123930ACD5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FCACB010BD8AC9B923BD9DF37DA56757
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: 130E8B3B8376B9C01DA519A9A462A3AC
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Frame ID: F80B641A06D899C49314FB9EEF26082F
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Frame ID: 8CC3E5E5E6A1EB53FDEF8165AEABEC53
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E55CA68695EBD0F87CC3DEFFFED057E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 754A2F4845F6A0B45C4C77A7F50D9FBC
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
Frame ID: FFCF12F9D2B281B58908AF4A14030247
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 0B47F09678831B40169B64468E8192AE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dealnews.com&gdpr=0&gdpr_consent=
Frame ID: B67591E7BADA69BF2050EAF901F1E5BA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D5A8B30BEE6F935D2966FEFBCF0C4D7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2FA7E9464C5D0C8F40DDFC8EFE83228
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best Deals Online - Today's Best Daily Deals

Page URL History Show full URLs

  1. http://dealnews.com/ HTTP 301
    https://www.dealnews.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

536
Requests

84 %
HTTPS

34 %
IPv6

104
Domains

164
Subdomains

125
IPs

14
Countries

6934 kB
Transfer

19506 kB
Size

128
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dealnews.com/ HTTP 301
    https://www.dealnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 147
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&f=i&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&f=i&gdpr_consent= HTTP 302
  • https://prebid-server.pubgalaxy.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7adcbe78-9639-40bf-9c11-ec8460e37791
Request Chain 157
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 162
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHRA8bPyujXRpFntUCRbXEk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 164
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D
Request Chain 166
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3576297707154671476820&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0e634405-52fe-45e9-9ff5-b9fbef388498&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7adcbe78-9639-40bf-9c11-ec8460e37791&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 168
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3576297707154671476820 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3576297707154671476820&dcc=t
Request Chain 170
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Request Chain 192
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dealnews.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dealnews.com%2F&rid=esp&cc=1
Request Chain 254
  • https://ads.betweendigital.com/match?bidder_id=pbs&gdpr=0&gdpr_consent=&us_privacy=1---&callback_url=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dbetween%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7Bus_privacy%7D%26f%3Di%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=pbs&gdpr=0&gdpr_consent=&us_privacy=1---&callback_url=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dbetween%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%7B%7Bus_privacy%7D%26f%3Di%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://prebid-server.pubgalaxy.com/setuid?bidder=between&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}&f=i&uid=ad23cf2e-fb2c-5203-964d-4239f569303e
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0
Request Chain 272
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyRyCDG.bBvdIjSTDdfs7AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0&google_hm=2
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Request Chain 276
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Request Chain 278
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Request Chain 282
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Request Chain 284
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Request Chain 297
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDZEM6HCJ5YoGkp1deq012E&google_cver=1&google_push=AZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZEM6HCJ5YoGkp1deq012E&google_cver=1&google_push=AZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 298
  • https://um.simpli.fi/gp_match?google_gid=CAESECoZPtBnMMd3oXIgDj3Ln1M&google_cver=1&google_push=AZmPxg_RHp0GgGEzSrtIk_7SDpF3EONKJm4EwZkIDHpMyd7ZzB9w-yJk057jY4yMMRPYvmnXbiEzmPvx4bqg_A_kRsQPU5I6o0I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_RHp0GgGEzSrtIk_7SDpF3EONKJm4EwZkIDHpMyd7ZzB9w-yJk057jY4yMMRPYvmnXbiEzmPvx4bqg_A_kRsQPU5I6o0I
Request Chain 299
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO6s2p2n8jz7w_zdlnWvFI8&google_cver=1&google_push=AZmPxg91GRWZWdwjeAV3Hgk4pf0vRvfiTd6kLidge-hIczDRbVqim13eXAq3XuNrwwpOzzjVSGj4BGgyuWVMVecu9efQNJpiuw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0Mzk2MDI4NzYwMjM0MjA0Mg%3D%3D&google_push=AZmPxg91GRWZWdwjeAV3Hgk4pf0vRvfiTd6kLidge-hIczDRbVqim13eXAq3XuNrwwpOzzjVSGj4BGgyuWVMVecu9efQNJpiuw
Request Chain 300
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciRtrM2X7H_IaMuEbn2M HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciRtrM2X7H_IaMuEbn2M&prevuid=&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciRtrM2X7H_IaMuEbn2M&google_hm=
Request Chain 301
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEqeeBC7GYFtXLKvqaFhWgM&google_cver=1&google_push=AZmPxg_oZ1zAMQfgW27nD68cz2f2cIcOsolduyDsaok0G6w2VubjOk291ny4QhQY8l5AYuk5yu0tPuTHus-UBY4cjPmDeuUq_qs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_oZ1zAMQfgW27nD68cz2f2cIcOsolduyDsaok0G6w2VubjOk291ny4QhQY8l5AYuk5yu0tPuTHus-UBY4cjPmDeuUq_qs&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
Request Chain 302
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDdthEOyJFV8_M8zDDMCijU&google_cver=1&google_push=AZmPxg-BnySpPw7yZrrMQJcqXTgn5yW_OVFBZQ7OU233wSEKYWFVVDP7qtKaFGpKo2OJJ6cdDcKMMFXLwZdBYfOJqRPbeH-eGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg-BnySpPw7yZrrMQJcqXTgn5yW_OVFBZQ7OU233wSEKYWFVVDP7qtKaFGpKo2OJJ6cdDcKMMFXLwZdBYfOJqRPbeH-eGA
Request Chain 303
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPlMzVTIlHS_aobCRtZfVJo&google_cver=1&google_push=AZmPxg8i7PkXjGHS9nsb3vTzvC9qOq2iluEzbZ79oM82wtplJWy5zuj_V7gQlZtN7qKKr98y514_Hh1X3byZxZXZMb6U0j_KF7Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg8i7PkXjGHS9nsb3vTzvC9qOq2iluEzbZ79oM82wtplJWy5zuj_V7gQlZtN7qKKr98y514_Hh1X3byZxZXZMb6U0j_KF7Y&google_hm=WXlSeUNNQ284WFVBQVBVeENDb0FBQUFB
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Request Chain 306
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Request Chain 308
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Request Chain 312
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Request Chain 314
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Request Chain 337
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGD72wqtcNhimFGZ6WSt0WI&google_cver=1&google_push=AZmPxg-SBvJx5MkDrf4b4Bwa7sJK3bo2XTp4tMDIbJxwdSzv0ysS7H7yHgvonlpENm8nZ93NYWpl9YpPvK6JQejRfC7r0w_LZEhl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-SBvJx5MkDrf4b4Bwa7sJK3bo2XTp4tMDIbJxwdSzv0ysS7H7yHgvonlpENm8nZ93NYWpl9YpPvK6JQejRfC7r0w_LZEhl
Request Chain 338
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYllrxLOG90Jp0V_lkbCdL HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYllrxLOG90Jp0V_lkbCdL&prevuid=&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYllrxLOG90Jp0V_lkbCdL&google_hm=
Request Chain 339
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHgvi5p6jG7L7QhhgxIzaNw&google_cver=1&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ0vTwLLNPnwPGEE HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHgvi5p6jG7L7QhhgxIzaNw&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ0vTwLLNPnwPGEE&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ0vTwLLNPnwPGEE&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU=
Request Chain 340
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEthsxNMkjWIBnOk7GSBcp4&google_cver=1&google_push=AZmPxg_3G3wpDDdpM-8vurtQC5hIv_oovKs3OF2kU2skzBEyZS3yobCB3le3PI0CUHk60eHIHpeVrFoEtMLdTfAbS3EUW6ZWDj8y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_3G3wpDDdpM-8vurtQC5hIv_oovKs3OF2kU2skzBEyZS3yobCB3le3PI0CUHk60eHIHpeVrFoEtMLdTfAbS3EUW6ZWDj8y
Request Chain 341
  • https://match.360yield.com/match/ebda?google_gid=CAESEJR5gpkGCeqhNkgctGgkPzk&google_cver=1&google_push=AZmPxg9OVLL--PcOIeygC1QM9UkQzhJS-vZ8KF5Mo-q9UnUIJLWMoqvwMkEQcL_q4p_YbJGwF8xpXYJeRwCG--JOptazYC1VWDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1TW4MGWqSEKS1k2lPME6RQ&google_push=AZmPxg9OVLL--PcOIeygC1QM9UkQzhJS-vZ8KF5Mo-q9UnUIJLWMoqvwMkEQcL_q4p_YbJGwF8xpXYJeRwCG--JOptazYC1VWDA
Request Chain 342
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG0KdMwL53W60_qcEUyOiwQ&google_cver=1&google_push=AZmPxg9gY34DziFNsWgTe1IFf7kLEhtCEU8EVafzEaUkOrJZ-kpn_zxNofcggzEoXOIA0kZKNikiN3QkBMkY5DI8TScp1VZRrB8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg9gY34DziFNsWgTe1IFf7kLEhtCEU8EVafzEaUkOrJZ-kpn_zxNofcggzEoXOIA0kZKNikiN3QkBMkY5DI8TScp1VZRrB8P
Request Chain 343
  • https://sync.inmobi.com/gob?google_gid=CAESECCnZKY56apnEWvP1d1f0NM&google_cver=1&google_push=AZmPxg90Lt5ucb7rA_IfQu7yJ7bXlrryqY5_TE8ofAhoYZJghxabfNnar2L3773_GaFi5Vxx2lnA69tTUQHW2uJaqtgCAHrjJ7ICjg HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg90Lt5ucb7rA_IfQu7yJ7bXlrryqY5_TE8ofAhoYZJghxabfNnar2L3773_GaFi5Vxx2lnA69tTUQHW2uJaqtgCAHrjJ7ICjg&gdpr_consent=&gdpr=
Request Chain 347
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_B3IkY9_CM9-89u8PhrihgAg&cbFunctionName=goog_wrapCb_B3IkY9_CM9-89u8PhrihgAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.dealnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:217244fb-b626-de2a-2541-553e33ae1926,c:onIAZX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-55f5665b-xdb7b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:thBldLE+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b*.990511-61634100%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g1%7C1h,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:27,oid:b554df39-35be-11ed-9e5d-7addb78bc920,v:19.8.351,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 358
  • https://pixel.adsafeprotected.com/rfw/st/934251/60616147/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dealnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:770ad8ac-3fe7-c5bb-9da3-47e5b34b6039,c:onIB1T,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-55f5665b-kr4gj,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:371,mot:0,app:0,maw:0,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f*.934251-60616147%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1h%7C1i,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:397,oid:b5310447-35be-11ed-b773-fa1212ede7e9,v:19.8.351,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 360
  • https://pixel.adsafeprotected.com/rfw/st/934251/60616147/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dealnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:558d58eb-65e0-384d-7dd3-bc2d5f0f2c22,c:onIB2y,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-55f5665b-znvlz,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:366,mot:0,app:0,maw:0,fm:thBldIC+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.934251-60616147%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1h%7C1i,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:377,oid:b53103d0-35be-11ed-926a-9e8cb6335e4f,v:19.8.351,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 362
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg8HMT3Rp2r_sB6cwrx4rehEkGYoUrpnX5I5kwXo04fLoQ7el7xKeRWw-Iw73Bn4okDSxJItSNjNTJO4RfNnzl5ejBta7Hp_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg8HMT3Rp2r_sB6cwrx4rehEkGYoUrpnX5I5kwXo04fLoQ7el7xKeRWw-Iw73Bn4okDSxJItSNjNTJO4RfNnzl5ejBta7Hp_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg8HMT3Rp2r_sB6cwrx4rehEkGYoUrpnX5I5kwXo04fLoQ7el7xKeRWw-Iw73Bn4okDSxJItSNjNTJO4RfNnzl5ejBta7Hp_
Request Chain 363
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGD72wqtcNhimFGZ6WSt0WI&google_cver=1&google_push=AZmPxg_KDY-wTzG50Zhrlj10hUTwcUNAA8k00SaikKaxLsT3n4yxtANzWxNk52lrxHejiPe6vTX9cde8PNLQVQNq0dXUDiLzuPE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_KDY-wTzG50Zhrlj10hUTwcUNAA8k00SaikKaxLsT3n4yxtANzWxNk52lrxHejiPe6vTX9cde8PNLQVQNq0dXUDiLzuPE
Request Chain 365
  • https://fksnk.com/cs/google?google_gid=CAESEHm74TUFF1wDZvh-q9ZtSYQ&google_cver=1&google_push=AZmPxg-u-GjraFuKVBWKd5_VWfaIb1V9NbCr-pr4b-oRTlAIwHIrMBI69m6pkLdjTqxh0rUXGJ_ySe6VpA1HBcYsx_EPdF9Cjw4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
Request Chain 366
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEqeeBC7GYFtXLKvqaFhWgM&google_cver=1&google_push=AZmPxg9c0j__fW_DKZzWNCReYYG_UF3ElOj63GJF5Jj_h8L0htHErSj7Gl-6x74lT2BeBkB09RT3LhrUG_o81r3FQcPo5sWfzIqF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9c0j__fW_DKZzWNCReYYG_UF3ElOj63GJF5Jj_h8L0htHErSj7Gl-6x74lT2BeBkB09RT3LhrUG_o81r3FQcPo5sWfzIqF&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
Request Chain 368
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHAxbyoVHclmlXOPtNYofWo&google_cver=1&google_push=AZmPxg-KwTGwadzsT6bs7VA8GDEjXFP83bknh9x-eHBjGawyNm_yHzjPg-GqkNBix-G-k6w6_VWswLXyBeA4GAjbd1ibtzQAg6QR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-KwTGwadzsT6bs7VA8GDEjXFP83bknh9x-eHBjGawyNm_yHzjPg-GqkNBix-G-k6w6_VWswLXyBeA4GAjbd1ibtzQAg6QR HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 373
  • https://um.simpli.fi/gp_match?google_gid=CAESECoZPtBnMMd3oXIgDj3Ln1M&google_cver=1&google_push=AZmPxg_uDO2ic4vmjqPMAljlP1zGJ25rV6prvvy8gqpFijRZmYGEiKrOv9Aluy7Lqeezof5PLNpuuhrZ2tPO3djFGTOooA_EsQc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_uDO2ic4vmjqPMAljlP1zGJ25rV6prvvy8gqpFijRZmYGEiKrOv9Aluy7Lqeezof5PLNpuuhrZ2tPO3djFGTOooA_EsQc
Request Chain 375
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHgvi5p6jG7L7QhhgxIzaNw&google_cver=1&google_push=AZmPxg9sTjwRCs1gIqNYeVgMDKYRq692ZJIqiSmzfpT4VLytg69bcsFH5WpcLneJkzwuda5mPVJgWE637nMc_AAso6evUUCfhG4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9sTjwRCs1gIqNYeVgMDKYRq692ZJIqiSmzfpT4VLytg69bcsFH5WpcLneJkzwuda5mPVJgWE637nMc_AAso6evUUCfhG4&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU=
Request Chain 376
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEthsxNMkjWIBnOk7GSBcp4&google_cver=1&google_push=AZmPxg-E-X5ywIMa9VrV2zoeAmFR3i6b-0cq1B1gjRE5R2EHYDIrLJzWJV-Qozxg9QUccaYnaTkdp3FVxX1PaeLrojR6IqQhipM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg-E-X5ywIMa9VrV2zoeAmFR3i6b-0cq1B1gjRE5R2EHYDIrLJzWJV-Qozxg9QUccaYnaTkdp3FVxX1PaeLrojR6IqQhipM
Request Chain 377
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFodRCsaCsJA8cP8iDp1bjM&google_cver=1&google_push=AZmPxg-CTVyMhN2jKYg9Y9bQ6KegqYHFr0kcshsRYRFbzYOobHdSlNA8eGGpNNXB2hLFjiVUctfG7hiCwQjtOZAEh7o53YWxWA4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-CTVyMhN2jKYg9Y9bQ6KegqYHFr0kcshsRYRFbzYOobHdSlNA8eGGpNNXB2hLFjiVUctfG7hiCwQjtOZAEh7o53YWxWA4
Request Chain 378
  • https://cs.media.net/cksync?type=g&google_gid=CAESED0QAeNPOJs2d7HGTrC720U&google_cver=1&google_push=AZmPxg-D2CkgrnXJUDtu1DvSDlv6EvQm0l7zqQModIHSxTKTcoAJCXXLahsZK7cYWlkFNz3L54HHSRbXzSuJS16PLd2IcCuKXw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&mn_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-D2CkgrnXJUDtu1DvSDlv6EvQm0l7zqQModIHSxTKTcoAJCXXLahsZK7cYWlkFNz3L54HHSRbXzSuJS16PLd2IcCuKXw&gdpr=&gdpr_consent=
Request Chain 379
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ7Ih9dvcKLE7b7SJ3jOERA&google_cver=1&google_push=AZmPxg-ULWylhd8MD_NQX4ou1ysTTJFd1l6dE48NrjhtFutesQV67YrLl-yT0-PIk15EIV12bG8hgrK2Br4NbYkldltamHhMmBMD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-ULWylhd8MD_NQX4ou1ysTTJFd1l6dE48NrjhtFutesQV67YrLl-yT0-PIk15EIV12bG8hgrK2Br4NbYkldltamHhMmBMD&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 391
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ee26324-7209-4a00-865b-395a1bf675ce
Request Chain 392
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=ivKbB4vzmQuRopAHhPKEUd2lnAaR9s0AjvU-DsOH
Request Chain 393
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3865101669408010213
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1
Request Chain 399
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dealnews.com%2F&domain=www.dealnews.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=0Pq4Rnw4WTY3K3duNmEwTk1ia3FscUxsUXFISjErbmwraUlLQS80SGU2bEl6Ky9iZ21mdmtwVFR4NEdCcWtBYUJtbmVRWG9pbm1iRzMxcHBEaVdpdVhnVi91N0tYbEJtWVErSDNqYnhYNGZZUnJlVG5IY2NGakZVWGFCRWxXUUpXVW9HbWphMDZmM1oyODJEWEhjVXg0YkRkR056eGZUMVRROUdLRkwveVJLbkhaUHhqZUE0U2JESHZlUzVLb1Qrc2o4cXBzaE0zcE0xV3gvTFk5MVJ0b1hnVktZVE9DSXBZWUZHTzBDQ2NUMnlKemNBVXl6alFWUzUvOGZUd1NlNmFmNjV6fA&cppv=2
Request Chain 407
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=720920&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&gdpr=0
Request Chain 408
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ea4e6324-7209-4400-a980-3de900f6699b
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=7adcbe78-9639-40bf-9c11-ec8460e37791&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=693325687609&expires=30&user_group=1&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7adcbe78-9639-40bf-9c11-ec8460e37791
Request Chain 418
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOcM-X5m8WtlfpU8Es544Zo&google_cver=1&google_push=AZmPxg9-DuIHtNeEFJU14KBOOwFLULMLpaJuPR6hsBhUkYbnBS7P8CXyc9yIK95HLYjt0e3FH70be4dJsXZdZkSg_gyYh77wVSgU HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=88dc6297-0acf-480a-b5ea-07dfbf1087f6&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9-DuIHtNeEFJU14KBOOwFLULMLpaJuPR6hsBhUkYbnBS7P8CXyc9yIK95HLYjt0e3FH70be4dJsXZdZkSg_gyYh77wVSgU&google_hm=ety-eJY5QL-cEeyEYON3kQ==
Request Chain 419
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPbNk9WUQaNSWBhThAI8tmM&google_cver=1&google_push=AZmPxg-XScVWLtGjWc02kewzpmYWj5Ah6nsGgJD9IRa8n5yQyrPirq9gTuWRVt1iiI83hW0I3dnRQV0YdZq3sU2Gwr7-e2qh8tu5Jg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTEwNzUwODE1OTc2NTEyNjczNA&google_push=AZmPxg-XScVWLtGjWc02kewzpmYWj5Ah6nsGgJD9IRa8n5yQyrPirq9gTuWRVt1iiI83hW0I3dnRQV0YdZq3sU2Gwr7-e2qh8tu5Jg
Request Chain 420
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDdthEOyJFV8_M8zDDMCijU&google_cver=1&google_push=AZmPxg8Jztumb73kZmpiBa0qi1KnFIrfqpkn9sPCt_qNyrcfi3fJXFtgb0xYAtiOAU0waWqEUOagUvFh2MWD13oznnMHJF8uATj4Yw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg8Jztumb73kZmpiBa0qi1KnFIrfqpkn9sPCt_qNyrcfi3fJXFtgb0xYAtiOAU0waWqEUOagUvFh2MWD13oznnMHJF8uATj4Yw
Request Chain 421
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHAxbyoVHclmlXOPtNYofWo&google_cver=1&google_push=AZmPxg9s5OI-JbFCYnemaaPNT6b3fCUtDSii3tKjnT54NXlTLQmUadU93zdFoT1PU0fXajyazxlveb8TxmzoNjC9SlGfETRjk7PZzNI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9s5OI-JbFCYnemaaPNT6b3fCUtDSii3tKjnT54NXlTLQmUadU93zdFoT1PU0fXajyazxlveb8TxmzoNjC9SlGfETRjk7PZzNI HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 422
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ7Ih9dvcKLE7b7SJ3jOERA&google_cver=1&google_push=AZmPxg8cVQocP-bqkWBk12_tls8uVgf9Jnbidb5sT_qI9neOUKb23muDe6r8Xm4KEPu6CmfBGorawG9n-hONvRy5wLVWspDGWiax7tY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8cVQocP-bqkWBk12_tls8uVgf9Jnbidb5sT_qI9neOUKb23muDe6r8Xm4KEPu6CmfBGorawG9n-hONvRy5wLVWspDGWiax7tY&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 455
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJ7_xeitmfoCFRWG_Qcd9UUMHQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b6578201-35be-11ed-9f3f-2232bdca291f
Request Chain 460
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=b63ec9e0-35be-11ed-a5a1-2235383f8385&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b63ec9e0-35be-11ed-a5a1-2235383f8385&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 465
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
Request Chain 470
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNzMz-itmfoCFUYm4AodJaYOKw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b66341d1-35be-11ed-8280-22382f38ffb2
Request Chain 475
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=b64c8580-35be-11ed-9f3f-2232bdca291f&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b64c8580-35be-11ed-9f3f-2232bdca291f&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMLmunJm1Va0bDREmCRprhM&google_cver=1&google_push=AZmPxg8hNnPor6UU_H-kQEIV35r8yw1sv7ErCE9ihC620ZRY_BjDB8cm9lsgiKJWRw8HfGZjW1OSljCFfH8y9ojm_aMjSRF7X0NdzQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8hNnPor6UU_H-kQEIV35r8yw1sv7ErCE9ihC620ZRY_BjDB8cm9lsgiKJWRw8HfGZjW1OSljCFfH8y9ojm_aMjSRF7X0NdzQ
Request Chain 477
  • https://fksnk.com/cs/google?google_gid=CAESEHm74TUFF1wDZvh-q9ZtSYQ&google_cver=1&google_push=AZmPxg-SZu4IkKzwwKLPhDcUvoiWzbpeeW-qgYKahLgdtGB-u2gJArw_LqPZXH8vs57UsyFzSkAvjiG9-72lu7bkCdivyWsihE-Z1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
Request Chain 478
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEthsxNMkjWIBnOk7GSBcp4&google_cver=1&google_push=AZmPxg_I2o6gBcmY5h_wij48tmAwzV-SnOt643h-0iqPTcKZeHBftA67lYnq97NtqPOtPTW3qYVDzL1NhR3UT7NBX1iko1dQ0N3mIA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_I2o6gBcmY5h_wij48tmAwzV-SnOt643h-0iqPTcKZeHBftA67lYnq97NtqPOtPTW3qYVDzL1NhR3UT7NBX1iko1dQ0N3mIA
Request Chain 479
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELdesNJtu1SshlmxfQJOkxM&google_cver=1&google_push=AZmPxg8WTl8KoCgKBbfLLKnJOghmBHKeo5-XqyHrPne1z2Z2hA-Occ2ds5BtDVoETwcGo5mC2IL1MLhiUE0oLlzQimRjVN9UhIsd0Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8WTl8KoCgKBbfLLKnJOghmBHKeo5-XqyHrPne1z2Z2hA-Occ2ds5BtDVoETwcGo5mC2IL1MLhiUE0oLlzQimRjVN9UhIsd0Q&google_hm=Z2ZiNWZlMmQwODIwZjYwNTQ2YmE=
Request Chain 481
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG0KdMwL53W60_qcEUyOiwQ&google_cver=1&google_push=AZmPxg8afANOR8tHK5R7600OWiAWvJ8MAbkfpNKqT72d7wq-E6L7R0_MQjNZG4Qoo9eXMCX4GpIgjXZaTIPYGOa5Gd6lT2hF0_Spqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg8afANOR8tHK5R7600OWiAWvJ8MAbkfpNKqT72d7wq-E6L7R0_MQjNZG4Qoo9eXMCX4GpIgjXZaTIPYGOa5Gd6lT2hF0_Spqg
Request Chain 482
  • https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEC8KWLqFALmxGmzGeM0vmPo&google_cver=1&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iHP4VSIHHF1CbOyVLrow HTTP 302
  • https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEC8KWLqFALmxGmzGeM0vmPo&google_cver=1&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iHP4VSIHHF1CbOyVLrow&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sol_networks_limited&google_hm=NzE2Yzk2YjRiYmY2NTU5Mw&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iHP4VSIHHF1CbOyVLrow
Request Chain 487
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg-vT7TI5mlU619Fn_JRPabYxjUSCynGQs4vwVJI71tdr7jfnPYPmFxzYZ81YoL60VsaE-HKNPm3SEmbJjYU4VbCBRDh3Mli HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg-vT7TI5mlU619Fn_JRPabYxjUSCynGQs4vwVJI71tdr7jfnPYPmFxzYZ81YoL60VsaE-HKNPm3SEmbJjYU4VbCBRDh3Mli
Request Chain 489
  • https://um.simpli.fi/gp_match?google_gid=CAESECoZPtBnMMd3oXIgDj3Ln1M&google_cver=1&google_push=AZmPxg-K3dNKK9vfxC3pJ-eGpAKQM0NAQ758gj2Ko-_si7M9wTwVQtlJcXY1Q1imKsIMOeVFOa3AJXJKMbRdFHKQBVHHTgkpk3mqLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg-K3dNKK9vfxC3pJ-eGpAKQM0NAQ758gj2Ko-_si7M9wTwVQtlJcXY1Q1imKsIMOeVFOa3AJXJKMbRdFHKQBVHHTgkpk3mqLA
Request Chain 490
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIsTpQm-8a8Km12dQPB9E0U&google_cver=1&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi51o-_od9g HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIsTpQm-8a8Km12dQPB9E0U&google_cver=1&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi51o-_od9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi51o-_od9g
Request Chain 491
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFodRCsaCsJA8cP8iDp1bjM&google_cver=1&google_push=AZmPxg9A9RTPm9yYrmP0Hy-BvBpLIcyy-VJd7jCSUT3wPVY0yF7GOs089dezE67SBYeZjXp8Yn-Xfd4WYGhqdI1O6nezV4fbCuB3uQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9A9RTPm9yYrmP0Hy-BvBpLIcyy-VJd7jCSUT3wPVY0yF7GOs089dezE67SBYeZjXp8Yn-Xfd4WYGhqdI1O6nezV4fbCuB3uQ
Request Chain 493
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHAxbyoVHclmlXOPtNYofWo&google_cver=1&google_push=AZmPxg90jyuHy7ZI8PqBJ6wi_ymk5vOqbprjiT_WE-ZAwTE0tHs1xQfoZaUrIK3chYSfQYtajVnBTBVAQlsWCNGR1c4P0LtcsASgqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg90jyuHy7ZI8PqBJ6wi_ymk5vOqbprjiT_WE-ZAwTE0tHs1xQfoZaUrIK3chYSfQYtajVnBTBVAQlsWCNGR1c4P0LtcsASgqQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 498
  • https://ssum.casalemedia.com/usermatchredir?s=189517&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Di%26uid%3D HTTP 302
  • https://prebid-server.pubgalaxy.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=1---&f=i&uid=YyRyCDG.bBvdIjSTDdfs7AAA%261169
Request Chain 507
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=007B8CF1751B4779900ED60EE8FDD6D5&RedC=c.clarity.ms&MXFR=0C60BB7ED55566E70586A95FD15568B7 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=007B8CF1751B4779900ED60EE8FDD6D5&MUID=105C581D0B4464FC39B04A3C0A2F65B9
Request Chain 513
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.dealnews.com&sn=ChromeSyncframe&so=0&topUrl=www.dealnews.com&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-4m9XHw5eGtJcTVsU1phWVN0RFZ3Ymg3aUxMNHFnV01ybFhidGUzSmhNVTdqYkJUSjVrT3Jsa0VHR010UlpTTXErb1NyUjBEUjQ0U21HdFowK3NEQjlPQXdMZk1XK3AxSTBkdEY2N3BkaHVtZXhsV25GRVU3VTdpYk94b2hwc1N0Rmd5WnJVYjVXMi9XVjUxMWNBenM0MVU5SXkvMWZEeVh0cDNveHlKNUtNU3JqZENnUGNqSGQ4Ui9WZnR0MlJHNG5ZVXBFRVNnaFo5bGtVNjdMQ0VOTWU4QXR3PT18&cppv=2

536 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dealnews.com/
Redirect Chain
  • http://dealnews.com/
  • https://www.dealnews.com/
3 MB
331 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
86f7287f730ab7e5e35914c490d2aa02f21b164d808f7de8ae782c0f66519b25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
content-encoding
gzip
content-length
338546
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 12:54:28 GMT
link
<https://www.dealnews.com/>; rel="canonical"
server
nginx/1.20.2
vary
Origin, Accept-Encoding, User-Agent, Fastly-SSL
via
1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
10, 0
x-dn-device-target
DESKTOP
x-dn-page-id
existing_user
x-dn-page-type
INDEX

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://www.dealnews.com/
Server
BigIP
dealnews.js
dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/dealnews.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8878de93f0391bd93c2be05c5e49401ea10d8b78dc6a20efe8ea965ac227b32b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
e_Hivs1vUww2Ib7jnD5DbXsUBBjgyIJk
Content-Encoding
gzip
ETag
"32f51fcfd631eee226e954a037edd9df"
Age
306847
X-Cache
HIT
Connection
keep-alive
X-S3-Url
/dealnews.uploads/dealnews-js/1.18.0/dealnews.js
Content-Length
1259
X-Served-By
cache-fra19138-FRA
Last-Modified
Mon, 11 Jul 2022 19:04:02 GMT
Server
AmazonS3
Date
Fri, 16 Sep 2022 12:54:28 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=2628000
Accept-Ranges
bytes
X-Cache-Hits
1
session.php
www.dealnews.com/lw/ 		712 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/session.php?ts=2063924808244330.8&p=2&u=https%3A%2F%2Fwww.dealnews.com%2F&l=atl&d=DESKTOP&n=Super%20Browse&g=DealNews%20Front%20Page%2C%20Traditional&r=&t=INDEX&i=existing_user&w=1600&h=1200
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
efdb2784d0e9ebc144996d54be9d6d7ccbb1b5744225fb065631349d5da2427f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:28 GMT
content-encoding
gzip
server
nginx/1.20.2
vary
Origin, Accept-Encoding, Fastly-SSL
x-cache
MISS
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish
expires
0
cache-control
private, no-cache, no-store
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
stub.min.js
cmp.uniconsent.com/v2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/stub.min.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db8a2379e7116a57079ac0a520e4939767d0a98e8961368bb0e09f9199f5bfa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48085
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 14 Feb 2022 11:32:06 GMT
server
cloudflare
etag
W/"44feca040eb8a4e006870e57965cadd4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUEBdnqPZCPYQFcmTTVsl19T6wCXn1tRiSXqIBWXlyUnDJyqB%2BQpnz9qaJIpZu9j6S5zcn6azwVMUOl9ldo6z27d47A6ohbeht2BY1AprBExpjDx%2BAMUROIEZ6yjG8QLJUtjysw3%2FV4U0rvcXT55J5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
74b9c03e3f54bb4a-FRA
cmp.js
cmp.uniconsent.com/v2/7630b75630/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/7630b75630/cmp.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db625c9b1dfda87270acb2cee33549589e2e922eefdb6e602fbe3ef86f48c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7245
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Sep 2022 10:47:12 GMT
server
cloudflare
etag
W/"efbbe6423ce561f71d04c6f825584941"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GR0yQ3QFVUf1aw%2BJlYy7ZWkxhMT8NB9tXX4QafzSKsCA3QJsbGh4X%2BtsYC0q%2FDcbI%2BNtTOcwc%2FU9QA2wwaU1w%2F6h6z4YT18h%2FwgEar8SbjkV7M4AWAHemLCkcZ0vIpU11L01RD3TlYXRQxZ%2BxZO1bkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
74b9c03e3f55bb4a-FRA
dn-logo-white-web.png
c.dlnws.com/image/upload/c_scale,w_100/creative/logos/ 		981 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.dlnws.com/image/upload/c_scale,w_100/creative/logos/dn-logo-white-web.png
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
06a8ac62f1f1eb0935471679b9fd58e360ff81ace219f1c3c651fb535dd83cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
1517915
Edge-Cache-Tag
57740901878353323500040926339409063230,209298555926272943066138725513038242539,61a8d6e101361542271c7d2de6c10548
Cache-Tag
57740901878353323500040926339409063230,209298555926272943066138725513038242539,61a8d6e101361542271c7d2de6c10548
X-Cache
HIT
Connection
keep-alive
Content-Length
981
X-Served-By
cache-fra19134-FRA
Last-Modified
Thu, 02 Jul 2020 11:05:10 GMT
Server
cloudinary
X-Timer
S1663332869.911841,VS0,VE2
Etag
"0cb3c1eede4e3032386a315a6918ba72"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
jmckrnpsv1rccplopgvr.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/jmckrnpsv1rccplopgvr.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c8332e503a9261bb15192109577a874219a54e7e047037ac525f8281e7fb6b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
14892
Edge-Cache-Tag
64917876489871336177600183674436011939,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
64917876489871336177600183674436011939,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="jmckrnpsv1rccplopgvr.webp"
Connection
keep-alive
Content-Length
3816
X-Served-By
cache-fra19132-FRA
X-Cache
HIT
Last-Modified
Wed, 16 Jun 2021 08:52:21 GMT
Server
cloudinary
X-Timer
S1663332869.846779,VS0,VE1
Etag
"3f1b5096f0f46cefafced55c54765211"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
tjweahg8k2p5tejbhbqe.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/tjweahg8k2p5tejbhbqe.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
41df5dabed00adddac5d754e283f958cb41c46f37ccdf242c5f56e014828710d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
74617
Edge-Cache-Tag
199882361460099248333674913863023667958,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
199882361460099248333674913863023667958,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="tjweahg8k2p5tejbhbqe.webp"
Connection
keep-alive
Content-Length
2850
X-Served-By
cache-fra19124-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 14:50:38 GMT
Server
cloudinary
X-Timer
S1663332869.847425,VS0,VE1
Etag
"824b13fdbdfd31e1c13f4b78aaf97d29"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
tavtqtwo3onqeqsozb1j.png
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/tavtqtwo3onqeqsozb1j.png
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bebfd1b566a6b43898dce4981aa1ee01fbe8b3d77fdb6fc6eeec6a3912153da2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
84238
Edge-Cache-Tag
153733852054896223284177022676177295366,92578254102909617882799954359275699790,61a8d6e101361542271c7d2de6c10548
Cache-Tag
153733852054896223284177022676177295366,92578254102909617882799954359275699790,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="tavtqtwo3onqeqsozb1j.webp"
Connection
keep-alive
Content-Length
1834
X-Served-By
cache-fra19155-FRA
X-Cache
HIT
Last-Modified
Mon, 14 Jun 2021 14:25:07 GMT
Server
cloudinary
X-Timer
S1663332869.847669,VS0,VE1
Etag
"bff7e01d89841bff17ae8671c267200e"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
b732kbb4p3bgo4uevule.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/b732kbb4p3bgo4uevule.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5894ee3d7d4df1ecc61c45f93b0da93ed10f59fdbed792b52a26741ad02bcb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
93265
Edge-Cache-Tag
212080012212297195006942262114850346420,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
212080012212297195006942262114850346420,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="b732kbb4p3bgo4uevule.webp"
Connection
keep-alive
Content-Length
3274
X-Served-By
cache-fra19178-FRA
X-Cache
HIT
Last-Modified
Fri, 02 Sep 2022 10:40:25 GMT
Server
cloudinary
X-Timer
S1663332869.847373,VS0,VE1
Etag
"969f40c8940f57700e5053c5885b0a43"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
oajlnzz6vr9uawktbzjg.png
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/oajlnzz6vr9uawktbzjg.png
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
31d55ac7d1c8d4ec907bb2151871edc6736a4dee83f598d5ce9fb48a1004f3a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
49909
Edge-Cache-Tag
282898463133125200937608853404922110055,92578254102909617882799954359275699790,61a8d6e101361542271c7d2de6c10548
Cache-Tag
282898463133125200937608853404922110055,92578254102909617882799954359275699790,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="oajlnzz6vr9uawktbzjg.webp"
Connection
keep-alive
Content-Length
8662
X-Served-By
cache-fra19170-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 20:41:39 GMT
Server
cloudinary
X-Timer
S1663332869.847494,VS0,VE1
Etag
"2ab99a214d9f63b2632fc24308fbd86f"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
kihucbqcdab1dfj4cs6z.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/kihucbqcdab1dfj4cs6z.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
8daf34ddc58dcb10251e0c8783b53de7363df0cb6e28f65578b7a0f4c0319a6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
66976
Edge-Cache-Tag
166992328424131640343129621977863223238,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
166992328424131640343129621977863223238,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="kihucbqcdab1dfj4cs6z.webp"
Connection
keep-alive
Content-Length
6194
X-Served-By
cache-fra19183-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 17:31:45 GMT
Server
cloudinary
X-Timer
S1663332869.847753,VS0,VE3
Etag
"e0cf5b0a4770ee9cca504384bf0d8b95"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
wofkngonrqpj9kj6nlyd.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/wofkngonrqpj9kj6nlyd.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ff030bb1a91234d887e56dd29a29044b4b65aabcaab6815733fad97cafa11296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
66563
Edge-Cache-Tag
328392451116040541686049490588944622474,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
328392451116040541686049490588944622474,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="wofkngonrqpj9kj6nlyd.webp"
Connection
keep-alive
Content-Length
4738
X-Served-By
cache-fra19124-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 17:41:40 GMT
Server
cloudinary
X-Timer
S1663332869.860075,VS0,VE1
Etag
"8e6e6558af4877fdcaf98a7c7ba26acf"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
lo2kvc9goq89hzs2iryn.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/lo2kvc9goq89hzs2iryn.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
723f373126e07f562d4271e8914dc0d5dd57369f2016dd44ff3770236655f9b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
57109
Edge-Cache-Tag
249831157942784371617060971474686207596,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
249831157942784371617060971474686207596,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="lo2kvc9goq89hzs2iryn.webp"
Connection
keep-alive
Content-Length
11992
X-Served-By
cache-fra19183-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 19:49:59 GMT
Server
cloudinary
X-Timer
S1663332869.859742,VS0,VE0
Etag
"4b7501b4e6bdb5c9d9575b3ac1cdee5f"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
2
ca6yogu6845ppjreyuxf.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ca6yogu6845ppjreyuxf.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
de66a383a3b8fb6f7644d1839bc673c5c6220927b63965c703273112710de3f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
74617
Edge-Cache-Tag
214894771134080743106099028576849362611,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
214894771134080743106099028576849362611,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="ca6yogu6845ppjreyuxf.webp"
Connection
keep-alive
Content-Length
13640
X-Served-By
cache-fra19132-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 15:04:41 GMT
Server
cloudinary
X-Timer
S1663332869.858865,VS0,VE1
Etag
"93d0062a4dd7707e5228c8104f5b26fc"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
hbflonyvh2a4fsalifet.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/hbflonyvh2a4fsalifet.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1cbe064e881b5d18bf2bbff54557cf29735359daff21cfb8e860817c82b5d5b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
1324481
Edge-Cache-Tag
157751557614421720835871146298582395639,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
157751557614421720835871146298582395639,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="hbflonyvh2a4fsalifet.webp"
Connection
keep-alive
Content-Length
2056
X-Served-By
cache-fra19178-FRA
X-Cache
HIT
Last-Modified
Tue, 13 Jul 2021 04:02:50 GMT
Server
cloudinary
X-Timer
S1663332869.861277,VS0,VE1
Etag
"42d5b1060b190184b27fba97d4e0203e"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
js
www.googletagmanager.com/gtag/ 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EN54Z97LG4
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf88381ca25fef969a3cf153cdeb66f0f93954c52ec49711329be6fc4fbdba70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75219
x-xss-protection
0
expires
Fri, 16 Sep 2022 12:54:28 GMT
5f0dcacb5440c8001264fa6f
api.pushnami.com/scripts/v1/pushnami-adv/ 		89 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
/
Resource Hash
b06aa526b2e195b72ae8094c9846133b98d3ffcd3eccf6903cd583df1a3e5c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:50:19 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
age
249
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
FRA60-P3
content-encoding
gzip
x-amz-cf-id
ci9MqtB9iUURdzi82-Ft72G5GHvBXBB8DZWufl1vCvKDljogIongbA==
main.min.js
cmp.uniconsent.com/v2/ 		124 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/main.min.js
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/7630b75630/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbeff590700782181d808a1d71764cba258112f17912edd3f4c52cf4e6511a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48191
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 22 Jul 2022 23:22:03 GMT
server
cloudflare
etag
W/"cc60d36a591e3f0181adc5b1cbf17fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CinYDHctbq31dyaYJWRo3s0ets5b5DrgtcvwwmbAh6jMHrYdSLbyUA4BAK6huHbLHp0jsfz8Zo%2BrcyT6ixEzzmMSukPXP1%2FFSDSbW4LMNbBoFeTkPtO6h0A%2BNuiwr6nt6CIkisHNU4PmlmBPA7vFzyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
74b9c03eb80fbb4a-FRA
Alerts.svg
dealnews.a.ssl.fastly.net/files/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dealnews.a.ssl.fastly.net/files/uploads/Alerts.svg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cf6339864c06b336d8adab6fd9281f10e2cfd161d0954c518c115937b13897e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
q7Gq8oRU6H2m7qKCAsjnHAAxFjblGpr5
Via
1.1 varnish
ETag
"da138adb8cb8c32e6a9c4b842e0557d2"
Age
2779
x-amz-meta-x-keywords
X-Cache
HIT
x-amz-meta-x-source-url
Connection
keep-alive
X-S3-Url
/dealnews.uploads/Alerts.svg
Content-Length
1931
X-Served-By
cache-fra19138-FRA
x-amz-meta-x-source
Last-Modified
Mon, 22 Aug 2022 17:12:17 GMT
Server
AmazonS3
Date
Fri, 16 Sep 2022 12:54:28 GMT
Content-Type
image/svg+xml
Accept-Ranges
bytes
X-Cache-Hits
1
Personalize.svg
dealnews.a.ssl.fastly.net/files/uploads/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dealnews.a.ssl.fastly.net/files/uploads/Personalize.svg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aff06747afdb353ce592b3bfe26bc6285c85fd6202cf31a6c14a2ba67c2da9f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
JzhX3Lq4GLOGCJOGhxzZDDzO4BqTnN6g
Via
1.1 varnish
ETag
"af27f63a04585ee8bf7f407a91faddf1"
Age
2779
x-amz-meta-x-keywords
X-Cache
HIT
x-amz-meta-x-source-url
Connection
keep-alive
X-S3-Url
/dealnews.uploads/Personalize.svg
Content-Length
2761
X-Served-By
cache-fra19138-FRA
x-amz-meta-x-source
Last-Modified
Mon, 22 Aug 2022 17:08:47 GMT
Server
AmazonS3
Date
Fri, 16 Sep 2022 12:54:28 GMT
Content-Type
image/svg+xml
Accept-Ranges
bytes
X-Cache-Hits
1
Comments.svg
dealnews.a.ssl.fastly.net/files/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dealnews.a.ssl.fastly.net/files/uploads/Comments.svg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32397df30d42ef8ff89a3c143675a361b68eb8471eec07b8a6d94dd17e0e788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
7WLQHsLzj79MxXbo_fc76k2OWy67x4Wj
Via
1.1 varnish
ETag
"46b051bb00874962712877c2dcdcc833"
Age
547
x-amz-meta-x-keywords
X-Cache
HIT
x-amz-meta-x-source-url
Connection
keep-alive
X-S3-Url
/dealnews.uploads/Comments.svg
Content-Length
1710
X-Served-By
cache-fra19180-FRA
x-amz-meta-x-source
Last-Modified
Mon, 22 Aug 2022 17:11:22 GMT
Server
AmazonS3
Date
Fri, 16 Sep 2022 12:54:28 GMT
Content-Type
image/svg+xml
Accept-Ranges
bytes
X-Cache-Hits
1
heart-Icon.svg
dealnews.a.ssl.fastly.net/files/uploads/ 		681 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dealnews.a.ssl.fastly.net/files/uploads/heart-Icon.svg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e499043a3e519689203ce5ad599bf331ef30397d87584f54c3b7b5a2a2a2b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
AOpwK8Ylu_pPapmSdKfD.8VKx8Z_tGYA
Via
1.1 varnish
ETag
"cb1f2c9cb1772027e90fddf42271b40f"
Age
547
x-amz-meta-x-keywords
X-Cache
HIT
x-amz-meta-x-source-url
Connection
keep-alive
X-S3-Url
/dealnews.uploads/heart-Icon.svg
Content-Length
681
X-Served-By
cache-fra19134-FRA
x-amz-meta-x-source
Last-Modified
Thu, 01 Sep 2022 15:57:28 GMT
Server
AmazonS3
Date
Fri, 16 Sep 2022 12:54:28 GMT
Content-Type
image/svg+xml
Accept-Ranges
bytes
X-Cache-Hits
1
google_icon.svg
c.dlnws.com/image/upload/v1568828759/creative/icons/ 		833 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.dlnws.com/image/upload/v1568828759/creative/icons/google_icon.svg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b163ccffc514a5d86b836108c2dfa2ae84c71b1af820257d78e048bb384f4ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
1509913
Edge-Cache-Tag
170326365378043225325708294669163328194,61a8d6e101361542271c7d2de6c10548
Cache-Tag
170326365378043225325708294669163328194,61a8d6e101361542271c7d2de6c10548
Content-Disposition
attachment; filename="google_icon.svg"
Connection
keep-alive
Content-Length
833
X-Served-By
cache-fra19134-FRA
X-Cache
HIT
Last-Modified
Wed, 18 Sep 2019 17:46:01 GMT
Server
cloudinary
X-Timer
S1663332869.922171,VS0,VE1
Etag
"780db3ae8cb057382ca45805f832c0ab"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
facebook_icon_white.svg
c.dlnws.com/image/upload/v1569600470/creative/icons/ 		463 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.dlnws.com/image/upload/v1569600470/creative/icons/facebook_icon_white.svg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
03558a79f6d34c406c21c9c3c7807e3485e07d94a416bc8a630ad1f79e6b766f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
914340
Edge-Cache-Tag
109077654884003298465842748263680756279,61a8d6e101361542271c7d2de6c10548
Cache-Tag
109077654884003298465842748263680756279,61a8d6e101361542271c7d2de6c10548
Content-Disposition
attachment; filename="facebook_icon_white.svg"
Connection
keep-alive
Content-Length
463
X-Served-By
cache-fra19134-FRA
X-Cache
HIT
Last-Modified
Fri, 27 Sep 2019 16:07:52 GMT
Server
cloudinary
X-Timer
S1663332869.931792,VS0,VE1
Etag
"17ec5c0c5eac4015d4a5433768a37074"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
map_20180222.svg
www.dealnews.com/images/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dealnews.com/images/map_20180222.svg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
30458c50c79be7e1c20b30412c295f8bc0682d4b1f16667d570ca93aee2fb550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:28 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish
last-modified
Thu, 01 Sep 2022 21:39:48 GMT
server
nginx/1.20.2
age
908881
etag
W/"631126a4-3f23"
vary
Accept-Encoding, Origin, User-Agent, Fastly-SSL
x-cache
HIT, HIT
content-type
image/svg+xml
expires
Thu, 06 Oct 2022 00:26:27 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-encoding
gzip
content-length
6267
x-cache-hits
25, 1
newuserlb_close.png
c.dlnws.com/image/upload/v1626722028/dealnews/images/2013/icons/ 		644 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.dlnws.com/image/upload/v1626722028/dealnews/images/2013/icons/newuserlb_close.png
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.95 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a0a0137eab139b6a47e43ce907a0552975fc9b69aff3335779ef178f653bd70f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:28 GMT
Via
1.1 varnish
Age
317841
Edge-Cache-Tag
293115396676462056160908609363347698810,61a8d6e101361542271c7d2de6c10548
Cache-Tag
293115396676462056160908609363347698810,61a8d6e101361542271c7d2de6c10548
X-Cache
HIT
Connection
keep-alive
Content-Length
644
X-Served-By
cache-fra19124-FRA
Last-Modified
Mon, 19 Jul 2021 19:13:49 GMT
Server
cloudinary
X-Timer
S1663332869.937199,VS0,VE1
Etag
"183d70a6cacbd81b9dfe3db4eed05337"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
api.js
www.google.com/recaptcha/ 		910 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2af452a133c81f05bd5a78974092ccdb5ba115f17ad8a275c2a4e6491b93393
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581
x-xss-protection
1; mode=block
expires
Fri, 16 Sep 2022 12:54:29 GMT
client
accounts.google.com/gsi/ 		186 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
461f906fbdd651ac3cc6e3c4424304be60da05bd573659d5bc855724137ebcb2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F-CnS6EmGgWC7CznzoVL1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-F-CnS6EmGgWC7CznzoVL1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 16 Sep 2022 12:54:29 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
69d981718f42189f55b71a435c4ebcbdfeff3a4e22f10f2fca4f048ed9071e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
BPxEPOcqxctmxcGE9vtaNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
a54nj/zBScksoO3v2uwvl7f2YfzIpF1sMdIWDIeJxqsnIgivxJ6gqgnsanHQA7P46vl+ISqRNyQuFFPyKPouJQ==
x-fb-trip-id
686109401
x-fb-content-md5
8ac41e8ddae8763afd4bd8949d5c8edd
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 12:54:28 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"86e351430b8fe6c04891867e6cb273c6"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 16 Sep 2022 13:08:24 GMT
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=onGoogleLoadCallback
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44a047b06e76316f03b181c187222a6fe44bea60b600e74a42ecb9ae3612fd4a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20366
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Fri, 16 Sep 2022 12:54:29 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"cebe9f508901bf81"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Sep 2022 12:54:29 GMT
slider.js
dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/ 		242 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/slider.js
Requested by
Host: dealnews.a.ssl.fastly.net
URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/dealnews.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e4b121250ff51da4a3db809726aa19764785c96b6f165314e61155f89e06828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
AmnzMvYx8N15PijkZmYPpEMCoFhQConH
Content-Encoding
gzip
ETag
"9768ae2b60c8726ad701440483533801"
Age
297981
X-Cache
HIT
Connection
keep-alive
X-S3-Url
/dealnews.uploads/dealnews-js/1.18.0/slider.js
Content-Length
61936
X-Served-By
cache-fra19134-FRA
Last-Modified
Mon, 11 Jul 2022 19:04:02 GMT
Server
AmazonS3
Date
Fri, 16 Sep 2022 12:54:29 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=2628000
Accept-Ranges
bytes
X-Cache-Hits
1
ul.php
www.dealnews.com/lw/ 		0
216 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
config.json
cmp.uniconsent.com/v2/7630b75630/ 		16 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/7630b75630/config.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80ad049e0264ae7d9ca4bad263cc4b982e5e9612d700ea789c05b24d9ded4d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Sep 2022 10:47:12 GMT
server
cloudflare
etag
W/"38755ddca56a5d075ab0598ef095af35"
x-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWwzRex6OOV%2BF7ttiQi1Ns57u%2F%2FKKT0mZAquOQPQAVIjizbiPUSWhuu3O1V%2FZL0BBi9dNr0HlAzX2a%2BLBkcDJD02moc8f7IzW8PxnCXtbwqMCbgoew6LqEpKdXcTexfpl07zbPCeGBBJ1rBOaYjPUZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
74b9c03ffead913d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sdk.js
connect.facebook.net/en_US/ 		313 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c2ff86efabe4b0e15e49562dacccb407
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e2185b93c667da30953cd3375332234ccfe0038a72f4e23aa1434ca336d83c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.dealnews.com/
Origin
https://www.dealnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GM2LmFTbYCoEjG4GZ3F9Vw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87224
x-fb-rlafr
0
x-fb-debug
t105ay5JHyQJm9VevNpQ6lC4cToZARsK1BZ2XYxY2ah0wXd70QbM3g7PtZynI4tTcFNxDUyed5qfkUbqJN0j8A==
x-fb-content-md5
b0c63c160460415d8f1c8b8105f31f20
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 12:54:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"09ab0c14ae64b11f763494d79ff93752"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Sep 2023 12:22:38 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ 		391 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9337f499c9b0cc63404026b5448c6fd449df6ed57abf148722751a3a4b992c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Origin
https://www.dealnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159646
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 12:49:14 GMT
i5kyggduf9sonnvwllt6.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/i5kyggduf9sonnvwllt6.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5a84605cd88860657c10529ca9e7939dd005212b9bab244656803bc5e26c4b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
8723
Edge-Cache-Tag
170549885175166306764474499167309306125,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
170549885175166306764474499167309306125,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="i5kyggduf9sonnvwllt6.webp"
Connection
keep-alive
Content-Length
10402
X-Served-By
cache-fra19178-FRA
X-Cache
HIT
Last-Modified
Fri, 16 Sep 2022 10:08:43 GMT
Server
cloudinary
X-Timer
S1663332869.215761,VS0,VE1
Etag
"9dd1619cfc852c1aeaefb122b5d34de5"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
t4x2mtjimyqnwwrn12qb.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/t4x2mtjimyqnwwrn12qb.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a49a2419440a21770131fcfe002af1b2b5bc8aa673c90ee0195615d2a50d6b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
66819
Edge-Cache-Tag
356134569684652294720913017343863563226,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
356134569684652294720913017343863563226,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="t4x2mtjimyqnwwrn12qb.webp"
Connection
keep-alive
Content-Length
4150
X-Served-By
cache-fra19124-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 17:22:22 GMT
Server
cloudinary
X-Timer
S1663332869.216734,VS0,VE1
Etag
"040b7a852a521ab2fdba64620e2d9ff4"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
alpvas7yot3hg2q5j19i.png
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/alpvas7yot3hg2q5j19i.png
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b92e01788214c86628f07d427d7d0b88920bca7ffa3dbff917f43b0cf10274a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
4616
Edge-Cache-Tag
202306294558113528733063010309219125571,264496192216851549667378679364753059938,61a8d6e101361542271c7d2de6c10548
Cache-Tag
202306294558113528733063010309219125571,264496192216851549667378679364753059938,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="alpvas7yot3hg2q5j19i.webp"
Connection
keep-alive
Content-Length
3588
X-Served-By
cache-fra19132-FRA
X-Cache
HIT
Last-Modified
Thu, 08 Sep 2022 16:32:24 GMT
Server
cloudinary
X-Timer
S1663332869.219535,VS0,VE1
Etag
"7afe5bc43a01b2a75ff0f6ee60733042"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
kihucbqcdab1dfj4cs6z.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/kihucbqcdab1dfj4cs6z.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ff1e37a6f3d9a40f8459750ccaaf41e6c230c11e2035962dcac46f72d52885a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
66819
Edge-Cache-Tag
166992328424131640343129621977863223238,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
166992328424131640343129621977863223238,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="kihucbqcdab1dfj4cs6z.webp"
Connection
keep-alive
Content-Length
4716
X-Served-By
cache-fra19183-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 18:02:23 GMT
Server
cloudinary
X-Timer
S1663332869.216912,VS0,VE2
Etag
"6d60ed0481757b19d69e5227e594c82d"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
wofkngonrqpj9kj6nlyd.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/wofkngonrqpj9kj6nlyd.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4c99f0f0f7957ed40382c6fe57cc2c2aba38a1cff3ff39c5ea44b050ba710d91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
64965
Edge-Cache-Tag
328392451116040541686049490588944622474,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
328392451116040541686049490588944622474,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="wofkngonrqpj9kj6nlyd.webp"
Connection
keep-alive
Content-Length
3742
X-Served-By
cache-fra19155-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 18:22:52 GMT
Server
cloudinary
X-Timer
S1663332869.217142,VS0,VE1
Etag
"9977a22e20e45ee20f341e0aa383bde4"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
lo2kvc9goq89hzs2iryn.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/lo2kvc9goq89hzs2iryn.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
82ce4bf182dd07d37156ffded883f57d8fd13b80e970f5ad2258a2beec5c2ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
48144
Edge-Cache-Tag
249831157942784371617060971474686207596,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
249831157942784371617060971474686207596,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="lo2kvc9goq89hzs2iryn.webp"
Connection
keep-alive
Content-Length
8754
X-Served-By
cache-fra19170-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 20:42:23 GMT
Server
cloudinary
X-Timer
S1663332869.217012,VS0,VE1
Etag
"a54cdc2275337df5b831136131001651"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
style
accounts.google.com/gsi/ 		533 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-LKnRuC-MXScpIrmOKYlgNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-LKnRuC-MXScpIrmOKYlgNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 16 Sep 2022 12:54:29 GMT
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=240283651047-2k9j9dpqt61kh002lfn5f9dptm2vo4bt.apps.googleusercontent.com&as=ZbsPFuQ9jl1KHkr17NrifA
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69afd4a6d8285a2adac9cc317a78ce2b1270050206b96ef505901b4f2221a5e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GVjVyjUhJ84RLXw2QPpOCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-GVjVyjUhJ84RLXw2QPpOCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
cmp.uniconsent.com/json/ 		73 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/json/
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08ddfd460f2b95eb29693ca14e55662d499a2481ac4485ee9599cecc839e5d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8KdFuIGcyQXtlMAR27iRj%2BmH53lt8knAheMmkeTkIZbTlzaFsRvG%2FJaiQY9A0mCXVZ4S8Im%2FOjoI7dq2AQf67sYJT37RJNqPQZ1H4s55cwL5T8%2FVBRcqedw7J7xmxCbAxb5ECFR7xsyIELOUl6Do%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
74b9c040e8b3913d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=16976398217&ev=fb_page_view&dl=https%3A%2F%2Fwww.dealnews.com%2F&rl=&if=false&ts=1663332869266&sw=1600&sh=1200&at=
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 16 Sep 2022 12:54:29 GMT
ads.js
v3s8r2c3.stackpathcdn.com/ 		140 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v3s8r2c3.stackpathcdn.com/ads.js?a=1&ad_block=1
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
baae017ded2089d8c6173a41598210e58dc9d501966fa06916e92080cdba8623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 15:12:12 GMT
server
AmazonS3
etag
"b590bb023f189f4af7c50dc2454950d2"
x-cache-status
HIT
x-hw
1663332869.cds012.fr8.hn,1663332869.cds216.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
141
vendor-list.json
cmp.uniconsent.com/v2/ 		385 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/vendor-list.json
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787154693674c873a21656573c1b8f034457043f5d13e3e279eca38186db1821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Sep 2022 19:10:02 GMT
server
cloudflare
etag
W/"1eaf715498feab63b3092307ccbe856a"
x-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIR2u5uO8%2F64KdqpFeT1pCErv5UKZOf71yYsHIZ6FK7TafKYzdGUFk18CO7Qu%2B2KF6SncBGu%2BwdCcpzbBmagI0F9EjbEejSiVMN7cFPRjsxo%2FeEyjWvY19aInMKDBPO9PJWZP4iPpp9vZTHNFgngdwI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
74b9c0414988913d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.dealnews.com/async/grids/ 		535 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/async/grids/?h=eyJpIjoiMjAzOTEyNDUsMjA0NDc2OTksMjA0NDc4ODgsMjA0NDc3ODMsMjA0NDg5MjAsMjA0NDg1NDIsMjA0NDkwNjcsMjA0NDc2MDYsMjA0NDc5MzAsMjA0NDgzMDgsMjA0NDc2OTYsMjA0NDc2ODcsMjA0MzUxNDEsMjA0NDc2OTAsMjA0NDc4NjEsMjA0MzUxMzgsMjA0NDkxMDAsMjA0NDg1NDgsMjA0NDc5NzUsMjA0NDY0NDIsMjA0NDkxMDMsMjA0NDkyOTIsMjA0NDc2ODEsMjA0NDg5OTUsMjA0MzUyOTEsMjA0MjE2NTMsMjA0MjI4NTAsMjA0NDc1OTEsMjA0NDg5NTAsMjA0NDY0MzAsMjA0NDkxNDgsMjA0NDg1MjEsMjA0NDkyMzIsMjA0NDc2NDgsMjA0NDg5MjksMjA0NDgwMzIsMjA0MjU1MTEsMjA0NDc3NjUsMjA0NDkxMTIsMjA0NDQ1MTYsMjA0NDc2MzMsMjA0NDg1MjQsMjA0NDc5MTIsMjA0NDc4MTkiLCJlIjowLCJjIjo0MCwiZyI6IkNvbnRlbnRDYXJkIiwidyI6MSwiZ3V0dGVyIjpmYWxzZSwieCI6ImV5Sm1iM0pqWlY5cGJXRm5aU0k2ZEhKMVpTd2lkR2wwYkdWZmJHbHRhWFJmYzIxaGJHd2lPako5In0=
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
8647cf7583e55b3ef39d64bb217644e353dba1617f1fff9ce8a96cec7b22569e

Request headers

Accept
dealnews/json, */*; q=0.1
Referer
https://www.dealnews.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
Content-Accept
dealnews/json
X-Device-Target
DESKTOP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish
server
nginx/1.20.2
age
0
x-dn-device-target
DESKTOP
x-dn-page-id
vary
Origin, Accept-Encoding, User-Agent, Fastly-SSL
x-cache
HIT, MISS
content-type
dealnews/json; charset=utf-8
content-encoding
gzip
x-dn-page-type
MISC
accept-ranges
bytes
x-robots-tag
noindex
content-length
56213
x-cache-hits
2, 0
ul.php
www.dealnews.com/lw/ 		0
66 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
ul.php
www.dealnews.com/lw/ 		0
32 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
astwgao89mqvtglsavx7.png
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/astwgao89mqvtglsavx7.png
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
8cd5b43bc49f6d23d6b3b7bf71ee4c8f087bae585cfe62f242e2df606a0dd776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
557386
Edge-Cache-Tag
215732342425212274417664940741156165853,92578254102909617882799954359275699790,61a8d6e101361542271c7d2de6c10548
Cache-Tag
215732342425212274417664940741156165853,92578254102909617882799954359275699790,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="astwgao89mqvtglsavx7.webp"
Connection
keep-alive
Content-Length
8024
X-Served-By
cache-fra19132-FRA
X-Cache
HIT
Last-Modified
Fri, 09 Sep 2022 23:21:17 GMT
Server
cloudinary
X-Timer
S1663332869.375460,VS0,VE1
Etag
"b72105f6a1dab89d330c51ac70b5873b"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
wikhs2nv2huzrasbarzj.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/wikhs2nv2huzrasbarzj.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
38c545315c6ca224c17a58019d1d1a024661ce54fe16fd24d13824c74c99e998

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
255605
Edge-Cache-Tag
386256806274100536387100300910973288331,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
386256806274100536387100300910973288331,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="wikhs2nv2huzrasbarzj.webp"
Connection
keep-alive
Content-Length
11518
X-Served-By
cache-fra19170-FRA
X-Cache
HIT
Last-Modified
Wed, 31 Aug 2022 23:03:30 GMT
Server
cloudinary
X-Timer
S1663332869.378575,VS0,VE21
Etag
"628a1958bf633cce01db8330cc6b4ca5"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
snzznmvpg80ojyvuht6u.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/snzznmvpg80ojyvuht6u.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
75cc3fa770e910cf839784e1a2df124d5cf0144afdea9411fa0f9ca4336bb026

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
255605
Edge-Cache-Tag
371840785701319566114930382170098627885,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
371840785701319566114930382170098627885,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="snzznmvpg80ojyvuht6u.webp"
Connection
keep-alive
Content-Length
15894
X-Served-By
cache-fra19183-FRA
X-Cache
HIT
Last-Modified
Mon, 28 Mar 2022 23:21:00 GMT
Server
cloudinary
X-Timer
S1663332869.377612,VS0,VE2
Etag
"032f95cd3f41bdf3a7fdb966e41c4d8d"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
wfdklwj9buh32z0mz5vw.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/wfdklwj9buh32z0mz5vw.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d99c1e70fd5d708a6a6f2e2129be4001d765d8dfd37c6dafe7a89b63a38118a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
255604
Edge-Cache-Tag
244073431852431107065486715396828682291,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
244073431852431107065486715396828682291,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="wfdklwj9buh32z0mz5vw.webp"
Connection
keep-alive
Content-Length
11622
X-Served-By
cache-fra19124-FRA
X-Cache
HIT
Last-Modified
Mon, 13 Sep 2021 11:02:42 GMT
Server
cloudinary
X-Timer
S1663332869.377439,VS0,VE1
Etag
"a0f8d83d0a6f445fa514622c3ae23671"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
iz3h5ei36j6cprcq6eya.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/iz3h5ei36j6cprcq6eya.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c52f7ade0bf364a4707457a4f73d476c4f173b327e3d37ec3f362de970137309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
255604
Edge-Cache-Tag
352434364783794816480592226219516193958,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
352434364783794816480592226219516193958,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="iz3h5ei36j6cprcq6eya.webp"
Connection
keep-alive
Content-Length
15190
X-Served-By
cache-fra19155-FRA
X-Cache
HIT
Last-Modified
Mon, 06 Sep 2021 11:02:15 GMT
Server
cloudinary
X-Timer
S1663332869.377607,VS0,VE1
Etag
"171704e3174a17a1895b83c4474e8efc"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
i5kyggduf9sonnvwllt6.jpg
cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/c_lpad,dpr_auto,f_auto,h_300,q_auto:low,w_300/content/i5kyggduf9sonnvwllt6.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a34acc4216f2a5991349a65fc567425a4d85c6446f58a3c6c569b9a85bbce1f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:29 GMT
Via
1.1 varnish
Age
8887
Edge-Cache-Tag
170549885175166306764474499167309306125,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Cache-Tag
170549885175166306764474499167309306125,220864013991055322830583386920151769612,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="i5kyggduf9sonnvwllt6.webp"
Connection
keep-alive
Content-Length
13592
X-Served-By
cache-fra19178-FRA
X-Cache
HIT
Last-Modified
Fri, 16 Sep 2022 10:08:42 GMT
Server
cloudinary
X-Timer
S1663332869.377241,VS0,VE8
Etag
"301ed305002024250dc31ad8f5c66e78"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
General-Placement-Sep2022.jpg
dealnews.a.ssl.fastly.net/files/uploads/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dealnews.a.ssl.fastly.net/files/uploads/General-Placement-Sep2022.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61c0a3c47c676ade3fd4856c766fa5689049ec259220852ce7869ec7250754c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
jPcphSFQjii.WFm6lTFyOTQ0AqjlIu2G
Via
1.1 varnish
ETag
"d713337ce72e66fda3769956a2b2d7b1"
Age
547
x-amz-meta-x-keywords
X-Cache
HIT
x-amz-meta-x-source-url
Connection
keep-alive
X-S3-Url
/dealnews.uploads/General-Placement-Sep2022.jpg
Content-Length
60358
X-Served-By
cache-fra19134-FRA
x-amz-meta-x-source
Last-Modified
Thu, 01 Sep 2022 14:18:44 GMT
Server
AmazonS3
Date
Fri, 16 Sep 2022 12:54:29 GMT
Content-Type
image/jpeg
Accept-Ranges
bytes
X-Cache-Hits
1
logger.php
www.dealnews.com/lw/ 		16 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/logger.php
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
server
nginx/1.20.2
vary
Origin, Accept-Encoding, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
via
1.1 varnish
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		174 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69da92ee09ff50fab9e5fa904cbdd342426c4ce6cfce08ccf12f04a7c21f14cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60296
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Sep 2022 12:54:29 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1054
date
Fri, 16 Sep 2022 12:36:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 16 Sep 2022 14:36:55 GMT
589xd066238.js
tracker.marinsm.com/tracker/async/ 		0
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.marinsm.com/tracker/async/589xd066238.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-67.fra2.r.cloudfront.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 02:26:11 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
Apache/2.4.6 (CentOS)
age
37698
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C1
x-marintrackerversion
3
content-length
0
x-amz-cf-id
5Kk1CRBnHGg9mSfoMHS_m0CD-HkgdRWWEU6ZehZgVqmVwis8Vtfxjw==
expires
Fri, 16 Sep 2022 02:29:04 GMT
anchor
www.google.com/recaptcha/api2/ Frame 48E7 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=zc3tve37nr4y
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f6b994ba9b12a1bf42065ab338fb8af512e73e8f03ca0da2a75fd2a890f5f941
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JpnOnffS7Fra1WkKLL2liQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22900
content-security-policy
script-src 'report-sample' 'nonce-JpnOnffS7Fra1WkKLL2liQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
339 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EN54Z97LG4&gtm=2oe9e0&_p=165432678&cid=419323822.1663332870&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663332869&sct=1&seg=0&dl=https%3A%2F%2Fwww.dealnews.com%2F&dt=Best%20Deals%20Online%20-%20Today%27s%20Best%20Daily%20Deals&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EN54Z97LG4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=onGoogleLoadCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 00:13:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36464
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 00:13:05 GMT
dealnewscom_new.min.js
dsh7ky7308k4b.cloudfront.net/publishers/ 		1 MB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-168.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18ede46135e43d30d1d6affe6cdf5b581484c2d54bc840aedc6d1f1dfb6d5404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 12:39:10 GMT
content-encoding
br
age
692119
x-cache
Hit from cloudfront
x-amz-meta-ctime
1662638620
x-amz-meta-mode
33188
last-modified
Thu, 08 Sep 2022 12:03:41 GMT
server
AmazonS3
etag
W/"8a47ea9be3c3908d5f1d71fb6e7ee6a1"
x-amz-meta-uid
0
vary
Accept-Encoding
x-amz-meta-gid
0
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
XDmsaOhWXQOKcdQoD2CY2RJjplym2_A9cF6ncO-KgaQFsLjOzA9akw==
x-amz-meta-atime
1634903842
x-amz-meta-mtime
1662638620
tag
btloader.com/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5184339635601408&upapi=true
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
247ce0b20a25603aab61151ac35cb6cf3c1b16c8721b46ba8fc6ebf997a4575d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b9c043dc6c924a-FRA
date
Fri, 16 Sep 2022 12:54:29 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 12:48:23 GMT
server
cloudflare
age
272
etag
W/"d8b40f3560917c01ad7761e8ef750197"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVlvgQkO3mmaQVD9urAN3wOMRs8E%2Bg45bi2OvR%2Ffkj5sIBvDscFoVgQVcmfTxeJdV5uKpvDZxhx80yjaNNZRtxP4LzEH0OeQWqgMam7BosljBbWXUndSziadH6hoEL9B7dRnZyRvo66uQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=165432678&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dealnews.com%2F&ul=en-us&de=UTF-8&dt=Best%20Deals%20Online%20-%20Today%27s%20Best%20Daily%20Deals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABQAAAAC~&jid=940619995&gjid=1100691531&cid=419323822.1663332870&tid=UA-70020-1&_gid=1380188583.1663332870&_r=1&_slc=1&cd1=DealNews%20Front%20Page%2C%20Traditional&cd2=Super%20Browse&cd3=DESKTOP&cd5=3n5w98ufw0qdo81dkcfihNOS7kO17ItF&cm1=1&cm2=0&cg1=DealNews%20Front%20Page%2C%20Traditional&cg2=Super%20Browse&z=1286147663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ Frame 48E7 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=zc3tve37nr4y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 12:43:16 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ Frame 48E7 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=zc3tve37nr4y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9337f499c9b0cc63404026b5448c6fd449df6ed57abf148722751a3a4b992c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159646
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 12:49:14 GMT
ul.php
www.dealnews.com/lw/ 		0
32 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-613657585
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d8c4234771ad9c98b855ea41b28ef63644e1228e3578d0588d0272094619698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46555
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Sep 2022 12:54:29 GMT
content
api.dealnews.com/ 		213 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dealnews.com/content?facet_ids=1792&count=30
Requested by
Host: dealnews.a.ssl.fastly.net
URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/slider.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
8dfc9626eaa0652d62044b02f8cef0c5d632c668c01b4a4355f9c6d4ca5b9f0a

Request headers

Accept
application/json
Cache-Control
no-cache
Authorization
DN jxqfz29pbv9xpWSYnmJX
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer
https://www.dealnews.com/

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
age
0
x-cache
HIT, MISS
access-control-max-age
86400
content-length
20330
x-served-by
cache-fra19168-FRA
access-control-allow-origin
https://www.dealnews.com
server
nginx/1.20.2
x-timer
S1663332870.333480,VS0,VE526
x-pagemill
true
vary
Origin, Accept-Encoding, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
7, 0
content
api.dealnews.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.dealnews.com/content?facet_ids=1792&count=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control
Access-Control-Request-Method
GET
Origin
https://www.dealnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,cache-control
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
age
0
content-type
application/json; charset=utf-8
date
Fri, 16 Sep 2022 12:54:30 GMT
server
nginx/1.20.2
vary
Origin, Accept-Encoding, Fastly-SSL
via
1.1 varnish (Varnish/6.0), 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-pagemill
true
x-served-by
cache-fra19168-FRA
x-timer
S1663332870.871243,VS0,VE430
iframe
accounts.google.com/o/oauth2/ Frame C974 		280 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
845026e1fa34e2ac7f7e8ccef9c9ca4ad0a87b5cffffb844564caf76275c5d12
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tr2J6YiE0miCYUS6_Z_jxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tr2J6YiE0miCYUS6_Z_jxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70020-1&cid=419323822.1663332870&jid=940619995&gjid=1100691531&_gid=1380188583.1663332870&_u=YADAAAAAQAAAAC~&z=271460307
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Sep 2022 12:54:29 GMT
content-type
text/plain
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
;ID=179831;size=0x0;setID=462943;type=json;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/adserve/;ID=179831;size=0x0;setID=462943;type=json;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.242.21 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.242.201.195.clients.your-server.de
Software
nginx /
Resource Hash
8d97b07f5282ecb19876e40209098d71688c26297493e816687d4d45da0355cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
https://www.dealnews.com
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
;ID=179831;size=0x0;setID=462943;type=json;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/adserve/;ID=179831;size=0x0;setID=462943;type=json;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.242.21 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.21.242.201.195.clients.your-server.de
Software
nginx /
Resource Hash
63a404e7f023e1b5129d8e4005e0fa080c2fd51d1ab50c00072f25865ea8f303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
https://www.dealnews.com
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 16 Sep 2022 12:54:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310343
x-guploader-uploadid
ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROFkw9uz7wsoChPJFPoWcb4Jt4iiFcFRHtB1Bb3vy7wYxs8YrVeOefAsp97bBTo1OI7wyw7joLls7bVB%2FWzKnCM0Wd7GJT8AHqrB2Wqi8bwPsPusAz0OB5ZeLpJdMO4rBI2%2BgJrP8A%2Bqz4hjZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
74b9c044ba90696f-FRA
expires
Mon, 12 Sep 2022 23:42:06 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 15:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 15:11:29 GMT
px.gif
ad-delivery.net/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8076864661566447
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 16 Sep 2022 12:54:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310343
x-guploader-uploadid
ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLdyXkZ87rGpEsdbK97ZKL0ly5zSHGZss032i0e5mlOFLpfldd8HyZ9xxGVjE0eZ87HQJ6ZPvItIA3C5UaU%2FSMY8z2L%2Bvll3CtFbO0FNHsa%2FPXTez4a0FHT0Rz5KKp%2BrLkZSusXmlZShx%2BXv6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
74b9c044ba92696f-FRA
expires
Mon, 12 Sep 2022 23:42:06 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-613657585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 12:54:29 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0ED781A64FCE4B088D5E3CBBFF4C38C3 Ref B: FRAEDGE1519 Ref C: 2022-09-16T12:54:29Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Fri, 16 Sep 2022 12:54:29 GMT
accept-ranges
bytes
content-length
11367
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
3f6ea66f4fee4e8832b05633a298a1de7a9c56c89091545674eb34f7ce03dd9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27871
x-xss-protection
0
server
sffe
etag
"1335 / 407 of 1000 / last-modified: 1663326453"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Sep 2022 12:54:29 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 12:12:56 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:33 GMT
server
AmazonS3
age
2494
etag
W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA2-C1
content-encoding
gzip
x-amz-cf-id
7m8r1VoQ9wrY9NtHr8ZEiNoYW-81ICFCpcKgnb7qNkW61hWjMJgl0A==
grumi-ip.js
rumcdn.geoedge.be/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/grumi-ip.js
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 10:35:47 GMT
content-encoding
br
last-modified
Tue, 06 Sep 2022 10:54:05 GMT
server
AmazonS3
age
8324
etag
W/"8ad2beee52c2abad4a49b927b72d3048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
1BIxzu5676QR4yAS6EQx2nc5_ZTf4cJQ
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
pIQvkuMYVAEB_6ydGIwqPKFhkYqs0QSjSXMYPLX7uqF7vaIXLCoGgw==
cookie_sync
prebid-server.pubgalaxy.com/ 		2 KB
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.pubgalaxy.com/cookie_sync
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.165.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-165-253.compute-1.amazonaws.com
Software
/
Resource Hash
fc91d3152f47b99eeb0ec8544c6a66d8b71c77e791f12da57f1d1a33d53cf1b7

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
636
expires
0
auction
prebid-server.pubgalaxy.com/openrtb2/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.pubgalaxy.com/openrtb2/auction
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.165.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-165-253.compute-1.amazonaws.com
Software
/
Resource Hash
0f4ef75c22d299ab0de69902e9e8423ed9481da8e073b3de897cbc932d690243

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-prebid
pbs-java/1.89.0
content-type
application/json
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
4050
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=330726&zone_id=2172792%3B1750560%3B1750556%3B1750554%3B1750566%3B2172866%3B1750564&size_id=15%3B15%3B2%3B2%3B15%3B15%3B15&alt_size_ids=13%2C14%3B%3B%3B%3B%3B13%2C14%3B&gdpr=0&us_privacy=1---&rp_schain=1.0,1!pubgalaxy.com,3800,1,,,&rf=https%3A%2F%2Fwww.dealnews.com%2F&tg_i.page=https%3A%2F%2Fwww.dealnews.com%2F&tg_i.domain=dealnews.com&tg_i.pbadslot=div-gpt-ad-dealnewscom39471%3Bdiv-gpt-ad-dealnewscom37576%3Bdiv-gpt-ad-dealnewscom37573%3Bdiv-gpt-ad-dealnewscom37572%3Bdiv-gpt-ad-dealnewscom37579%3Bdiv-gpt-ad-dealnewscom39472%3Bdiv-gpt-ad-dealnewscom37578&tk_flint=pbjs_lite_v7.10.0&x_source.tid=a137a761-dbab-468b-9bfe-0871e62ae0e5%3Be8596551-5186-45e8-beeb-4794cc2db485%3B766bb91c-2754-48ff-bb76-b4c7a2dfc067%3Baa56a7b2-ca7c-40d8-b976-354d54b23f8f%3Bc71a3bf0-72ec-4e33-8b54-2b3f3c772051%3B8bc01bb0-28dd-41ce-8475-bb675c32cece%3Bbda24b62-9394-4878-a5d5-ca40e64dfd2c&l_pb_bid_id=16630b7f90173a7%3B170712404befa3%3B1803d03ccf92623%3B1941b8a08af5bcd%3B206bb15e53b3c66%3B2169b70c877dce8%3B22a492454d282d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=3&slots=7&rand=0.8006886603205916
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ba822a1798d65e05f0cfa29442781944e6ee107d5efc3992e96057f001a7373

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:30 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.dealnews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
399
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.dealnews.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=51124748125&lsavail=0
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
hb
ssc.33across.com/api/v1/ 		87 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aY3r94IP4r7iogrkHcnlKl
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aY3r94IP4r7iogrkHcnlKl
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aY3r94IP4r7iogrkHcnlKl
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aY3r94IP4r7iogrkHcnlKl
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aY3r94IP4r7iogrkHcnlKl
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aY3r94IP4r7iogrkHcnlKl
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aY3r94IP4r7iogrkHcnlKl
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208968e1e10b95&pos=8a969469017c7c3157a03627078b017e&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6871b64d1f495b97f0ad4f4bf7be8a77bf6f86f1df0a584e3203f6d9ccb124e5

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208968e1e10b95&pos=8a9690260176766d0561899534410b4e&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
dd002b246d22be6295ca76e9a22cf845925f27ee59f3c56853286392002690f4

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208968e1e10b95&pos=8a9690260176766d056189905dd40b4d&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
90f1f713ef26870b1eb00e3aac5958a26ff4d117dd020ced646a450d1e316bcf

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208968e1e10b95&pos=8a9699b70176766cfff7898baf9e0b51&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e2c84f1d0ea118080b24b543c0612114db1c0f4d4cbb09a5f0a2ce56c16ecc85

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208968e1e10b95&pos=8a9694040176766d0a2089980d690ba4&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
39e5a86cfb3db6af67c1dabf0731008b873d07699b8b877130c1985bf8f167fc

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208968e1e10b95&pos=8a96981d017c7c314ba33629d0610184&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
b0d20eceb72bd6b00c9777c74a2691a486982b007a3302ca63b7da8e550751dc

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694040176766d0a208968e1e10b95&pos=8a9699b70176766cfff78996ea260b57&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
49c464c75746092461d258465319200145abb96abcbb52c17ea7a804ab09fd7c

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
content-length
62
prebid
mp.4dex.io/ 		114 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfe67e02f3687e24129c5f1e2df7b688a4d97d4a857ebd910a30225883276b2

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
74b9c04609ad923b-FRA
pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: div-gpt-ad-dealnewscom39471, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: div-gpt-ad-dealnewscom39472
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
x-err
Shapings: no adunits with size and seat and mapping
pb
ad.360yield.com/ 		0
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.203.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-203-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		482 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3153563c6b618a95af03d1dc02947a6ead65aa75ee68c80013d9babbfb1b8e55
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:30 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
85664721-d9cd-42f0-a19a-53849adcee33
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.dealnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
482
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=720920&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2287ea4c1d4f97982%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dealnews.com%2F%22%2C%22domain%22%3A%22dealnews.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dealnews.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A7%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A7%2C%22ren%22%3Afalse%2C%22version%22%3A%227.10.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.dealnews.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A3%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22div-gpt-ad-dealnewscom37578%22%2C%22adunitcode%22%3A%22div-gpt-ad-dealnewscom37578%22%2C%22divId%22%3A%22div-gpt-ad-dealnewscom37578%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2288c32c328932ff2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22720920%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22720920%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22720920%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22a137a761-dbab-468b-9bfe-0871e62ae0e5%22%7D%7D%2C%7B%22id%22%3A%2289af1e1f0cfc489%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22532539%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22e8596551-5186-45e8-beeb-4794cc2db485%22%7D%7D%2C%7B%22id%22%3A%22904aa96e4d36ebf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22532537%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22766bb91c-2754-48ff-bb76-b4c7a2dfc067%22%7D%7D%2C%7B%22id%22%3A%2291016d9dc9b53c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22532536%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22aa56a7b2-ca7c-40d8-b976-354d54b23f8f%22%7D%7D%2C%7B%22id%22%3A%2292afc517c803835%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22532541%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22c71a3bf0-72ec-4e33-8b54-2b3f3c772051%22%7D%7D%2C%7B%22id%22%3A%22935fe6ffe29c453%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22720921%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22720921%22%2C%22sid%22%3A%22200x200%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22720921%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%228bc01bb0-28dd-41ce-8475-bb675c32cece%22%7D%7D%2C%7B%22id%22%3A%2294149227c9636fc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22532540%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22bda24b62-9394-4878-a5d5-ca40e64dfd2c%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubgalaxy.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%223800%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f981789e4a31af8f263eb84b1e571255c33f4f6e65c8984b3ee05efa629e0f1e

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJshdfew%2BBtg3ehWcBMBR%2Bwo4mwPndQa0lDebEkWtS5kHZYkCCLtfqPMyB0a3FB9eC5uYjfqrn9hz5CyOe6tl9eZN1Y3%2F9ZYE6Mp6gZ1%2F45q1PA4AgK5lXtsday6hEsbJKDoriXL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74b9c046196a91ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
trinity.json
apex.go.sonobi.com/ 		651 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2296a15cec14e07e1%22%3A%227de9bdd6835998df2773%7C200x200%2C250x250%2C300x250%7Cgpid%3Ddiv-gpt-ad-dealnewscom39471%2Cc%3Dd%2C%22%2C%2297b5a1c6dfd4167%22%3A%22cfb5ec964cc27dfcd72b%7C300x250%7Cgpid%3Ddiv-gpt-ad-dealnewscom37576%2Cc%3Dd%2C%22%2C%229836384a458ad5b%22%3A%229deef8b1ff2146e6f6c7%7C728x90%7Cgpid%3Ddiv-gpt-ad-dealnewscom37573%2Cc%3Dd%2C%22%2C%22991f70b339d2fcc%22%3A%22941748a6653790da8e5e%7C728x90%7Cgpid%3Ddiv-gpt-ad-dealnewscom37572%2Cc%3Dd%2C%22%2C%2210054a0d8fbd06a4%22%3A%22c22d96e3c978f5274047%7C300x250%7Cgpid%3Ddiv-gpt-ad-dealnewscom37579%2Cc%3Dd%2C%22%2C%22101993f51a5de3f3%22%3A%22f148b4348154e2d44ff7%7C200x200%2C250x250%2C300x250%7Cgpid%3Ddiv-gpt-ad-dealnewscom39472%2Cc%3Dd%2C%22%2C%22102a5aac2d06a5ac%22%3A%224650ba914a45391f32cd%7C300x250%7Cgpid%3Ddiv-gpt-ad-dealnewscom37578%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.dealnews.com%2F&s=717539a6-1c45-4c98-bfe3-795e576c4e41&pv=a22c2731-c75b-49fe-9d75-a4733647a40a&vp=desktop&lib_name=prebid&lib_v=7.10.0&us=3&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dealnews.com%2F%22%2C%22domain%22%3A%22dealnews.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dealnews.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=0&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubgalaxy.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%223800%22%7D%5D%7D&us_privacy=1---&coppa=0
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
af5a3d364bd26c02f88c916bbbf2d529f8a3638dc589ceb62318ebe6922c7bbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:30 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-79
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.dealnews.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
430
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		848 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
684ca53eb93a7d9485eed3b21ed1cc4284991aa20f5e5de144b42b76909c9f05
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Sep 2022 12:54:30 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
444883c8-100a-410d-8099-481c662106fe
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.dealnews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.192.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.192.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.192.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.192.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.192.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.192.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.192.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-192-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.10.0&referrer=https%3A%2F%2Fwww.dealnews.com%2F&tmax=1800&gdpr=false&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.177.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-177-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
accept-ch
sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame C974 		2 KB
846 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de2297245e86897687e51c004aa41563bdac780d75a082da61997fc2aa3ddc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 48E7 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=zc3tve37nr4y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9430bcc9d39849aac0786a7b4e31c0c508f9cfa27e3165fb67daacc45f0a8975
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys&co=aHR0cHM6Ly93d3cuZGVhbG5ld3MuY29tOjQ0Mw..&hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=zc3tve37nr4y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 16 Sep 2022 12:54:30 GMT
71VQ+Px1mCL._AC_SL1500_.jpg
m.media-amazon.com/images/I/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/71VQ+Px1mCL._AC_SL1500_.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9800:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8e5ae300a6f3cfe0cf1115ef37e705157de2f4be5e9f723f8489ae46432d542f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:45:52 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
age
3359318
edge-cache-tag
x-cache-107,/images/I/71VQ+Px1mCL
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
146190
surrogate-key
x-cache-107 /images/I/71VQ+Px1mCL
last-modified
Thu, 02 Jun 2022 08:31:40 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
14e9fdf0-9980-4bfd-9b0c-5afc9185d737
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
VrURjDMvW4mn1fxooPquiE6d9H5OBV_sUH52aMhVIfeU94253tmkpA==
expires
Sun, 03 Aug 2042 06:39:47 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2s0_KPlj5D0.es5.O/d=1/rs=AOaEmlFgTKBrXDFZ4TTuG9t7xzvUooFoVQ/ Frame C974 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2s0_KPlj5D0.es5.O/d=1/rs=AOaEmlFgTKBrXDFZ4TTuG9t7xzvUooFoVQ/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fbfc9cc36bed308077b4873b0c0ad8e155ee376c3cf9c5e649178739f4f72a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 03:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34825
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 02:40:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 03:48:28 GMT
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=hvt6xp4oU1&w=5205659925610496&o=5184339635601408&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.dealnews.com%2F&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5184339635601408&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
36002962.js
bat.bing.com/p/action/ 		1 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/36002962.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3e39c57adf3cbcd6ca29c644705ed27b86afabb0599418399be038e9a5b2937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 51C154F002944007BA915C09C3E01489 Ref B: FRAEDGE1519 Ref C: 2022-09-16T12:54:30Z
date
Fri, 16 Sep 2022 12:54:29 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
667
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=36002962&Ver=2&mid=a79f707d-97bc-4124-bb32-d776602193df&sid=b436394035be11edbe4035b87498a620&vid=b4362b6035be11ed9bd16f3eb2b38e5b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Best%20Deals%20Online%20-%20Today%27s%20Best%20Daily%20Deals&p=https%3A%2F%2Fwww.dealnews.com%2F&r=&lt=1812&evt=pageLoad&sv=1&rn=320533
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C3573E2B72684E41A50E202957787D31 Ref B: FRAEDGE1519 Ref C: 2022-09-16T12:54:30Z
date
Fri, 16 Sep 2022 12:54:29 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/?random=1663332870190&cv=9&fst=1663332870190&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2F&tiba=Best%20Deals%20Online%20-%20Today%27s%20Best%20Daily%20Deals&auid=69688263.1663332870&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ec5e0d1935aa925dff55646f9654b2283b99ba5197625e86901a50523dc4b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1050
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Sep 2023 11:59:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		147 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dealnews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4a00d03b3c1e4bf7a22acf43491f3cbf4b5792c992ccc119a42fe7b4b4375b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Fri, 16 Sep 2022 12:54:30 GMT
bframe
www.google.com/recaptcha/api2/ Frame 3056 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b10fa5715f615ea9a15ffc584f9d550efacc16a375b06d3c9e07d4218f379efe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xGJ-UGOS5o7qLhCIkkJnBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-xGJ-UGOS5o7qLhCIkkJnBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
753
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
Jv-xsFgZrYKLpLZ_GybTCUO4-1lscju18IwS_LXHClEu_Ky-XGhVnQ==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dealnews.com&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
a381e85dbfd4ff95de554ceee5f9331bfbb36b90babe6f07880d7ee3d2174acc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:46:51 GMT
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
server
Server
age
459
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dealnews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
content-length
1304
x-amz-cf-id
ZwvWPjob3OJXDVIfyLK4vKpSYZaQZVU36LD-K2KGWkNW6I90oqUSCQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:38:27 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
83764
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 13:35:39 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
oGiGhs4ZfjJg.LB2Yi6O9XMZXNC6Xrry
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
YoWfmqJsfQT89Caoi-TjSwr-opSbxYPH_hMATYvh9dzEC9viLJAurg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dealnews.com%2F&pid=tkatdQqB2cbhY&cb=0&ws=1600x1200&v=22.9.81452&t=1800&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-dealnewscom39471%22%2C%22s%22%3A%5B%22200x200%22%2C%22250x250%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2C1019993%2F.2_A.39471.4_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-dealnewscom37576%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2C1019993%2F.2_A.37576.4_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-dealnewscom37573%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2C1019993%2F.2_A.37573.3_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-dealnewscom37572%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2C1019993%2F.2_A.37572.3_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-dealnewscom37579%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2C1019993%2F.2_A.37579.4_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-dealnewscom39472%22%2C%22s%22%3A%5B%22200x200%22%2C%22250x250%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2C1019993%2F.2_A.39472.4_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-dealnewscom37578%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2C1019993%2F.2_A.37578.4_dealnews.com_tier1%22%7D%5D&schain=1.0%2C1!pubgalaxy.com%2C3800%2C1%2C%2C%2C&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A10000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-188.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
QWY6WVYBG137TXM2NQK0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
dao-o9JEBD7C70LGaIKRXVhOxcCAqu62FUv8aAHdvS6LQmmPXvqjMw==
iframerpc
accounts.google.com/o/oauth2/ Frame C974 		49 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.dealnews.com&client_id=240283651047-2k9j9dpqt61kh002lfn5f9dptm2vo4bt.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.2s0_KPlj5D0.es5.O/d=1/rs=AOaEmlFgTKBrXDFZ4TTuG9t7xzvUooFoVQ/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uT8CBGnJOR9tZFTPS02P-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-uT8CBGnJOR9tZFTPS02P-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires
Fri, 16 Sep 2022 12:54:30 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Fri, 16 Sep 2022 13:09:30 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 17:52:22 GMT
content-encoding
gzip
etag
W/"979a52ecf913f8004d0123a9b7ba2a05"
last-modified
Tue, 19 Jul 2022 18:12:22 GMT
server
AmazonS3
age
68529
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
l3ROgLyKG83nMTqJzfMpEggrnHca5BHgy6mz6c8ETWK0LKq-wP2e8A==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 11:00:45 GMT
server
cloudflare
age
586
etag
W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
74b9c049cde18ffe-FRA
x-amz-request-id
JVQRCSBMKJYY255K
x-amz-id-2
EefCMa4XdsHjSZq/I6imclRq9hHA/w+ajeRCa5qACFBK2hxi92R82+D48g3nz2eoMbdSh8PJRL4=
styles__ltr.css
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ Frame 3056 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 12:43:16 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/ Frame 3056 		391 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zmiYzsHi8INTJBWt2QZC9aM5&k=6Ldy9FIeAAAAACy1htGYhqjPNypqVbAIuJ5Ckmys
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9337f499c9b0cc63404026b5448c6fd449df6ed57abf148722751a3a4b992c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159646
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 12:49:14 GMT
/
www.dealnews.com/lw/ul.php/push/slider_impression/ 		0
55 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php/push/slider_impression/
Requested by
Host: dealnews.a.ssl.fastly.net
URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/slider.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
/
www.dealnews.com/lw/ul.php/push/slider_impression/ 		0
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php/push/slider_impression/
Requested by
Host: dealnews.a.ssl.fastly.net
URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/slider.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
/
www.dealnews.com/lw/ul.php/push/slider_impression/ 		0
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php/push/slider_impression/
Requested by
Host: dealnews.a.ssl.fastly.net
URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/slider.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
/
www.dealnews.com/lw/ul.php/push/slider_impression/ 		0
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php/push/slider_impression/
Requested by
Host: dealnews.a.ssl.fastly.net
URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/slider.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
/
www.dealnews.com/lw/ul.php/push/slider_impression/ 		0
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php/push/slider_impression/
Requested by
Host: dealnews.a.ssl.fastly.net
URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.18.0/slider.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/613657585/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/613657585/?random=1663332870190&cv=9&fst=1663329600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2F&tiba=Best%20Deals%20Online%20-%20Today%27s%20Best%20Daily%20Deals&async=1&fmt=3&is_vtc=1&random=3141533303&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/613657585/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/613657585/?random=1663332870190&cv=9&fst=1663329600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2F&tiba=Best%20Deals%20Online%20-%20Today%27s%20Best%20Daily%20Deals&async=1&fmt=3&is_vtc=1&random=3141533303&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.pubgalaxy.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&f=i&gdpr_cons...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&f=i&gdp...
  • https://prebid-server.pubgalaxy.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7adcbe78-9639-40bf-9c11-ec8460e37791
86 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.pubgalaxy.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7adcbe78-9639-40bf-9c11-ec8460e37791
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Server
35.173.165.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-165-253.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

Location
https://prebid-server.pubgalaxy.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7adcbe78-9639-40bf-9c11-ec8460e37791
Date
Fri, 16 Sep 2022 12:54:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
36002962
www.clarity.ms/tag/uet/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/36002962
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/36002962.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3f594cda91fb698443b7082bdcc85648c15f9b30a78e7bcaf78c1f6e0d5a04d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
x-powered-by
ASP.NET
x-azure-ref
0BnIkYwAAAADJK6LVS052R7DqUyo1p5TbRlJBMzFFREdFMDMxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length
2758
expires
-1
map
bcp.crwdcntrl.net/6/ 		20 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.120.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-120-198.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dealnews.com
expires
0
cache-control
no-cache
x-server
10.45.13.120
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AEC3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68007
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 12:54:30 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Sep 2022 07:47:57 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
clarity.js
www.clarity.ms/eus2/s/0.6.40/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/36002962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:29 GMT
content-encoding
br
etag
"1d8bd4806fdad30"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0BnIkYwAAAAAAmZeFJLkHSrq5TbtPcmUERlJBMzFFREdFMDMxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dealnews.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dealnews.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		166 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3596233146170183&correlator=2166891242997542&eid=44755509&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=8095840%3A1019993%2C.2_A.39471.4_dealnews.com_tier1%2C.2_A.37576.4_dealnews.com_tier1%2C.2_A.37573.3_dealnews.com_tier1%2C.2_A.37572.3_dealnews.com_tier1%2C.2_A.37579.4_dealnews.com_tier1%2C.2_A.39472.4_dealnews.com_tier1%2C.2_A.37578.4_dealnews.com_tier1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=200x200%7C250x250%7C300x250%2C300x250%2C728x90%2C728x90%2C300x250%2C200x200%7C250x250%7C300x250%2C300x250&ifi=1&adks=2999064560%2C3652529337%2C1634123829%2C1482857025%2C437073777%2C446734660%2C2451951098&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D1289e14f23815bd8%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D1317c2a573fd989d%26hb_bidder%3DixS2S%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D129064cd1e32a34c%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=pubcid%3D2a442abc-c673-4498-9837-909fb6b6f237&sc=1&cookie_enabled=1&abxe=1&dt=1663332870681&lmt=1663332870&dlt=1663332868755&idt=1606&adxs=1116%2C1229%2C263%2C263%2C1116%2C1116%2C1116&adys=1988%2C9984%2C9305%2C9932%2C145%2C2300%2C1194&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C0%7C5%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.dealnews.com%2F&frm=20&vis=1&psz=314x46%7C300x266%7C892x0%7C892x0%7C314x296%7C314x46%7C314x296&msz=314x46%7C300x266%7C728x0%7C728x0%7C314x296%7C314x46%7C314x296&fws=512%2C0%2C4%2C4%2C0%2C512%2C0&ohw=0%2C0%2C728%2C728%2C0%2C0%2C0&ga_vid=419323822.1663332870&ga_sid=1663332871&ga_hid=165432678&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b0ef88f0fb341918ccc404b7173a831767a94081cd96e896fdb816e9adc5f57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46795
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED04 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.67 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216533.ip-141-95-98.eu
Software
/
Resource Hash
a7541fc5c9a11282980ed923f9b2f1827738f86dee00d52a7b3bd71b640133d1

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sync
eb2.3lift.com/ Frame 2B5F
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26u...
  • https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26u...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
b4c9504e59a6049e6b8cddfc6b6701f5c670b884c3fe3999c657f5d51ebbd335

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
502
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 12:54:30 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 16 Sep 2022 12:54:30 GMT
location
/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
PugMaster
image6.pubmatic.com/AdServer/ Frame AEC3 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90557430&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
content-length
0
collect
b.clarity.ms/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:30 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
341.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/341.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e303da08a9655f1ff1f70103f1bc408a02921a2b8d8c315872c913d29e8f6e54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:29 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame 2B5F 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ebda
eb2.3lift.com/ Frame 2B5F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2B5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHRA8bPyujXRpFntUCRbXEk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHRA8bPyujXRpFntUCRbXEk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHRA8bPyujXRpFntUCRbXEk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B5F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D
date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 2B5F 		0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3576297707154671476820&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:30 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 091C711591504705A41570F67D74D5F7 Ref B: FRAEDGE1518 Ref C: 2022-09-16T12:54:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXoytzvHEiliW0zqL3lwg==
xuid
eb2.3lift.com/ Frame 2B5F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3576297707154671476820&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0e634405-52fe-45e9-9ff5-b9fbef388498&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=7adcbe78-9639-40bf-9c11-ec8460e37791&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=7adcbe78-9639-40bf-9c11-ec8460e37791&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=7adcbe78-9639-40bf-9c11-ec8460e37791&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 16 Sep 2022 12:54:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
3576297707154671476820
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 2B5F 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/3576297707154671476820?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:fb24:7ad4:5f4f:4dd3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 2B5F
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3576297707154671476820
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3576297707154671476820&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3576297707154671476820&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:31 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
QG2MP4G3ZFRCBNVXXWAP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3576297707154671476820&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 2B5F 		42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3576297707154671476820&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:30 GMT
etag
"8d3298b0aac7d81:0"
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 47C805E8A99744B68C1FA00C01DF38A5 Ref B: FRAEDGE1519 Ref C: 2022-09-16T12:54:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 2B5F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=0
Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
prebid-server.pubgalaxy.com/ Frame 2B5F 		0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.pubgalaxy.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&us_privacy=1---&f=b&uid=3576297707154671476820
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.165.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-165-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html
content-length
0
expires
0
hapjpwxk1sjp475duatm.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/hapjpwxk1sjp475duatm.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
95baf816c5d3649bc121c78bcd9edc1c8f056b0e4ed72be2c40edfaab09b3ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
136001
Edge-Cache-Tag
286020124932489997148980354555085283982,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
286020124932489997148980354555085283982,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="hapjpwxk1sjp475duatm.webp"
Connection
keep-alive
Content-Length
9224
X-Served-By
cache-fra19170-FRA
X-Cache
HIT
Last-Modified
Wed, 14 Sep 2022 19:57:26 GMT
Server
cloudinary
X-Timer
S1663332871.070475,VS0,VE1
Etag
"8ae9e85809253c7915ee4abc52e09b55"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
eljarlmiwd6zobs2w4qb.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/eljarlmiwd6zobs2w4qb.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
dc97dcd6442aa25bf83bc38d470840f3c13a282dc82378b1e3face88f05189f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
154248
Edge-Cache-Tag
326055076375875088321456677806112425112,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
326055076375875088321456677806112425112,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="eljarlmiwd6zobs2w4qb.webp"
Connection
keep-alive
Content-Length
2120
X-Served-By
cache-fra19178-FRA
X-Cache
HIT
Last-Modified
Wed, 14 Sep 2022 17:46:19 GMT
Server
cloudinary
X-Timer
S1663332871.059423,VS0,VE9
Etag
"cb353abbff1443c644f2508278620cac"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
bjt5mxm37zqwfmqi9wnw.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/bjt5mxm37zqwfmqi9wnw.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d7c28ef654c134a7e82341c8ef203deb69f4ad20dfe7b2ee4ed675753fd9168d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
136416
Edge-Cache-Tag
224341524476031293566539230317123775395,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
224341524476031293566539230317123775395,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="bjt5mxm37zqwfmqi9wnw.webp"
Connection
keep-alive
Content-Length
8732
X-Served-By
cache-fra19183-FRA
X-Cache
HIT
Last-Modified
Wed, 14 Sep 2022 21:51:57 GMT
Server
cloudinary
X-Timer
S1663332871.059940,VS0,VE1
Etag
"a242a6ca84940c28056c0df822229929"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
vysulbuxrqagayu4oydf.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/vysulbuxrqagayu4oydf.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5bd624c904f13d8e72e6670bf11ca71653414cae15b615f23de52c8a8ef6c77f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
1188389
Edge-Cache-Tag
261959682126762258840689019324686131833,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
261959682126762258840689019324686131833,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="vysulbuxrqagayu4oydf.webp"
Connection
keep-alive
Content-Length
2600
X-Served-By
cache-fra19155-FRA
X-Cache
HIT
Last-Modified
Tue, 12 Jul 2022 04:06:06 GMT
Server
cloudinary
X-Timer
S1663332871.060199,VS0,VE1
Etag
"6300655824d4209f293b2deab7e395e0"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
yqfk6emnsia3sk4m7dmw.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/yqfk6emnsia3sk4m7dmw.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
699d1a0eada5d0860d50c74d325a75a8eca31be6d803abd39af42d31e824e9f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
154248
Edge-Cache-Tag
70410858899990073909505707407639162046,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
70410858899990073909505707407639162046,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="yqfk6emnsia3sk4m7dmw.webp"
Connection
keep-alive
Content-Length
8066
X-Served-By
cache-fra19124-FRA
X-Cache
HIT
Last-Modified
Wed, 14 Sep 2022 16:44:16 GMT
Server
cloudinary
X-Timer
S1663332871.060090,VS0,VE24
Etag
"6ba68d4276ef826e50fcef4156d5ae6d"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
nup1mryw2lr8c8i5qtno.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/nup1mryw2lr8c8i5qtno.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b08509a7ef85147f64d69c6d2cb1d96f60f7bb1779ff3a0beee680ff90a136c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
143357
Edge-Cache-Tag
231704301965096927797408431321189766866,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
231704301965096927797408431321189766866,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="nup1mryw2lr8c8i5qtno.webp"
Connection
keep-alive
Content-Length
6930
X-Served-By
cache-fra19132-FRA
X-Cache
HIT
Last-Modified
Mon, 08 Aug 2022 16:29:10 GMT
Server
cloudinary
X-Timer
S1663332871.061131,VS0,VE1
Etag
"e99556a131ded6b434e35e394e79ecc7"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
h8zo4schrdbrtwrk6ety.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/h8zo4schrdbrtwrk6ety.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
3359f2771068986d9e0e1445783256294012d1685777eff2a44b7d9b0aa805dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
2026653
Edge-Cache-Tag
188646787975511329711090859645414080491,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
188646787975511329711090859645414080491,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="h8zo4schrdbrtwrk6ety.webp"
Connection
keep-alive
Content-Length
7518
X-Served-By
cache-fra19170-FRA
X-Cache
HIT
Last-Modified
Mon, 18 Oct 2021 17:58:31 GMT
Server
cloudinary
X-Timer
S1663332871.082749,VS0,VE23
Etag
"389d2500877f542724bdccf087bbe0b2"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
evjaja2ug32czusyekvm.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/evjaja2ug32czusyekvm.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0e03f341064f783836c55b1eb7bcb4e02f653e7f4cc5493e791000b314ab29ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
41032
Edge-Cache-Tag
300608196349707196529993837975939282553,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
300608196349707196529993837975939282553,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="evjaja2ug32czusyekvm.webp"
Connection
keep-alive
Content-Length
5044
X-Served-By
cache-fra19178-FRA
X-Cache
HIT
Last-Modified
Thu, 15 Sep 2022 21:58:42 GMT
Server
cloudinary
X-Timer
S1663332871.082887,VS0,VE1
Etag
"fbbe3a80e463a366a9de36d34e29a6f1"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
v1ri94r8lik0xinvhioj.jpg
cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdlnws.a.ssl.fastly.net/image/upload/f_auto,t_xlarge,q_auto:low/content/v1ri94r8lik0xinvhioj.jpg
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9729d30850d884cf0b26194f57124b2b7c621abc5c28c13a7d64175b3f08e3df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:31 GMT
Via
1.1 varnish
Age
140688
Edge-Cache-Tag
64144040606221542010302608635108083454,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Cache-Tag
64144040606221542010302608635108083454,194487297117551043388219181529309531062,61a8d6e101361542271c7d2de6c10548
Content-Disposition
inline; filename="v1ri94r8lik0xinvhioj.webp"
Connection
keep-alive
Content-Length
8924
X-Served-By
cache-fra19132-FRA
X-Cache
HIT
Last-Modified
Wed, 14 Sep 2022 20:17:17 GMT
Server
cloudinary
X-Timer
S1663332871.083565,VS0,VE1
Etag
"397f66303965e581d45d66bb439598df"
Vary
User-Agent
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cld-Vary
User-Agent
X-Cache-Hits
1
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 04:49:01 GMT
content-encoding
gzip
age
806730
x-guploader-uploadid
ADPycdvPqBPfstVExDMmBoXhpZPLOcbfvqWCj0-Dx8Q03vmJNK1Kuoeed1BPMXaLDbxsAIZjwOPWMT8050vq5Hu64hJnkA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 07 Sep 2023 04:49:01 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:34:13 GMT
via
1.1 google
age
1218
x-guploader-uploadid
ADPycdvLakT67WZJFKCVM_jbp6covsRokAbIo0uMEIWK-g9APHL5E95uHVXIoYYE-O3KuDBMx89iM1FnDkk7Aazon1kv8S_D1OWo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
last-modified
Fri, 29 Jul 2022 16:55:09 GMT
server
UploadServer
etag
"f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-hash
crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-generation
1659113709880056
cache-control
public, max-age=3600
x-goog-stored-content-length
1258
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 16 Sep 2022 13:34:13 GMT
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.169.211 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-169-211.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA2C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CE94 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAA0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B263 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A69E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD80 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7864 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:30 GMT
expires
Sat, 16 Sep 2023 12:54:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
edge
cmp.uniconsent.com/v2/ 		0
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.uniconsent.com/v2/edge
Requested by
Host: cmp.uniconsent.com
URL: https://cmp.uniconsent.com/v2/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDhVk1u6ep3vmov2f47qVbrHtYhmp4SzISot7MKVupEisdHX7iVNANMBXdajJ6MCHrOMKsuMSAK65VfeL6VTGKPDn4VFKsyrb9jTf%2BoU3Eoj5iAenEyvszjwXI9VWtLEoL7gQpvdDQNO5SakQ3dziVo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
74b9c04ebae5913d-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dealnews.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dealnews.com%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dealnews.com%2F&rid=esp&cc=1
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3cc014de67759346b289435c5974bd1c82ece82546b276ef4b28aa40f702005e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
via
1.1 google
etag
W/"55-UCa+tx8lkT7mSnEHvY2f2ZJ1UDE"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 16 Sep 2022 12:54:31 GMT
via
1.1 google
access-control-allow-origin
https://www.dealnews.com
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fwww.dealnews.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ Frame A69E 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
754
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
D9W9iEQOA6Kj2a4xSaY-RVGJ0M8Ki-x4WmGnboxE4rgsLuFodO9nhA==
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ Frame CA2C 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
754
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
ZWbL8UYj5upSqGfDXoRXud_c7vPLoRncpi4PXxm0FbUzsackSYHnsg==
encrypt
esp.rtbhouse.com/ 		221 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
172531061beded835c03e69b103d5e0baf79910eece9d7eda24d37d103f0355d

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
b0853c56aeb30b70b60d141ee2d88510
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dealnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 16 Sep 2022 12:54:31 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
69cc5989159c41cb1d919151b59b3366
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ Frame BD80 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
754
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
W4OVB8MTfI38dbJFfkXqvQfDmA01hDEvke-0i1Bkh7Y7RhnjnDjTdw==
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ Frame B263 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
754
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
8LKDYkEsKvWJDSXfnYmr5OgLmdsTD_qyWJXREFKoHOeRE6i6ECu7Lw==
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ Frame 7864 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
754
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
KWxAvtkC3V3_djHZNEa7WhJtPr4XmLFzMj1WeqKpI3hts7__QN3AAQ==
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ Frame CE94 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
754
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
dUItCFQHYixUPfvuzvY0VqrD28I_-pWA0HRnh9yv-1Uc_kWV3JjoTA==
grumi.js
rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/ Frame CAA0 		413 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:41:58 GMT
content-encoding
br
last-modified
Fri, 16 Sep 2022 11:29:30 GMT
server
AmazonS3
age
754
etag
W/"46959f39fe3737ac031f37b0f882c757"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9VPw_8abZE8PiGt3lmUsDtxqkReEn1_q
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
text/javascript
x-amz-cf-id
eNRioxhOHsFCP-NPNUW-NlCuMlDa1Z4mMx2eZ9485jAQZh1oBnHZiA==
init
gw.geoedge.be/api/ Frame A69E 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:31 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F92A 		499 B
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYy7LD0wEwAQ&v=APEucNUQAYEMS8_BEAJslooUf-bTrlw6NrNThvIH5vJJU5tVPrF0XHLWbEFNQkR6oosjd2d9D36rO1lHykjPR70GsdldVEzHYFX77gw8BS2xThq3yyFMOks
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
237
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A69E 		28 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuFlM8rKtAMh0uwjkKbF_dWGK2zroKD9iBVKlOSAXHDTCmPAz5JM7jGzJVvrFME5stOMQZtMvHWyg6nAc-YCvGGeytAR0d_z1CoY7kYxM8vtbbNXmvS7amQOPflWMR4q7K-Z8pGqSMcOn5IKaK3EkrncwfUA&cry=1&dbm_d=AKAmf-Cd2-AtD6pVvxpoh9tgjbgKY8keEqRIE8wQR5DG4lQLeNx_-THhwrNwyc-yDxB-BON8RcnDAQMYO4a0rwQovjjmXw8-Yt_rm4rCDG6_aUNR5C8gj_QLQoB08nh_by7dF4P66GQgwmTaS6x2Ssz5MFiG5fjKJnMB53QhKUym39OM5vQ2Abis1CWXa_nZwwld5V0Q8DbRuZI7rngnixN868pLY_twJsKxYh2GXpURDBviUrT5l_pd61hd7j-DwXC88iuUzDSwdYd7VtlITwyj5HUtzENdzscQDoLaM5v0ckvo1J0YtNdCd9YL7EzMKCOxgzN_Q3UgOIdd-WQqIben-uya96Ui2pSvGAbvk07icn4RNpu2I1f71ycYJY-bty16OjSQzhcAYQOzvgnSPVXlL0sDwTtKA1ggtLRmUxQtdTL86gOXSvbE60zlE9G7MEd5blaYfpsU9VyBnXNlDMvPWsTHaJbhpGVS2k1C6u2ty0VngNm2vj2g4Cm2EtkW3V-ygDpUgd5lUzuzNINUqrt2akgXORLOmlM2L-b2lmvGxBSqeHS02HBrRxOWbyASlIcFs0NnusCVQWpoEbP8pTDASPRlSGUC7_85xBV8e0cD4K0r_DaSP20oPF935p1vNWXjxVOXsM6VWnE4IqPvDoeSIE_trEB3ORRaXhIuQIUUxA7eg94gMQxokX-6XOBJ9rjs-LA8RWjzn2r3qcSAt4tVQDyGAIi97I8gUUvHl4_d3VBOxx28GELqFH7Freah3bYeCqZGE7E_AGvoNpW9FmNFGvsQbzXnWWonu6E1grkMOLiCbWhufOMZYUr075eA9ykG5cX_mKkgZd09EMDCkYu7hdcVGx6DJz3yc9tIQSaHgdk7gGqDVMpsTjI1F1OKzgsfyR_Wjx0_tjNx2rjMgqpOBQb29CLiw8pCwNss01q_6G767q3G6lHfN6AgLY9N1J3DKYl81SfKPaS6X2cGzNJeV5nBFY9w1hvSq6aQ1jopA67ZNqz5dRu-uetS3qZevwASlb7R1PM94HpRf-w0kVzBx0wq4wSx-wH5jsNdEtSC3tLfPi6YQK4D0Lo1LRk0rkgB3IU9IOr8OYu5_jekhJQR4vpkBu8pEOuQmxtxr59fjiMHodue4PzmXKWVn2oCYURhskn6efVEqIqz6iaQZ20pfG8qIY117YyWi2WyTK0p3aeO_QUKMHBun4tZK0BK9PjFuhFahVySNBVkVphjmqLDpLYRiOgnijXc3qWa1DQByNWIaLAAGkGbyZ9XtMaMaJEy3QK20p3gtkOczKGdtqWwzKAFGMZhkhqRTVmJFSmdkSM_u_pm584OHyAEc39N-pz10vwNptQMfmFPaqepxEQwQU_POWweoe2WTctNI9INOY5EaJOloc0tIzDYUCwigBxfOp0uHmsyDhI2LoLhkCIgr2SWcixee-UgTftERL7sm1FE4ym91fl_2ueSq5oV_kNBSW22LJYG0sSeR0nVS1hD8uT3WBFUrBHGzQ1VF8O8zQ6J57AnpgaXka8kkWtuygBKdch_jXaMhzseeXCO1vWKX6VCTo9E__x08wE9T8tD-5Uc3mR8iwd5l1JQI05Kb3AZrdlGsoibIL6lTkmriOwcf2Nqlrb3fjUQKMKcngYMbxaoN6i6amB3fDhft7XcwDTCy3ai0JRNuzlDhJ7uIy0yKHmIR8W9srUfkWXCEL_0j-ZRKbv0nC7d8HCETwb-27UDTqJxvEtFvzztVQLoNCDvE2PAow64bnIwzzY5DCZvQknWM7hGzlq77nfDdQ2ZdyaJZDr5hSa2E-F7Cl57xJol0IH7WfnH4RyZ6PCVQKeixuPIeGGBd-UR39XgX1tC2idODU0Wyl6F6wMVtRNE6uEd4ZTPq1FyZXy5z2s9JgWIZMt9dcJvVxR_xyVRAaqALAC110UJt4c00jKbkxp3_3AO--vykj71zvm2uhROryL3jxtxW3gsiWpWXjkzMEzaX-emm6cOMyPZmErFz-ot2uQPXImDJjI3t8uPTi0GW7Dy7g05bIkdgduvo7nuw2TnAE7HkUH4StJC5NTIx-0Kp4wqi3a-jQTklu2AfdT-Uuy_Ba4-9bT6FIbwpEhcnTi1BuHDkWKBM-raFbucSp8uzPkZUS_43v7hjeOpcf6_Wf9yP7oiHIOpM65hiQ1HdN1j-8ELrUJI7DK9w8hBngUTVH5h5kpiF9m-UjHhBmWujyHOp01fmexC5aFWtq7bZMpzQOC7PAUs7AaN3BhcGuoH3KIYDsw0l5W0AWx2YaNxr51tQt1oUk2Ei4wanJCrbblA0bn878ds3GTFNrg2duQBkw4BdydTLrCH-zdi1bWxC7W5gKpwqCTp0myvdhEus9eqY72IQNkkpiFMWb-lZlCyyv-KSDZ7at5KySJ9wZbA9OwduW7iiqeIS_3eXegih2ndWrSuj_iOUiq1jXOVu9DPWF8qTeq106oQECoIMdTwafc7cXvjZdTX0SiBTUjRT3_v9SNdhM3vynEUvGUXyO0QpeeIHXJCt4h3w7-4xHAOfgGLACHNE4r15_2ca5_5XXUh3eXqVb6BzR1NJbUmyY7SEvXUtGLZ42IX7f8pNl49lIksHtH8Fu9ylSa4A5AMZI5UoI6k_TzcjZS-9edwPbZsG7vau52tCXjcRzY2V3eMN68Agvzq2mstf_5oo7FlT-wlLCjt2p9n646BbAhWlgEN_lzcnQKdmICGuoEdChmHV9BPYCZQ0Qa7vzgd51seJc24vpZFtlCxCbDbHA4UHW_KeWRB5xo-xDvdenzZiL4KZ7K7pWV5OUh6jCSVwYCapo1Tn6ZJPNCilpORxB3m7LXbq9dMEII_J4enJ2Hz8TYkYlMbUheEdDn8hlDX_vpIG1MWhLrHw3D-ZPb_6VsHV8-o9MYuNYJkVDWWwfJ21y1AvQj5_XWTt3mrLRCLWzxRbtExVhnLQblEE7soUqxpNro1wGEYVeXedHIJog7SBbibFz_g87rw8wNj9viJqT_6zxre7xszQwlr-8YLWWqI7pMTDCZlzKLe-b7sGiuBVnchY9X-M_zU9UpFdEueQ_7kx-9jkc9RYJttcgyScR-JlKnbKZDC9qxrdfRajs5wW75IYUA0fKfxu_FM1vzxmluY7Re0HLXkhhEfRsNOwj-uJpLGwGXV0LLYGTv0GQNse_yIniNApQcUon5Kp5V0ayr8E-bxbWfgRUM3gVrPD6JFKLaoimLIJlbKRKqkVUull5yF8ckEZf57zZVahIQkKAGBMaRI6RW__W2y-SQGRVRi-vrU1Ja57lWihj2EBzGP-JJJ-SW2uwb57BWDJmwkyLDfnrDcbTVr8zhb5MsdWeu0dqDhU5BiVvgJx1YGO7DUt0XkPwL9EA_u6CRBwNfqrgGkNbJRjlCNlLaGXSWsISczjS5OCpKdEwR38Z0QqFhMkYw06iP7Zt8OYCZ2cKqF92MrKPl-thZVfIj3nV6ZiBTfOlgraM2qQf8Mvc25lA&cid=CAASJORo2QZYiveFRWeoTjxfBn0OrJjnYNUhmq96y_iVrDs_yboI4Q&rfl=1%2Chttps%253A%252F%252Fwww.dealnews.com%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f9ef9c99a0b68ff79a0f1707cd3023411011366437ce787b58a496f8092e9e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16859
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame A69E 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=57965363;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17054712635&extPm=17054712635&extCr=443603275&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CR99rBnIkY4nDMfis9u8PqPi5oAbd8azHa_jSneqUEP_1kOPXAhABIIiAvxRglYKAgLAHoAGR_tGiA8gBCakCN0lTkaS1sD6oAwGqBPwBT9BKxIrrmf9APDnTOhlE8TRcM_rVNsUCUUKqIgLMsqC-qv3Y4Xvx5v75LfIcqjsOvj9ZRIC7FO6CVHgR2TOx7xcEuq1shmvAWvK5M7cLE0SykCr3X8qRq2R3cET62KZkLMwRtaCxsvSywYi-eB4oP-bTycb8-p26nshZhpFQwTlhuJCV8Odk9t8P09rKYeEHkUUuctHH1A_DF-6NWn6pcJ0knNCwcllNMCHMcs1ke488VTs2BhiuC2UAnYY_9HjWuQHKweo37EjLj5abflUHQ43ERqTtT89ljO_qWZZJIi8GlPqimfHtoDtmT4AWmMG8MzggvgRhwZKV-Jl_wATzjZzchQTgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi00NDU3Njk3ODU2NDQ5NzkxgAoDmAsByAsBgAwBsBPCl7EQ0BMA2BMK2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAASJORo2QZYiveFRWeoTjxfBn0OrJjnYNUhmq96y_iVrDs_yboI4Q&sig=AOD64_2A5S9SR9u1sY4w2LtGEeoY_MExxA&client=ca-pub-6163857992956964&dbm_c=AKAmf-Ak68RpmLWiQOVauCoUiamQm064vhbReEYWbz9wdFPxgmCiJ6Xe6LUnNh8zxuRAnP_3NedNDseku0HeiC7WKx6_IP4u4mxA7hXKx3DdFHa5XGE_7wGjt7ajMSdSlNAPg35ZUSxcehjLpc4JluaYTNHfA1dtoQ&cry=1&dbm_d=AKAmf-C7Jfj4ib1PbG-otHq5E9dKIjzFzD6bbDS8ryPf63IG4G2rVZwlAEtZwqJFIVkUFXQp0Vr1GPzapHVjR2z6Y0ZDv9Necd8lh_4WiIdAg2iRnIG1Q0ZPKYjAy5ptLC-o_lzJwsVarLw3areEGr0vFBmFk4zBlznuxwkKELwTPxMCWmOiE7KevyWHWzoj2GMx26QRh_Tg-WOgnANi2-UcTC4RJZCj-fPsTcAUtxGvVkEJmvlGmqS7tKFrctOUDdaAWFyDkSLehCRHTstYzHYw9eRZ66ADZnS-B8IF4IKDNKjkkNsmyieK8D6AUbYIHr4OGEFL7Cm9tvn8_cAg32NkzfqsOqlUkAvdZhoB4oK781HNlSqxs7vK6F1DqPabyV_Ial4VpFokQhuTgfHf-L3QuAV8pdwl4RC6GmAfx396yX2SbepDSQJ2mYdhGkHpUg1bMrvAgi8vlFt3H2jM8_8Ul9ANfNWOyRdtooa8SrvKL6tbpnjf7vfcB_IbA2BjwVrSDJY2jCGqC9Na7_9TNRHjzmrrtzOIwA&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
887255276e52458576e3c34699441fd525a7df123c76586bae5a84a56c561526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2738
expires
-1
ai.aspx
m.exactag.com/ Frame A69E 		43 B
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17054712635&extPm=17054712635&extCr=443603275&rnd=1663332870811401
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
X-ET-Code
11
Last-Modified
Fr, 16 Sep 2022 12:54:31 GMT
Date
Fri, 16 Sep 2022 12:54:31 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1756
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame A69E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:44:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame A69E 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:45:22 GMT
l
www.google.com/ads/measurement/ Frame A69E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQH2F2eBgY0Nh_XyvN0rTKjtLvVril-4TOAccoVk1VWMqesDerm2mMZHXmPkSiiBXPQIEEd3lUbsaP5TUfaxLSLcPwHWQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A69E 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A69E 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJ4QCjm834Z7x29mqt9CKQJtR3tnnT9_fUnmrRNLiAwuuHGsVoc4MpTFn-_9li4MFAzIX_5KVbKMiVhMPAkJeAX6tlAp44eZGmCR8T3FknV6E5Wwc
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
gw.geoedge.be/api/ Frame CA2C 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:31 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
init
gw.geoedge.be/api/ Frame BD80 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
init
gw.geoedge.be/api/ Frame B263 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 12FA 		632 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNXflX8Kq1MCVkcVC6vl1_7KY9do6Ed_6qLNtuZ_9sNkyDle4Ogo7XqXQtFjyLgeID6_mg8bDqKupt3It9Uk-xi7lxy2XZrICPU4TQHanlfZsAxT30s
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CA2C 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmuoS-sBy8TzxU6AYhCiCtfMYAj7J4FMRjPlyzqAGTFdtbaY9jDBh3a44sTfrD2_OlHy-oTdxus01Zl2IPSk3WH1Y8vqoAdZYWoX32HduGJ1OPuHKdq3PfJz40P-Nm3-aGbs05-wlcBz8E_gxuyz1qEIjHsA&cry=1&dbm_d=AKAmf-A66aR6NUrFOPuIxvQj5XoTpVaubATv-aO275sHksNdyMDJ6BkXhwAzmVuxfQCuFyr-hKaXqTqJj1ujwHAo2AHoG8HzBqd4nHSl4M2ZndzJTX26Tq8OdIrAPrNoPnena1O1A9XOXxn41dFpi8S5LFrHdKNwAPMmjqk-beO85zVEqgWhTdo039ix7i15E1kWm1zsDySMKigj027MTjRenBM2-KsgfkTFffOpo4KKsEvF_tOCgx8Ah7_1QBSOv1cAmziTTVjwTVztI6yTYj0oTXaUUeraSu3iuM0Mnpdc8zf26gK0A3pYKwmmbPpIVtZWeHL8fOZaWejL4ON5-4kvzEo21LtqqR-Rgi7XDma3NUvkbaRMnHJGUz2BJ05HgMGCR9zpTv7g4O-dlmJ2YaZw8NFVvEYK_WS8NLVJyhZM5PiX6eB1dVUVE5C-VS49vbM17eqxBYzaPDJICQ5CPFJWsss474U3sttYWqKbCuFUjucFZaqflDFLqLB_DjQ9ZfmgoY1jWPDW1247hAOQta3N4h6a12fyN10FJD7CPrzOEj1Kho39-33MIpAummIFbf41dRSQf9T4yvbRkcGkIHkuk5v9Gq1StXIAdQ32rV79Caxeh-vDlWKtcK3qIJW3RuAlm72cuTBhe6Tvda921qq0M6Zh1yV546DaLUvzsJq2C2ExzA3kIPRjtsv960jCROG7-hHhGYG2vc6btvZMTO6tKYaXb6-6wwFbflcnUrQKaiRFOtnMdLBoSUEhTIYfaHUndzrySpGkiKL6CSIvTXqPvzHkm1GtjbYDpVDhgrTlRObpywFvVt2f8BMtnOKpo7hq4DwW3L4fEd5XdBfQ4jA1JONXbc_vCUnMfTtTVuz5JpfSejWlk1ydmOWsgyW6ilgAmGUYI_hioWPjeaLY-3GSUv1QvuHhatJxWyBdk1ZxZdGAYJVh0nPTAokIDV5-GDbqgPDlnFbJWWZ7er2cha3jefzeijFQSvh4uorOn1wsmXi5OrxJjGcrwLFdHwoMY280uYn0LdFn8tJpAV1N-z6DjMWf3xmGvf-OEkrpjOvYx4u3EFq5dVdOkSTSl2mP5R18ojnpAembM4jfVgkZ_zkkzQLg0P6mNaZ_8n0mo4zLqAwTMImUO-X6SyQktM2m93CmuAeL_XG97r87CBgVannk6Ro854qDRE4L2QfkOlirB3j83UQ2dXEGAjymXx29nUwP8T8oLs3Spibs21uxvkIPJ2oC5YuJbnEZ_YuBiWhv2xws_yTGvo86AIPrWofuXJNVetB0LXvywWYo0WATFn25LOI6-1gcpGkGSrH77UMMFr4JKHR_0fKNTewt24-QFBsOyxbymVak3j_M4SArPO3PQFq38gx-icBoAhVE6tsHFT1sGoNh3T824zTBz3R5gKFi_hftof9Tnjo_aRjyK6jJjHdlW-ctNWYDbVaI-Z7MqhUY7G1W8INuasTivv0Zn24kx4mEJaDndEbhb4_mG9i934SYSV_CVkaGIZYQr9dAeCxfeR3KQ3ybbEzj2GtgdAG0DsAv9OkALRxR-xz5saO0-cB1_NFAfDudONCUmIKOPSb94f_O--kz0nRnLXt0Zb44JeP0P4mC-_ZIjgy5Rxz89o0Hux02_NSQv9WfHLtiStE79pxf2P7-Dupyq2IqNflg_4izufAKZs80eojasaaIwgKrXyUPuiAT6pFxMq0DVi99j9cnDG2dE-8FWEI8HyeP2j8B9dQvJn2Gj6HyozMrDs5pnSFjFGYxx0mfSMoVBsF9Ytcd0eCPgDRGHhbcWRF-DS4STfJACXbvpIOVJ-7y5IzS-A3e_nMNOyI1frKud7s80IXQieWc_ImOad5FBSX4MazV_L3MIVweXaQNfvF74c55TT457-v99o0qJjAxF8QEQm_37L3EbhjH_zKPx1KZBoR04IhxgLKTEbC__1TJirreVFbRhFCaAZCJQiYD-mwPoLYMiftgqMIm1IJWvb5olCifgPwEKfkIJPNp5sXpql2ryyqyGmVyHpgvZ5xWnytaTDnPDjkpAR-KxMLRKLQCUtgYEkXJ9uNIMOG19_eF3V7oxaM43nLwOv2CeG8o5KwfZV2itMEKmUcnBUmUWcuED7vEECuhnKVqxb6P9gn7SLVAQtpbudv3xjaaC2ufByGFsG2E9PDBVjTe0uCqJ1VBeQgDhd0O3YUpjIDNaZdeuntES0OAJOIkxrX2T9d5vdxZhPLyhgmV5X3ywqfkduMSN5Z2lm9j9Fc7hjsBKudzj80KtHS2iOo1cV2fh9fhqb8Fm8AQBKAmJk2fNFvdToF_3WNhkkukfA2e79ymvggM_JRxjHWBlBnjLCp40d9K5cT_xxo8vb2lzhR3yr1GI7jiBjfGXNigXKw288I6NW_a_jiujEUqbpYZCydQv4CTpgY3Du9x8NCG4Dwb_x8Iy1W9zNl4zsqo0xnbmPJCumGpnKNAxaJTi7I560H-fx5edhJDlHKrGLYL0BSWmx5hvXUcTZjcb-PgXMkvHRkipWDMd1mKIyRJP9FjJv60EuMe69hBgdwjirk2okpYkRJ7NcAjrY5QNAgDo3ZjTGPkZ1Fxn1_lHLCqHAOokAzC2BQ0b736SLIKQhl4ASj9n8B1uhWB_yIGx-ixLQWEpt3lC9sSuDfw61iVGlOovJIrQDBKqYI-MTKnvfT58WRKfSdIfB9cvDDLPy-zUnyPJzrjpE_VK2HsUBQhe4gG4EYqBVhLer5-Nf_QS1E36Dztaf4jJSw0juGVQgTYMZ1jK7iwiDdmexVRLM_5FXiXLhnFu4pUVa3ncAHX8xYoJTSp1u7Nw_lA4P6m2AjELj1r3678EwiBMaTwEHnhSafdM9h2X1aVlUsbXu-ctotwjAqKllBLt48VQzjbuRVTwvM7v5673nmdAmRdVuDV_w&cid=CAASJORohxuyN3GMTOnaDw2gSkJFERijfFCTPVTXs2zxan9HQMXgQw&rfl=1%2Chttps%253A%252F%252Fwww.dealnews.com%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7b1f3c3e1cb9219eed47757f95dcc4383ea2193f90ebf65f05bbbd428ad06b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11366
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame CA2C 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaqZ6V3321ZRElqOOLq_hLkttvT86EOKnmk5Wz_loPOv0DYzY&d=CokBAKAmf-DvJ-HrbGCzxUS7fmVkuCWTMDCf4Am-sCT3qYH7FooZ3tPgqEeT5KKwt0HEmbkCwM7sr7GNoZAshY9ho_boFl-ky38Pw1IMcvXDrDpxM8fjahp3BeUXiaO198Vr8TA10FTdNB3a-9W1zdYL5w9Msfx3Qb5jt5kBL9g4RK0EXKV0Alp4m2ES2RMAoCZ_4DQg_fFJhc8TDLaesOHSxgYo6GoC5deBpvYWsP8Oas2Ibdh32Tpfp-h_1toVY63QRlzt4ZCszQHkxtFfnY-CSlbfENTud5InZ2TB6hSJbiILxtJzwHkRMqrOJX9D9_A6C5J2ZlUjxLWRvQFN8DYb7mmWFhH-BdiuwHKzRR4loOO97YUHSFrH1NoqAJpN7iKWkCLdEa6teEqYGPl-OpgO3qkouTD3aO-2C18frfOcxuSxPd8iS5eF6KRUnOWelc7jNUn0jTgEctnZz-Fwzes0MYE4XaHW5XBzuFU9TdOD5SXxf6Wr49z33UyevQVzYV_zE0x9ejnjfwUwORmGu4pv6Az0FKQakieoErCrlEO1nbkXyA5yk7xty6selT6zPD7Ec-W4IfscwBo5xVsGOTkLArf47cRq9FIvP96wWvbM6leXvkMi-Lv58YqQKM_p9KTm1UcNN7FKY5AOYtWPzfQP3US1q-nC2I9tMAdz2a4hABA4l6OHzWiLrHYjJ0QBnDwI1F2NSvpWxGL1_kMKOwW-y5ZU4FnlCqbOP7riFjsdIHbk2PYOaileZ5aVDcrM0aTsLgf6MCA4Vbm3yxQuYxXdr6_0-gwQisUb3oouBONqAxqwASx9c9xjlc-zmiIzsQ5cxYQpSWUhdZO519MJgq41yo26oL8oQxdcT0e67q8wiMeeGTAuhlGmbMBbMoeMU3VuthDxEacC4w9SxRry_lL78QZZQQlJ6EjtODOKFeP2ZiwhiOPSImXsMwIkbzv4ggK_rX5QaL8PUMHraFbSJQb15Ch053DOiMVdkyO14bz9Uo0iS439aW1_hJ8whvd1iOPdm-P13uGiO5TCadec0Au39-6JDbB8qlSG-5zdc6jSvn7NT04iyR33lS0MgIlr6j3jRIpvnj4kumMZaCKMLSrhFo4f0XD5aDHeNVfZBTKKjyUtmyP9jZtLAXwTBkfoJhmOR2g1icO5pE5pt_9o03BEHLsVPtGp81nAjiPxrjOXDXiXTg_Ae_0eRVpHW3mxKemYf1QZ8MA-wLC7nVBkeqWp0D0OPXyfccCo7N3R_bR_H3dQYns3jkVVMwvqVUP2as9SpG5hOlSrQ9M63JqEH6f_54uiwjZQ0KCMwg_QezL2aVrkhmPITawIieLULKcWduyMI2d_vm_PMuqK7wlQwjZP7EGgU9TYHhiTGWGv36tmrFLzXBD06TxBu7o7-BXYh5SkKFdQZUDQml24riO5SsSTZWlKUWOq8cyFEmkCxvk8pBzAMAdB-nPc2mwxcBT7hsWDBtCMTPVoVkZerEtUn335gRQFd0wv5UTQGeUsCSIVlNgYO1tTRZiKXFKeV6W0sXZtz3f7SQTosRA-YCwHuzg1SllDg1TG61njnq0SWU8Wc2BU_bNwRQ1xjtKd8F62MneM2ocESn9pCRrWnNT29IP1j0qCGcpazttzwrtj3hM32OeEYHuVfo8X4yw2vyXd5YoDat0urnOD2dvKmCgYRZq_QdTo0DPh2aakJDnJAr0ThrbVrx4hj09KoLGDQAXm0VoUmBB7IX4QtZK2wwbQ-QWVAS782cv0BMVhXwPmCI_a-zCNEsc3C-Uf3jjgtSV1FaLISNqY12n1zdN_xMtcd6KAWK2EA9npB0bcxNxq1rzwUMCnUSBEQEzVQ974ri17u8jiFPV_334xux-NyjWgrLbgzS32knFesFhmhSlh-_bo_SssAhy2ZrxeF4BHFe1PKSlrqaCoBbcddxsPQjxr1fan87GZEzk4xRq_N2IhOKDvOkv9c1CPHe-ZhRjvHbNxh0GH5VHwPYdw2d0rI1SPJPaqJk84TC05KNcvI6HCxzAU53evRcVUy-OV5pt1McW3CMYS525J3nIeehnHPozZ93tJ3KyF0rLjNc2aYVCaT1NBnQXAAV0CcuS9kU2fECMmxL3VfAj9qXWSnEbNEPCj9CBECbROasnsgQCc6XYYYr43cAJ4VEOWvJ_NPoTlv2nuS24s3_GnaChlbnM_e4LMu-qkwNt6FoZtFIbWPMgX6ho5kArOE4hAnhuBPrXozWaUEzaxF-zH8c-WPRt4PrHtxTtKE---MUYaqmTOqamJcF8V3Hoz70qbyaGwAxXLu9U4WWvwArmqvCVJoadYKwk4zhlrsATpbHkKaP6ob8V6dYxjGFef2I8RqjueQfuPDybpis7N7vdWS6wzbas1MvSCA0E7EejDJ6qLOlOjjntyRSalyzstsSp5dL0_V7jdsItSTkqJHTd9fNJEPjNNyAgv5F9NsFo4wrQ5VZcZoZ11MNwqXud-WvWgVhmrh9O1rZDVqD-N1ACe7ZuqVMfDxkQ3ottfdb4aE1VFr7B7w_mRspDFKNJHQ5KkQUaUW9UhMt8-Ja-Jx4r_kOF8SqZ9gX3wYXAK1XX8jlcKS4BBCrp69VyJNavkRuMU0CsDjUhs1oxd1sMOHV7m4WZUp1tR6LCFbB9HDEfUYBLvZ8IJo1lK-yalSbu2ZA3xpdlV2iXBikf5LlANa1-WBvfkECIK7IoDsLtA6cxPhsy-6TE9z8YQ8Yjl8lOxxJZmBAabozDlUHAySW4TpNq1OONUK02fkrOcJrrdI3mNpJzZ1i1hnhPSkJvAfBBHVizpKg3wQLBe5ubXlQ2sgobVjde-JOcO5Cz5-FeaU1KFAkz91t1x0iOkCptL7iEowLTIau3_mtaFNfOyMHg4O9PPyTZCCCqXPVnY31Yuz7Y4S4MrX2CffdDjyeo6syT3W033HcPKu0w9pM9Fw30w5JgaQ-cxnml7g_i_BDXCKnB-1A0sEkQjvBbfa25EeDPTokomcNrgD56p_JRuUeWdhUQiyU_Zqljf49cHjEvfoJgpWTakpMXbjIaRilmI19uTRLW_KuhmTG7c_b78d2F6kzVRzNmyulOwqpkEJgOoo4kNvyJKQfBzCvEum0N4iVkAqKTA6x9jd3SLoOxbrxWJ3GP8CXSy3Fkaa9as1234j2SdacJm6mkdvCnekXNZisDqzdcUNY3wkzUVsYzr79SH7F1jdGrPJmHCE_1TbioPeiPHLvhkR0b9wajvLz75Y8EHNawMTj8k3ehazU4x9mgTDqeDNehNciiwuF8CMkavntfo5JQ2buQTbyIKFhPkzcyS--eJygWKyS_9mX5BcEqQOg31LwmEd9vPiQ62Efwm3RWJDeodt_pnBv_iAbamaMUx3h30C8dfLdIZB5oPAuj7PwnHXH8JJuLg01ZKqI60QsB1tagUv9wxYrAHy13VJRwc9JJNZwcsuqj5epDs3bHvOjD4vf7GGGtd6dZtKQplhA9C9wGCWUk4I6iYNjDvyGF71PaeKjCsN292nzogfN3C6wE4t2gFKHKZj3kj4Lldg_2hC15SGigIABIk5GiHG7I3cYxM6doPDaBKQkURGKN8UJM9VNezbPFqf0dAxeBDYAE&cry=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f157.1e100.net
Software
cafe /
Resource Hash
e9e9d7eae4e53b327d5abfbda5af08b634fde2f8eda3bc490b4b90f2e4667cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21070
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/934251/60616147/ Frame CA2C 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/934251/60616147/skeleton.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6c11cbe7db8518c183dd6c3ff48b05c64b8e90db9259304de19b054bef18ad76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CA2C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:44:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CA2C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:45:22 GMT
l
www.google.com/ads/measurement/ Frame CA2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-u8UuplXCWONnNAFuaU5fUdrbk5jLLRKX_8Q-zuuPs4FdLZVivMPhQAmGKFYeeFPEDxf6VvDc0j6YzNNcbyk3dpNPkg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA2C 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA2C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9XVCuY9Z1tSND3SaAwr4WeM8IWbFbOx_EBK77yz-1mx8_9_MucaXLIqynGQ5470bwoZoCznlELSJlxZQYOQbuMY3twdOQ7tKYF2_uYfKzmvGo-RY
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1283 		632 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNUYnlI49VqBM8ESArH7AzExy4SxDmaeR5NVQpey1cktymIGLc4kNZ8Il95tjYK7yiPlYCzIvRN5E5slI6F2r-RSZs3fyf3BUEwmRtgxZPG6_n3nSPo
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BD80 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMSNJhmx12cO2ZIE9cwaKdgphZJEPqXn0MOxbvvJeKCzyiNKqqNCrfGGLk0Zdp_Smt10F6Yovz4RuxVZez4ZB-x4icx8ztautZ4S9VIwD-Dzpbcpof_a1dBvshwM4KTQcZoDqr9OziFt2FhTIICfrK6F8INg&cry=1&dbm_d=AKAmf-DM6p_lsQx-nkYFWTnyuVQ6bk8Tp72ayNbSP7__QWY3CYt1STuARoro-Hki3aKsibDFnq_7gjT0GDyUSCOMqzQfoPcMEuoK5FsHZa-Bkbqy2hP3LhDegwtHoqQ9_Rh0avfFr8nfXk5HftJnjAfiXoRnir295EwYDx2FCPZbwIsOysGRSariLo4jbWktJ3MKfJX-Rr6hsC8Dh2x7XPhjFOHa2KUYG28EulZz0VxpddfK6Oe9agn_x3uCdGoLNPYAhCyO2H8fh6QkaOzv1NvtPSFRx4lV5UUwOIntL9CXdTlOm3Vwnkzc51QpKHVXVPBZ6WaZb7NvMhm88Ie7ERjpDA6hUhfTMTCEAAaNgSRw0YoSzFkGP0LrYlga9GP4HQYWYdpBA56dhB95UyBt2n5JTuwv3a2P4MKYN17GaQxt5wS_rOr9FP84iPn0a9Jm6a_RLpotoWTftctNxSGJoIJQrTrmMF9vPVwct1tBKZpLNDvezWfs8B-QCI2j3blD57CVEnDgZ8jX2SWMizOdY3MOQ8dkcR_FuaMZOPFzWhutNyLrrmYgKRuMbaX7JFdltkTNk5_zfN3cNAoCxYrahyQykaB99wSrkOrR2os4DV-V2SbGKfeMTX6kSPquILJ9jbLqx2EusIrqi2rbIfbrERWgRik2VeHbRBGEcnSyz68rbOzRSUowcIlwB2qFtoVwkXzOkFOQD6ey-N6qkht_fkc-3AZ6Sw6tNfuEDiX0sIiTB9R5w3mgVoPQN2lyRudGiIzQSmF4kh6FnXcLp49sfNXDx52_CjiL7J94OwXzP43XNOl5tmyf3uoecOBO-R5nJ-Dtdlvba4Tm-0oNeN1jkBpbe7jJkYBNX4O9Mxnt-Ms74OX0oaOGB7-K-uTENqCMLxNlMa0HXStMSZgSR7oW6CUpl5bRxJFDZOH482FfE_GEtJ8hMGZFY61xnU6ghcBavRSDVWHIbgXHc5UNlc9TqJ_J6tk47IiOsYe19_N09xzzdnT5U0zHl6bV8qX4c5jNNyCmsqKyVLkCMUJ5uwXnCHBXFOLFyPI2uxni2EEBuLK4enQzwhSgtSCyE5-I__oON8qz8bCdt_dA4Cgt7yYQXCRV-7bykGCBLyiDST3Dkx6OLjl7gmCTDxruuyPzUtbFo82CRto0ztqaZHUDJOHns5lnOXp7kt-sjBYJaeIg6aABdegvg5ubwuOFG3QAxRXYd7Tzg7EmiB9yjA6zSlSx--4Y8PKfbDKeeVnRw0HziMt7r3EaAVxrc5WBawa77Rt5e9TTD_ZuWIgcIn_R5nEDobiBTQYdY40bGEqc2e4h3MJMDEcEAk7juEerDllw0bzAZUF3MqaefHRE-LCBYfIcuEnYyFN-IsdqVyFZtJsn283daFq__8pm-DGpdx-wbrGE1R8vnlvVDXor7nGjrofKpNvm_xsAjxeyPbAyIRPOfikJATDgT8m15wptsSa5TZpmtt0E0vbTYIXVw--XT8ujmulxwqkRdFiFBy8eWueoUUR-dbkvhkw0sckV1NkRk3HvAX_XvCxtFwRybgyPCgULJglJEK6vvRecDit0xJ_J0jCEfT5mOfppyscU-sFWAPA4tqpBYjUmQiMt5EHzajvbYZtSxWuXmp-43QNRtHwnnnSLmLID-Ggvw_TNxoE4tKJWLfiluTRSNRPfPlrApEFyIJiP48mMv_I7YG5UfNvxRWt5Jw17jVwb0Vl9nZ8aCaJPldijLI1sAyTRA7u48quvcpF6mrYJ0W58L-LNS3gQUcgXbINajVNQDQ027J_M0UguOtQz5nVRNXbkI5EVk4DfsgWGcXyND60zhSfqQSOyQ9Xbon8DSp0tNsiFaB2KpGNYA9Q7C8Df4RbJEhljpoNVgMS9WQMiTdc_02eog_mmL6OD58CscYccFICCkC_xCkF8XsttTXno3s2h6KHG61qAcmkNOiEPVZWHSjFv1Bky8jlw-kPVVtDoMmD7RKyUvHc0B3Lyr_sLvxIwdS2wTILahSU6iMJShjtmJ-yOGxV7p_Xv7m_GY9domhtx19lAXjHSnIdfF14EBcK3ru-qqAN6Z4Gpa520kb406DZootUUpxQ1S80lhsElQpiZQPSCy8a-CJxE5i3tpulHq3utCWMuf9yeDwRJtFoNr7bsqLJ-3o0fjHVWpiEJAd5Ch_u6qwxtUoux0tihRwqM4FGZlYl-nPNIDgv-oml2opA_cHi0dkYficNcL2Voug1NWrujjXayJ1aN-mpqUFgn5McFG50reu6Cqu4c6APhVpk9CR0r_do9kYmLk7l1WuXqPGIjJNmfgTN1U3wEfW9UNvc1lkSvGJ6LiT4EKFRlitkwPy7vMI92amo295ww0wpQbWbWUIcurQYQ51TQKkjdUZIrkQ-nu4c_L-8jt2FeU6VAebfSuiTuZEyCNOz1ekoLveGV5ZjW5UmYWDz4U0uy0ta_joU0l-yBsEHEfyOrRPgOF-roumISL4fsl-hIy-vS3vYcnM7Ol2Da1DnU-txRv6aDTnZCMHTrfXUpLFGVuPX-qcyDWe6TeXi5CjEnvh7R6wiB9hVHn1YhgroR30tTLTVlnQiG1epRbQMyHFeFb-PCALovwCeUBJE5Cl0tAz8LSb5_iPfviw2Gm9nVcHg_GilNj2tK6Jv198V_k6m6SbGQflf2EjHmkYGzlATrCjrdA_dF3x5zvRr0hAP5FrJR8b5_tjJh_zq2yGhmnL5jHR_HoIz3DxKJID_w_ad6LUc4g7uvn1Rx-JEoSXXqfpSqQ7oSHzr_AcsNZD4GZLOZdbWl_XBh4klPOYu6ZazGvgleZCfQCv-6n7wgitI2D9WZ6BS0C9RG9y1lANuytUktqR3V5qAAdv4MLjliiyESR_BQMvuVw90AaF4AKMzJ-U8eLqqPihbOcqvGldeS5POoYX-UNZZQe6FJlzcu3M-NHqU&cid=CAASJORozw2VWLA2CLlWmCpkPNFBnbV5YQ4wp0Z_5ISpDbj1SMS65w&rfl=1%2Chttps%253A%252F%252Fwww.dealnews.com%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6359a946669a7fe6861ffc3a0d3b4c65e97a209f82fcf3db2f9de00eeb209e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame BD80 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaqZ6V3321ZRElqOOLq_hLkttvT86EOKnmk5Wz_loPOv0DYzY&d=CokBAKAmf-CiRqRz8DYcbIxCTfuipWu8z3MZpq73PE6EpbMxw7ZvfXCf3jjOYy2AL1E1tOaRoRg7WZ7hyXkWl4f2_pKHGx0sczJOLQ-eJEAhvpj7SLzxidep8mt3tmMt6prRp9UWn25lsEXKkEH0zIEztEkjyf8LcwzrYjKXuwIcmHrcZi8y76l-JjQS6RMAoCZ_4D3rViSsCDEm2JTfljv4MDSkQZSnZAxCVSgYxNO7poDKKFxXSbzw2II56yYtUNQNASTjYMSNQgRfX9SBlvK6wYVI9GAHeGeINOZqJqUX3JtHZRyn_ZcIRtRHj_zZIoJoSYQtsxl3rC8N5--ACMBRvXfB6aMkFndgyQWiZMEAMkl5tKWzsHIMrnxXYpYm_YRmHXM9EMlaM0MQPOUUMtb7HQeWrG85XYfyzvqCn0Cprvu3WZZ1MuhfHTT3U4gr6B0nTXURUg5teuGgvzAIDp_DbxyMxDd1fS0_JhsN6P5qWiZgf38P1z3XzS3spPGpsq4CkaDAw4lfyR5yqJn7VKMLQ8pvQzQJeUrnomQUfEUabi_B2BA-JMKn_lN6Lp0eGC1iNcpUQxL8TUBywvg6vYMEV_4nkafgja2EaYIHu-mnxjVXEhnCHDrnfRVdSKPxOFVAjHhJ8-b5CNc6SXEz7vSLpjFzjsqftrzvEH_vDfu8SCnpdCho9GtSTZLJLAhEK3jKZBVVc3NjDgoRBtfsIzk0WIoQkAcQp3_v1xhAMYPQm3uiSRaSjrcLl0lyFP7EA-Y6z_xAzvBKdeGX6FZs6e5JRmabG9zCECIhHmHwvhZ80p_Wd2QXFULjIXHws-Rpee-rdXQv9jqK844yDQbc7Ot5pILSYVrcU0CafWfONDfQ-Jv4MPamkwexVXmb4WEHIGgxeX84NvEFeJC6nzi885d1Sg0JJiTLCY4BRFwvCMM_ckyvDOUDpb-XpWqH3yO46FClA5VJIj_J6qR6CCaAX3qI61x4hqegBnhg642bzItvBKANxsrzraZ_0-QOx8LV5m9RglCWIuof_jWtD_YBat8zAWDN3kN5dDvAbKVErA_o2XasoqfWIrd-arRc1u8W9d0bg-6tWD9OP8_bEUuiK2yFfrZyuRsJeghYz7MsOShHVQ_oqBOyDooeViPo8PQuZn-coyQdjWBgR-iC7-BtwyYeIbvT-Q-b5E3T40hJUOnI8Syp8eriDGIJ9Q4zbOGemV6qdZDcW1hOtKS5mE6nYlIQh5WGokDBA0oOAZRWDQtLfklKzDRNZvZ_gXOga3GviP30QFTqaVXStAdbLRQYbd53c6JYTih2fQrA1efe3ogHqSllpnfCpYpdpszA1UI2l_wOTxUzXsCa607ucI51Xfa3XC8DL2cfjt7rYCH8SVXFmCtzO8IW9JyXo7m-bNbpeub3qoTEYru_3E2uJDZ0iQSw3QTO8eiLYlAo4Vt93rvyhQiLrWfn6VLpF9yJb8fghkxlnYTyqari3FBlv8ZH7k7Yz95pXcR7pYK8akIc61sDb9HUD3AdbNad-sCj1fOgtzGEPLdITmLEwGJBWRmdt8G_1ttHsg-IveMtkVFGOPkzgRGdHPUvphm87ffJnO_BuUlH7xYL0D1qBPqGtujnt2Ul1cMIVVrivf5WkHUGMoJlJ3RqUn-adOmTJUB6UJoN3IMCVHbgGCr3hl0JaZ_D-AIB3p61_4BCmCBwF2Fd7mU3-vfayWk_l_XqKMGGHpiEgEmeOfqoGiGWblfcSegQ0MkWULSvmexnbBwtlKvy25pxMnmXs-qZpyJiI1dyLIxzKyJ09IybMvhmz3KbiUPOZAHmzUeuea_5UcT-jXVvY8Wt7qbIXCp5vQYn-GsazIH1FWtUJjX1xbFGWY-Um7cqD2TBeyWVDqIuPFxI1AP2QyvmXrwo4CSRzctt_iqKjGrjy_sFm0_OMtBxpdSh6qP3xnQ_JwLZksWjznEiyPXOWVsabDnM9d71aOYcLF9D6hPEa1Pp72d_Yxo98aWXq70_H-ZCw8rcgkMQq2VczIP0SCv92yLs6bv_fSmGTOreOqddvt4o-wbnBOf662MmxXTbzF8BXu748UDyKpnCQOQ4hpkDqDrAcEQHiB1K2Ye9a3o16F3vIF4emkQ4_KTIUouvmqQ94tUXtjAB_yXAYoLIdljfhzkgQmqwCJOL3qGYfthkgXTXpQsqxGjO4PZDXm3PSXQQn4Wp9FwGbwKtdhTkw-IuYAPFC3pWvx7VzY2AysSjyP0yc6WT-AD3UqWshy-2U_J-bOj_2GUUpFNMdhxuz7fxnoA702cRpKKcWQ7-BB97v7X2PsG70PmpNTP9VUe8ByDV3LXa95_uIcF45ljl5YbDGarxdbRfg5DPfyPtO9_14WdsJDwC_NR9A8rt8UQao-ZbobOKDube5f0ezPVnbWpPBEPOCDV1h4wip06MRXxzuhBuwlRZAVM379RHQEB8nSoZ7bImPNHmwGaxnEQj1AgdlIEIe9mzg_e2ZhR593ZmRvSFaUKS4UFY13sppHxr1TKghsYZPk0hLa3oraEIKayYaSxsIHg4ETX3UeQ2lsZpEkNZ9Qm8DP_lnTZO0Pp-CfHcslrC1tgKOUuYozSctnrUos1G9AsgOMHCmX01u5lNMwjU5M-kG99z9fh0exGTTaZZegH33N2r0fYLEuR6d01yoJpuNCZnvVeTL90VphYO6-3hGdi8VFJO3g8psdzlY5MZzWoObFCrQ2LwZNGGP_sP7XL3xAjeRk2ux0KPOAnUJcqeHykZy4DvBg53EmDtf0DXK9cQWPOgJBjokdq-fbQhFdzs5fzV3QyY8XYLgDM4naAkWAy1_2XdU6sJwC97UbsVRVLnx40dvDJ7CLvgU383mf87UD8Vl-GgHwlP9GBVxrigC7k2l_C6Xn-V_SvW9haLnI_Osjf7aO8fXO0JI-3zQRDDKEqoc3ipIxbWrXBJirZqaCFSQxP7NWlNjA4MhspLU9ViKSPhO5MdL2f3nx6vf2nF8n88NIVV6xUdDoulKLbQ2S2tDONeyPqbWsahb4rGpeg__h6AIIvxPzMEz75vvmDu7mjBvYcfdJXVrQYEWZGIqlVF_RZKcX2cGWxSTuCMmZe6OW4o83j_Aqk6_P3I7oCYb95TVtKaoHNkESiPl-qIdTK7dUivXba-J89uMcHlRJ2SNtLbj-5v6ncnqGLhX_-uFekbXWbaoRJhEhRqQp6ki4IncQxl5TQ5WQab96YewIR9RzEOfYwmGW8Q-BX2rksxwZHJZFJH0G2KanDEE9TA7fI2wuk0q5bwon-IGY_d37-C-i2wcVp5yPmBDXV4whsKSmCB8ngepyJ14T7MeCF2lxiiv18TvrgOhD32nFxGPpS2eQ1sdwcsHsfafLzRkp0Z_-zDQVA1niKQkUwENAd6Tt3JFJ_ELP9njkS06aUzd0Gbzz-lpNrLh_wNDWlvi66_MwItslR7xGM2vJ-5V5ZXPC4HZPynnCOmjH185JMVrgHZ_J67w8-F1DCzCeX16XhWZMCAITaN_75sKAnk16PsEMX20IV_yQhnJ95s21uI0spqDmUv4tzMyiNs1j5NsX4Jgw1achooCAASJORozw2VWLA2CLlWmCpkPNFBnbV5YQ4wp0Z_5ISpDbj1SMS652AB&cry=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f157.1e100.net
Software
cafe /
Resource Hash
9ac5f857840943d931357218d3d9d852559b9fd973b61692a5732fcef9f9021c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21085
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/934251/60616147/ Frame BD80 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/934251/60616147/skeleton.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2bb633ffb290f5dab728c738305527ed750351cc5159089a7b354459b7e13b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame BD80 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:44:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame BD80 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:45:22 GMT
l
www.google.com/ads/measurement/ Frame BD80 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwJ6GfBSK6ugJW5JNZ1YvBOBeSy2z7bhvxblD9ahRfAtCdwZSVzmWw41HocwgBCEvV8MuCw3xwtLhA5uQB780580hTUg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD80 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD80 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkeEJFCI0jUvvj_HgrY-x1wn_goMrM4l0NgX1bjMCPgcUwtmutAJ7uUJl4LFpAEpgf-kYLmcmGRTWQvrhRYmCRRF2yHVCb2WKhBm99n6W2Jt-gAPY
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B263 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-aHFBnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIACT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgCLLjyaCBRQQIZpCi3gMcnj-dm85qxyH3EHyuKUqy8020sicshFR-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjE2Mzg1Nzk5Mjk1Njk2NBi4zQw&sigh=im4mBWpVJBM&uach_m=[UACH]&cid=CAQSOwCsnQUxPwAb7mte0Cex8zDpZC8OvSuxuph5hT-tGu3OumphhhuVANIgviHciDjD470fx7252szUA1IkGAEgEw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame B263 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jz69d3pkvv5qnmde27ax4jceq4fqv1g89zdstbm2eke0f56rm7nxexty5rct5vzn92krsyc14b3jsm6x80wc8qbv4ntvmf3vx9p1rxgwnak82y8phvgg95hnnfp9w8fgmd4179v7pazwbgk2mkn5gz8jtqmg3bdpfdam367m8jc2ts3r75t21r8d7w2pmvytw8dy2tc2d5vhsfd26fv8qxhz2r2ycbt5e7dmxqqv3sswsv4mzygb12t6sba06av50659z2e7k23wze1tvqjdw2zqmd8wrd99pkjhd6e3y83n399xtj274175xy7md3nxr0rdcg4rxnbfpnx09cj452mz8jmx7vs6ctgt2mbd0zhdn0a2k7ept3sjcnjr95ra59zfmz0xjw1sgca77gmvyg&b=YyRyBgAMYYgH_ZZ4AA58KE_U_vqYMwd_1dR2RQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 75BD 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hcpq9ym0nt9naeqvk6bekrc8h3a9439yd67gk3yrat678jh5hwehvmms3fja2ak5z1p5z9093zahceekyy0bqaz5m8ckpe2hg9qrh3sgd0y5gtrnwpphd6xvf5wga72ept8n48e73dgygmmryrc9z6y94rtrdp3zx983d88ymd5gg96t5r7a8mjrgfqthfxm9ywvjw8dd4gv7thtm0r82p0wqshca5bgm79zbh4dgx579er1ztyqys2zvs8f0ah98sqqsvcm4e2yv89ynky3k2b2wr96tshrsxhk8kwbfnjq3t0yjqqm12x8rnpad11h3qx6m7ktpb0pv8gasp5nphexf1j3aqjcgq1qymqzka1bm28k49d4tvxpmcnm23q0nt6697edbkq8cf32g5csz69dkdmwsp5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%26client%3Dca-pub-6163857992956964%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d62568b8ec77b8986b54e05531d84ba64435646ee535521f0bc189ebe7d55a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74b9c050eaf26922-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B263 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:37:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CCBB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1426
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Sat, 17 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame B263 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:19:00 GMT
l
www.google.com/ads/measurement/ Frame B263 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5V1s99580JMh2hcmCfNIck6NEFytvqXQPKNwaBxptcSMlLmYHBmMKLqghQJhcw3F3C4MUuddAIYvAozMqYLyjo79rgQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B263 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 09:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Sep 2023 09:55:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B263 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:31 GMT
init
gw.geoedge.be/api/ Frame 7864 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
init
gw.geoedge.be/api/ Frame CE94 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
init
gw.geoedge.be/api/ Frame CAA0 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8F7E 		632 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY6Nbp0QEwAQ&v=APEucNWe7zX8ur8w4-pbzdvapwt0X8ATjOP0vAXlyu71F2nC0JhoYJh3feFuINUOGV9pysULCsxy7K9AJH0kA-1ErPuMjEBz-eTvu8B9KrPmsJhgEdGvpnw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 7864 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-PuF6iMxQTZMQdMa0RCamJdsr55QJd8h5dhpY4FbTTiHRg4dp8rji2I7XyiM5UHEUUZIkIRxbwqCPVx6s6NAkvJVCy0YUNr_g0tjeg4bo2-14pwC6ifVzlnb-suT6L1fOn8u0UoEv1eO162F25_4KKmQTKCGExhPVEDHLvsqjdqhl6EE&cry=1&dbm_d=AKAmf-CjYwQIczOo7lp3fO9gMPBOeamcU3pnzzCKSXxVUOayEiBuE74maXpXpPdzHLQTCLWuZs-CbrHvVSPrxHFswDHoCBZpOYa8trlip03nDXW_sKIeKO6lvj4Z9PbYSTHXD3t3Z_5G_0Xb-u3pBo1-cz_qQIpGX6qe628Y23pOGbSvY7Mh3yPmM_oCibtNKxIrH2p5HnVOQAxhdcM1Iis2X2S3inp9NsIPA4JnvpRGWH4c1KioHIjRoI6PqnP5rhMTkd22hxb1CeMXCmLm8IutGEQ4Z7ug9QbBl734FHZqJamqi8mE0g7ooPVTcz1veVYvjNnZCpLTDUujj54aa3RH__k7lnNRI-sB3ZA0Q8tryzfml5cC3j2vXNu88DBRBz7PPsFsIgOf28LJvTluvtUKp7Hsq_iVh7UvhBo8Lnt5dvKg-fwnq_-KwEJbLqRhZ_cxhJbAX2TIyVCWqnvwOVT08fdvYSRJrAakArQ_HrbMHHdTUdHnIRwLtK7P8u0OeeJv8BZloTP7sSO1QjXpK7uWshq0Y2tmvpprbFIn5_K3p0YLornF6cYrgRSM5OGgo27mL6QJjWkq9VRK_MG-tAhgDmZxD9eDmQ_WRVdFHNTG3WyTl619EtXIpnin9C3oosOK22ceIUi0vApFicy_MKjiAcDLJKPHS40W07W1CmGmnxS2IJrxtsoY60QCpRRQTejKZMhSaQMCZr5gtNKYtXQqI4ykk_h8aR3R54C518e8xWpy2w00UfelYRNWIOjY4DLvWbT2d8ybhPHfLv4fsi97a3wIb-6krDNFUD-ryg-5_bQEfQyiXk--GNK9hGqzYqpf1ywZydMVdP3d8t2mh8NEBTyuo-9Ck56P6vtOU1YQV3MIfwEGZMF9RW1lMoG-4HJJzksnlgCUBJwNFk2jQGLZgCdewhVmVAmkPdgjiG74VwpnT6Ej-Ie0dAga9G9sSKsGdo4RPTMbdFEkiaf9OLy3-5NFLXU5Wwi-D7qOXw-fmySL2OMy3d2ufl8mQY9Kk5z2_B3lXSdDrSevG0M965gWlW0FViCfej4CCP80FlD-Xw51tfK4hVMjLP2o5t6HAFBrFFtYYIiVzr-e1Kv0VxR4SVO98qcI8YW8OT43Ev_hSutX5JDfyACtTuErzrl0tjUrvm5djjeumqttqIxf1UxRv5WpwUavv2kAbUu9-vxj1Xu2GFbfGO-0XMRUOi_P5v5Pj4dgBXwY0s3uz9Ue2Q175nWmpcXi-CDwjbpIp3tUDi60Ru7Q4a92QbLiCQmCDgiYA5BZq4yiNpzFr0iPS8aySedutCTYHleBVWrcHSxWgInnIcorhR70UhiO8CRTD5gZn4TYifIQHfObboDFnL27shuf6P1y5oy4aM68EOu7c13eKbWSbbsXYxZ82j-wIz7Ryin69xsbLr8fdjLrhM46bz_LJpoqZbEdduP9u9yh-qGHLeNAvsnd8Xyo4QYQp-WbDtw3xYrBNwblDU5WrcrZ24d-RBf1IxozYhfiMfaMlnsz0kLteOyVf7pq07SZHi7-Hdq1hl8G4D6qssYo6sA2iSZ9V6zRBbivX7WOZ4xNpD0jvhnvVPpSYJMSlfCzHpH3FtJxzsOoaF2K234Q1nEXft7CxZQnbmfapCvyyKi0snwarWEe3fk5XObG8PPYzLBc_dB1A4Zg5N2uIMTxYrSb9vyWdLLQVpmo3B7j0wueYXHh5e-ZeASAL3T45IR1zO54De9A9Dm9b3wzeY0WgK5YwGUfdrzjHpg7mZIvOZhLtN4erbMVn-b5CbKDcHxqHwU4f_N39BU0bjWzaw7ytgp5F3xhiVRlx_uV7ycURWCuILLb_7brNiaMIuXhmHT0ls4N26cVSnw1rizNeIgyX5PdHIk_xmKafrBTfsEb84mZqoElqn8lO7unaGfNuupphGinntJvuQ19FDW1dV7DdtOOnsX5p3H__B9K1xwRupAtyX73hN_hyTEXOYYrGJALGSEFEz8lrbwnRfWEEKFZdFLKZNdOyLQIZWX6CyoC51nsWivE2rdMDCIyGUcecPhHPbJHWPqWEs0Q_Rd-yCbJhtiwSA0lNNVj_YzT7dJlQKDERdtus91z9EvjLkSRmLZlSU6e4MlLddC0jchgnG-H1RWas31dsEp3eBruuzFfTr9dv2Y8o2TwvUhxABUxMpJeZHbsi_tGgiKfWxpwCkpEJVOZDkGmODTNWEZoSBMHAy7xqK6UF97fkctINLZNgKFWkkKllvmDewh27bNnRvXvODlPHmyKFHKc4lXxQ672PwTaCYb5k6EYxDx-vJ4khM5YR69RRsH_DG5ee9G9DI2q-3w_bM-T624uce7mtspavZvTG3o1uOXZ8eEuoPUADrq_hl5Ns9vBRGnfj-OrwMzLMnqngABT4rZv_dtePeeZHaZC0ShgJ1MiUqt5Pa8exXDRM-oahIPFoam4YtZvQ1OW4gHoSrjsJqdCdG05ySIBqb1zErDEW50Hehjo63HX8n0s73h4hsJ32YzhT_mL2XuhcTRFXXWlXGi29KOqnZH1Yjbwp3iYeqkj_S6oVTe9JY3nOB7vWpPWH1__3nQJ2YeUZmoZ9QsDClon6FfaUJBYb9EGXiI6elkjPWGpIAMc8_p_pjfBeC1eSM2Zsss53XUuRujcQjr1chORkOMuA2apb8ZzxJjpS1MLbG96ji03HLB_hTsCza_HU2AF8-1P4YCvozswkoRdhxO7atzZud8gbBb0k7K4bIhajOF0mgCv2fpcH3J10I4mBqaVWb694vcCazkl06VCJawksGYSYchVtrrB5sa4cfYaqIe6qOxkRTfuVAcZ57tiCISlemp7pVHW1eYPatGFiTyxoIFIIlb6kDUgZcQ-wcfWAFjHVTdL34IYRIyACOvzeHGK-pP5MIi94UB8gHBrdMxLSxopIyfzeZmjR8orlM6z68G4NZOvyf7fY2YAWoWxCh4gp1-NmEG9b4XEKN3nl27-rHxZd1CYtA4y_mIL7vEHxB4bL3uanOC-R_wJKZP5tBegUQ20sf84vdCvaZ_oUg_2hWCl4qwzEqYFHILGTr5pg5b3JnWcForh9Fxw6-KZteDo6S5qIJjlLcKpF82UfHXWHWuNaVyW0o30HYvnYhiwRUaEO6i-BnA8xbAl6f2sPzhAwUCi-Id-6MofwJInJRwW1nrKBVmWHP6Dan6N1ktHAKYwEaGd-VpGw1vuZnnadBNjaO9EY0iro_AJ0g_mCo-Zfjg4weqXNKXW8V7rWKoqJ8Am_dvuwI5_bE2FoefHO1L2_r0BvOGKnp8oZm-_gXDMq9oApI6zg315ECQe7Fb8QBnal6b12LCnKszz4ZUaeBgb58r-sbWD13SZ3Go6rzx33Dr_AzQ1sbdp1ylhjQaL3oU&cid=CAASJORoBYYegFXP_epzL4tF6Ztx2WtCetzGEu25DWATUXBB6cb_aw&rfl=1%2Chttps%253A%252F%252Fwww.dealnews.com%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
300657b2d0d4646f5602ebee56021bd347f6cde1e7cbdc12632d99cabad5a375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16917
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 7864 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=57389660;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17045810788&extPm=17045810788&extCr=440036200&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CQa0xBnIkY4vDMfis9u8PqPi5oAaeq9DGa_zktp-tEI2Y0Jq5JBABIIiAvxRglYKAgLAHoAGR_tGiA8gBCakCN0lTkaS1sD6oAwGqBPwBT9BlD0Kf1fViTht7v_0po9DG52j-tHIJasiD4TPV6yA6K-ZoifpusPn7yENmu4NT0RAevLqYH6YoDx58yQSmwJeJ_NYfeng4z8UDcbyT64azCQcjrIdrjqJ58N7lCazHIq8XCYQX4MU0qXTyYHHIWq4H0Vr2U1JjHzsUKBZ6RsTPBvGN-Ic5_Mp8laGewFs1uKhueNJu-roMMoxQ2flp7_6Crx2_bsvMBn0qi67AMtVR9EONzuUzVdcf0DX1UbLiU3-NKozXAEYg7APr5m2R6xGBv0xJE-9q6ON-Pb4dnQ3UHUEO5HasVEAoPKq-dNWZ3iEbexHFfCruX3hlwATGv6vw9QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi00NDU3Njk3ODU2NDQ5NzkxgAoDmAsByAsBgAwBsBOGuLEQ0BMA2BMK2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAASJORoBYYegFXP_epzL4tF6Ztx2WtCetzGEu25DWATUXBB6cb_aw&sig=AOD64_3__MsBMvU67r8iRObyuztO3rPCNw&client=ca-pub-6163857992956964&dbm_c=AKAmf-CCA9zmp-pVPjo04liD36Ki9P8UQUdChSPurX6LvDX_NUFvGpxyXVziTC6pHArZbhY2n6GOSW6DIaBTw2suoS8IsoUirr8-lBqZY7uY3ehiC1qdZmVCfzeV3Dq_950ZNt3HS0wRwEglt7u9fYf6jHuV77FEsHQmJPb7udXC6IEFxh2BELU&cry=1&dbm_d=AKAmf-Ad8h3KDC5dMAz5nGaz2Kt7ipkC3zDOkuTqAIg6T_sq7KSONCnDlg_awMosA-I0kw8t2EDl_KQGtVzt_xtZNWEAYWSrLa71B4Ldf6HTTJOeYRefuBzKPGqLlbqk--UkGB4msd4SfGsxd5IhuJCVNy6as5nbEWX-BfCDuA5P0VYKWUsfd631Vd-6FcZpv06MI9l6f8NgdEP9MDnEZn2SpoTp_N0NTPYG7C_l464WnH0sO2jCsxSVvaaeC7jn30Ea8KbtT-QwS0shnWVSICrnAF8hYy5s-OCfU7rpBG12XxmUA2qrP98H8TWQeqPXLfXWgWuRulZdeSAt0wOFgj1B8UTh5MU3iFcCx1hto73NP2MnKbjN-P220Vu2E7LudXveVXh4BUYuNq_XMY6l0eKF9C7hdYnFaLjLhuuOEqAJ7wfP1oh04uTxqZDHtTSWsXM7xRwcxGykwlc6FzOSj6Nld4U-Y3407yulLJOlouvZdld9_NkZLBregCe5KXAwfvusXYtWZNfjMVx4kfY2wpofDz3ZHAueNg&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6a1f8efb8aa6dd48ef00b4e7d36831ac198e998309189d8777f712725bcf83e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2773
expires
-1
ai.aspx
m.exactag.com/ Frame 7864 		43 B
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17045810788&extPm=17045810788&extCr=440036200&rnd=1663332870811403
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
X-ET-Code
11
Last-Modified
Fr, 16 Sep 2022 12:54:31 GMT
Date
Fri, 16 Sep 2022 12:54:30 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1756
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7864 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:37:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7864 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:19:00 GMT
l
www.google.com/ads/measurement/ Frame 7864 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAE72Y3zcqKYZ-EvR8m0T1A0a5da31aunU5KJ2iRXddvwqlHHB5PnqeRqtqKLEJ-dAJS2INrvJ6qyG9ArLw7SOGY5jNw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7864 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7864 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSB1hUQ06iRzzHaoQlBcZ8u-eFzqT267WDTZ90ZWBgb70zneVJSulURjm5fn2EYVcBiRuXutZL1LyGUFiwyiAZSzIUzV4XaAgwTrQoJzDqOUWk_Yg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.pubgalaxy.com/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=pbs&gdpr=0&gdpr_consent=&us_privacy=1---&callback_url=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dbetween%26gdpr%3D0%26gdpr_consent%...
  • https://ads.betweendigital.com/match?bidder_id=pbs&gdpr=0&gdpr_consent=&us_privacy=1---&callback_url=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dbetween%26gdpr%3D0%26gdpr_consent%...
  • https://prebid-server.pubgalaxy.com/setuid?bidder=between&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}&f=i&uid=ad23cf2e-fb2c-5203-964d-4239f569303e
86 B
683 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.pubgalaxy.com/setuid?bidder=between&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}&f=i&uid=ad23cf2e-fb2c-5203-964d-4239f569303e
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Server
35.173.165.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-165-253.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

location
https://prebid-server.pubgalaxy.com/setuid?bidder=between&gdpr=0&gdpr_consent=&us_privacy={{us_privacy}&f=i&uid=ad23cf2e-fb2c-5203-964d-4239f569303e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5FB0 		632 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXszpWpnZhGMrM7zmWKvDqdOEjUNrogqtjFA0_KR_EP2oY75d4eLHIP-RHTJMJgdlBw1PibDiTPgvlwIBFyVPyq8qf4i8qlrkMAjD1Yx7E3RcK3RUw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CE94 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWywbdT07H0LR2lmdREJA4dmOfK_6R1F7zDVhG-Mv-kenUXW9neqcsPy5UmOrKuZfR7OSHRfo86X3pI_3to6YPDd9ArcoGBgmyAgBep39_fZL7aJoHfcH2QHg0dN0A_7eKf2gQabAcbuvzIcT_j6zDi9jWTA&dbm_d=AKAmf-DKXuIYexMy0N9zP_YZXLX38uABG5Vv2hRgV8qDQZ_hk1ac_IRIFY607QnDDB-R4mFaN4M2t36fJ3wV7yxmaqNpgNtyYaLtkZnIy3QxLvX1Fqm_9FUtmWytSVskZStiFf4szq0AtWCfy0XtKoF1NoaxEDyrcNPdnUOc_tRlJYU331lF8kkGdiTtycHgJ8ZRFo_NW8Ir9hNmQrz1ypLqNSUiLw218DCaen2rAjenuEFmNOooi5O6d9coH3RMh5geVg9MZJsSnnwkj8Y4YDks2czLL5dEyZn-xEq_xrosJzO3eRaTcF0PdfC8I34OsC6PITdnCjpmXaDPp2014kNexS-EGPb-FU0MJvu7hj4FGXnpDpkqTdm2FdYM2UZFU5NlpylCSrji6_snlHCKHln2joj-sl8HLeGecuEVdyT56-ZTJj2HIMps88sCkZ0C1tyfTfASIKNz7CbPEreBm1zhnZdaeNpG_5gMcspbMHtZ38AXaMVXyFr7mGuWcrt2llfQWJQKaDM_q-Sbb5np7fYCNi0vZiW9zylmrZ4ShpL9rNHd0BCjfbICdJF7aogF8wq1nUNqAHbaiWXgMZjkZ1GQy2JuNz9kWPmZ5E3-DKsaAVU_s203FhWE6XrA-gzheD9pByEG43BA8OcSF665oRPFpmji4a3Iti45hueuTgOitLk-OMcmdQfLlXaMZTLaOqkzlJU8Hn9MVCb2n3LZY_Wfi65wtgjKJhj98TcRgyKwb6gjCwFJQ3Hx43vyQV_wLosIwh2etOAZ9f6LMpNlvLa2al8_es4rxrV3D1WmPAOQ2FIPPZZOHmc8H1_yC9zDJTuA5DzbcGNi9pFxABrJa9cMGskjPDcuxFQDCWKLaD8CBmD9x9R-Nnrc0WaEFMpReTx5hII1e8K54qQ1sBuyjmHfs2lR_lAfFAtGzsron1plooXxKs5I-BCZdUE32U3O1Tgq5QpThfd54vbjebalgVUtvT7t77NZ4vZKniKnTclcl2pjGOHdglxTAtU-JHHA-V0UY0ayGRnYakDm6wnmRf1sBB1_ey46sD_uS4mjHzb_f7hu5SQcVCj_SCzTvg0_JovdGwq33c58Ox0iVtgJc9AwtQQbP7cIdWhf9H4hOiMP0t_KCJsqw8xKaS5Q8jc5dya5MsNBPzroD35_5l_8r1XQdaX-FNK2Xxvu6AGLrCFQdjuhqnvdDheARbEUffqqTfVbIJDUcUkmT_LOo62Juk8WebnQ_zdhsXsXRu9HLMAitb_iiOe-fSrIOTZKL2GCIqd1aa6FLrrOghe4dAIxdhqunPw48r45XpsA0BSSqy4u1dBShcZZ3_dfJSgmiFDvTQQj6XRD71QKB7mfNa2UFk5VTEjDZ7zSvmbu_uJKhqhe81Z5npfp5OMv_OefToGmv8JSvU_gCEov4YpG4JXe2b2Ahs25tUZxnE5iLDq-t187yuPfvZjSt-AaiiR8CUG2iv0zEaLcQsejDGQ9-qTckLO7WWNQjDvPbm9tZOQKfTjl8iJqvDiDTalkE9nryjDXQV_pYU9pcEG0Z1JqOgIdJOiJSzxB4LCauNlLXPHUQlok2P5dR9jauQmfG0N434vGIOl4YqY5QiDvxnprr32KMp-cLmDtt7gUWKyuY5jqD9LmwXdwQGc6N3PFHHjdMmXy4TBCFCKpg-JvXy4DkjkkRXcSxVAPrtXn5uSalkLBlpUx1jst6m65nLm5_vjW-UdvR4JGcBuRdE5VhTMh4MMiA0x-DVIsfFkNwGGqsOZPeqnAYpGjQo7_FpqAyQKPYnBDsgjrGkgTEJLZfdciBQxJbtuw682DqQQd2StOrnhE15SX3kzgQry9yItuI-luYG4wDagDqT1QZtxx3lSxOoEiaKLQqUP1kW6rOxgANNznkTZ_WzWZn5-6NjthyB8aTjTbMn--Z2I61ttnuw0qchQwzsaJs_fdQpNxWqtjqVzIZgPXFLOJf8XVjcA-rAtkivRFW-s3Qjnw8-5XWWn3DAnvOxDY5o5Xng2rHoaYnuqpDf8rTQqkQdi40u3DABECEwgFcUkXxi07d88Px724anPLm29JND7eP2T5uA0VaIbDDGT1x8YFcEBJPEkoWIu3MQK3KeDBbgMEtxNKPgLTwpUAFKXDAY6PFMYIZxzvvDlv191pljo9SRoSJGlrItgP5UtRRzbjk3iVaiOHATocaz20mRFkWkujLrP-JAiB_fC9wREsaewNtMcW6x77Dt_rqyoAcONCiGiB-LTdC1fp1GkEUtIWritbQoP7ZYb3ZKCZogN_HG0yOhe73AlukpduU_Cb6H-jPoFJdh7G_0iCdGP7pL4PwY57-qGiKcyInCaludHBFeFe_TwvonEgGvbH6YwEwjU6x9rjH22o15g8WGQcGJb3cNtIGkozQXVcbJm3cNeOBrArU9fVQQontaq2Gntz-k6Gizb1YU1HbT1nDbhucGiub2_E73Wr4sGSmjTksUU2z0gT-rmomdLLB65rnbTEjddmc_VGVoZO1V3NCLOpWP1xcFTgLM2E7FOyeeglxtjd1gWVnC4bATL515jpTPQr0hhPDIhrzUNTybtl2kgaqNXG4EhNbAb_m78uxkmk9ckG1CJHf_dkEXz8_yEHPONko5aLZD64NfnCjS0ul4JxJIsZayHGQYRZEwkh3-V_mdnI2DNg9Xu6mfVtXWs-RVpa0zTVoXiA3UJcjqppskfnbN03wARip0U23za4Uk8KNRZwX4rRbfrfPXmJ5yjWhGRzzo1HOyS_UMSvM3WNyc1JFDxgk9fb1wOAb-Ko5V3X7Y7zgLXDM0srCaQvi91cpXonAbd1UQVDj5z43WP84WDka7d4bJ0vTEzfZHHWmBWeYOEqkL8DqU-LA2pYBc76vHXiG85UD8dQdZn-wIGOgDIbmr1nucaQpXxbk-bGsbCdDZOnlTuoxdf0qERjuAmWYEbIiVOyvL0KJHrRnr5DSXChaCdZLdTKyHjHCHZsP2par9W9PSmVSuxD9nAa1gQDuNeW8l01L-tn_o28zeSQdCc8rLMA4v0nfZIKUOyL35bGoSerXjZ5OzETDtu2cjteByTqcTXgPyhpruG1RnqTnxvAuHn64zQqOwNNGWSxKD78gG5Y4wOrAABEhQJUwrS_q87zEhyghmuYwLTbigkEh8nOEGlQzXvwFpLLqxqeZG-WCbAKlaYk-w7S0kfnj6DzYMDyn8lhCBqH9iVvBw8r3XznWLHRC0AiVle1Ca8R9GJJ4LGwSnA0CCpWhMlmD67OsC9Dx_CbmyGGeVSQYBfMH0JrKPRHw_BE2ucIZ0HvncyidrwYixZNMae_nuEYihO4xH4o18L8UyzjyJVQ_cuMYtI6sdIuEVNNmYi8iw&cid=CAASJORoIks09_XeK8zO2D50CrqxKiKQGi3Je2LkUBq3WwFA5tr4Eg&rfl=1%2Chttps%253A%252F%252Fwww.dealnews.com%252F%240
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dae01824fce42e4fa6ef4ccfafe7c6b39ceeeef292a485f9297d3d553d7946a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36949
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CE94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:37:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CE94 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:19:00 GMT
l
www.google.com/ads/measurement/ Frame CE94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9abrZ80DME8JAf19AACmwDs3oHgfZQSgu5SX-0RiTMTsJslsUorO8qdmRLHq-GiEKoqyC8j1H13WAR_fSIZcr7AdO_Q
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE94 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE94 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSfE2GzhH_-bSW6iNT6HQDzEicxdE9zUpLPqwV_FFpi6fKDxMFtWGto5w-K6atUq778SC7dXAXle_W6YN1A4Yf2trlwxu7kyE5GNEFr4l4hG6g-8c
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CAA0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQr9MBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIACT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRf8vKaSBl2NRKa3vDSZBWnlquA2hisFB2_ZQE1PcGyPD8CqdbvrYuAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjE2Mzg1Nzk5Mjk1Njk2NBi4zQw&sigh=kTRUbJaotrw&uach_m=[UACH]&cid=CAQSOwCsnQUxPwAb7mte0Cex8zDpZC8OvSuxuph5hT-tGu3OumphhhuVANIgviHciDjD470fx7252szUA1IkGAEgEw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame CAA0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kbn62qcxsf9zgsn1e1b94sy7ttenez323jkbgbvep9zn3yrb2a8qxf292bddr3t8qkrb19ve6c5f7w4nve13zyyvmsxxjaz6txavgd6tx0npp3g910b0ks267q1k4t9sr1ygnc50azvem6p6653b266297fxc5jd44t7m8mn5qsczv1zxbxrsqj5fsb7k7d53gb8dav5882ph8gtjnneg9a5hdrkbm7eddvvydh36mmwyj6v1vy63a5t90gakf9sm8ax98378w8m0std2tmk8y2bw3wv47acrxmne0d14zjxcat1rf7ffzysgbt55g5sct9xnmbyfrqzehfeyr0ghjd2dkrtwcz5j6ch6dp3bmmmd4v32dd7x9bhwnj85835yh68b8hvnzk4rd3zwkkcw0&b=YyRyBgAMYYcH_ZZ4AA58KFUa7b2GRpn2__ConQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3EBF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hzdykbkd3v30yhmrct6b8jbj001jqhzd60xyc3fzz0eqe440663a2r94b1rj6mqy3ka1qcts63jnm08814sspev72wsybkqd8k37em2262v33b7pbpd4w1stghns7n21785wb1cfgfb376ry05j1s917tz5krgbc144qwmv6s1tkfqaj50s5rxskbsprzmwjzmpzy25w282qt1gg7a6zkwd9dcvm6taxxjxx99cpdvrrdqyk24f8qy4ja55crx04af5h3x0p3h1cxackwsdw0pm3y1thdgmabrfqh3vf17dcg0rv0s3f9pe5mx4hyvd32sc494qf0s9sqq4zsrqcppnxcmz67ryhctp387grs2k59h25b8a66snyn0e8hybr9fbcnx4bjezgkwzr0xz8asmnmehnwyh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%26client%3Dca-pub-6163857992956964%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df472b3ee468dad2ef730bc18514f0fa35f0ae17aa4a7c33d94a26004d48a55
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74b9c0516edd924a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:31 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CAA0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:37:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6EB3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1426
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Sat, 17 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CAA0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:19:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CAA0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 09:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Sep 2023 09:55:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAA0 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:31 GMT
pixel
cm.g.doubleclick.net/ Frame F92A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYy7LD0wEwAQ&v=APEucNUQAYEMS8_BEAJslooUf-bTrlw6NrNThvIH5vJJU5tVPrF0XHLWbEFNQkR6oosjd2d9D36rO1lHykjPR70GsdldVEzHYFX77gw8BS2xThq3yyFMOks
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F92A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYy7LD0wEwAQ&v=APEucNUQAYEMS8_BEAJslooUf-bTrlw6NrNThvIH5vJJU5tVPrF0XHLWbEFNQkR6oosjd2d9D36rO1lHykjPR70GsdldVEzHYFX77gw8BS2xThq3yyFMOks
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b9c0527dc7915c-FRA
pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTdqou5AAFs0QihtB3HM629QuCy5h3joTh2C%2F0wl%2FjNXYcGj3HZexDIo6up9QyEHBPoG4o2%2BlRSRFlqgq%2Buw4zZW%2B47aedonH2TYnULr5PyXYv1L0oYxCGIbt3a%2Bc2rRtx6ZL9f2epgE8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F92A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyRyCDG.bBvdIjSTDdfs7AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0&google_hm=2
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYy7LD0wEwAQ&v=APEucNUQAYEMS8_BEAJslooUf-bTrlw6NrNThvIH5vJJU5tVPrF0XHLWbEFNQkR6oosjd2d9D36rO1lHykjPR70GsdldVEzHYFX77gw8BS2xThq3yyFMOks
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74b9c053e93c915c-FRA
pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb%2Bf%2FMLJMQM23DQIO0Lq8OkR44a2h4M6L3EePnzVWES6yNoX2GGQka08Ne3D75OC8UYyh01zRqTytgQO59KehbKJb7RmFrrfOiS8MOW%2BytIfDMxfwX6xDISvrXsfqbJg3jz4ANzY%2FnduHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKnDe6qLVtJmDuRGEaezbM&google_cver=1&gdpr=0&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame A69E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:49:50 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A69E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
setuid
ib.adnxs.com/ Frame 12FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNXflX8Kq1MCVkcVC6vl1_7KY9do6Ed_6qLNtuZ_9sNkyDle4Ogo7XqXQtFjyLgeID6_mg8bDqKupt3It9Uk-xi7lxy2XZrICPU4TQHanlfZsAxT30s
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
83dc007b-509a-4aef-99ce-325a69f3de07
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 12FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNXflX8Kq1MCVkcVC6vl1_7KY9do6Ed_6qLNtuZ_9sNkyDle4Ogo7XqXQtFjyLgeID6_mg8bDqKupt3It9Uk-xi7lxy2XZrICPU4TQHanlfZsAxT30s
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:31 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2cf464d7-f6c9-402f-b936-0aec0c58ab53
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 12FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNXflX8Kq1MCVkcVC6vl1_7KY9do6Ed_6qLNtuZ_9sNkyDle4Ogo7XqXQtFjyLgeID6_mg8bDqKupt3It9Uk-xi7lxy2XZrICPU4TQHanlfZsAxT30s
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 12FA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNXflX8Kq1MCVkcVC6vl1_7KY9do6Ed_6qLNtuZ_9sNkyDle4Ogo7XqXQtFjyLgeID6_mg8bDqKupt3It9Uk-xi7lxy2XZrICPU4TQHanlfZsAxT30s
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CA2C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Sep 2022 12:54:31 GMT
setuid
ib.adnxs.com/ Frame 1283
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNUYnlI49VqBM8ESArH7AzExy4SxDmaeR5NVQpey1cktymIGLc4kNZ8Il95tjYK7yiPlYCzIvRN5E5slI6F2r-RSZs3fyf3BUEwmRtgxZPG6_n3nSPo
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b401d443-cfd6-4e49-aad8-cf74b0119706
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1283
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNUYnlI49VqBM8ESArH7AzExy4SxDmaeR5NVQpey1cktymIGLc4kNZ8Il95tjYK7yiPlYCzIvRN5E5slI6F2r-RSZs3fyf3BUEwmRtgxZPG6_n3nSPo
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:31 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0cfe59a0-bba5-499f-b48f-61ed01136aae
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1283
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNUYnlI49VqBM8ESArH7AzExy4SxDmaeR5NVQpey1cktymIGLc4kNZ8Il95tjYK7yiPlYCzIvRN5E5slI6F2r-RSZs3fyf3BUEwmRtgxZPG6_n3nSPo
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1283
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhjvs7m_ATAB&v=APEucNUYnlI49VqBM8ESArH7AzExy4SxDmaeR5NVQpey1cktymIGLc4kNZ8Il95tjYK7yiPlYCzIvRN5E5slI6F2r-RSZs3fyf3BUEwmRtgxZPG6_n3nSPo
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BD80 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 75BD 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcpq9ym0nt9naeqvk6bekrc8h3a9439yd67gk3yrat678jh5hwehvmms3fja2ak5z1p5z9093zahceekyy0bqaz5m8ckpe2hg9qrh3sgd0y5gtrnwpphd6xvf5wga72ept8n48e73dgygmmryrc9z6y94rtrdp3zx983d88ymd5gg96t5r7a8mjrgfqthfxm9ywvjw8dd4gv7thtm0r82p0wqshca5bgm79zbh4dgx579er1ztyqys2zvs8f0ah98sqqsvcm4e2yv89ynky3k2b2wr96tshrsxhk8kwbfnjq3t0yjqqm12x8rnpad11h3qx6m7ktpb0pv8gasp5nphexf1j3aqjcgq1qymqzka1bm28k49d4tvxpmcnm23q0nt6697edbkq8cf32g5csz69dkdmwsp5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%26client%3Dca-pub-6163857992956964%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hcpq9ym0nt9naeqvk6bekrc8h3a9439yd67gk3yrat678jh5hwehvmms3fja2ak5z1p5z9093zahceekyy0bqaz5m8ckpe2hg9qrh3sgd0y5gtrnwpphd6xvf5wga72ept8n48e73dgygmmryrc9z6y94rtrdp3zx983d88ymd5gg96t5r7a8mjrgfqthfxm9ywvjw8dd4gv7thtm0r82p0wqshca5bgm79zbh4dgx579er1ztyqys2zvs8f0ah98sqqsvcm4e2yv89ynky3k2b2wr96tshrsxhk8kwbfnjq3t0yjqqm12x8rnpad11h3qx6m7ktpb0pv8gasp5nphexf1j3aqjcgq1qymqzka1bm28k49d4tvxpmcnm23q0nt6697edbkq8cf32g5csz69dkdmwsp5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%26client%3Dca-pub-6163857992956964%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
340634
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74b9c0518f1b924a-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 75BD 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcpq9ym0nt9naeqvk6bekrc8h3a9439yd67gk3yrat678jh5hwehvmms3fja2ak5z1p5z9093zahceekyy0bqaz5m8ckpe2hg9qrh3sgd0y5gtrnwpphd6xvf5wga72ept8n48e73dgygmmryrc9z6y94rtrdp3zx983d88ymd5gg96t5r7a8mjrgfqthfxm9ywvjw8dd4gv7thtm0r82p0wqshca5bgm79zbh4dgx579er1ztyqys2zvs8f0ah98sqqsvcm4e2yv89ynky3k2b2wr96tshrsxhk8kwbfnjq3t0yjqqm12x8rnpad11h3qx6m7ktpb0pv8gasp5nphexf1j3aqjcgq1qymqzka1bm28k49d4tvxpmcnm23q0nt6697edbkq8cf32g5csz69dkdmwsp5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%26client%3Dca-pub-6163857992956964%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267251
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPapFe6IkP1nwNGxINgjyp180Qs3yE3zaAl2hHtZVCIVtq2mhE8dqLPmhlmJ%2BFH%2BzGlpdJW%2BqCRRcpo4TlUwQd369nr6RbB2akdJ7r%2BYKc4gr6qle8%2FHFYYcfC93L%2Fwk7IJl9Wo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74b9c051bc606922-FRA
expires
Wed, 07 Sep 2022 12:58:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame BD80 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:49:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame BD80 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:53:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BD80 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFEna3z3EiowbDnZFi0ENfKlHEgQdxVHL5nGxa83gJLJPVVCJBcl3BitQ-s_ZPytFE6K1e7WxNNwlCWxiRHio_WeyC6J11J48IlHgmoEpCD0nRrupJRCx1s5q3MzORoPf185wimhW3QoFKpjK4lScZV8SWEE5Ulg72&sai=AMfl-YT5JOX_Rh8FBXbNYB7GF8dI2Rb8f3EW0qN-86myawtCXD0OqkkyrmEzLuacn1FCxqY0IwLjcmW5rnDvwT6JD93VVtuzYfwqnVVEKuWABdb67G9X8vXS9aYv05QMGA&sig=Cg0ArKJSzGMJl96L5eXfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220914.03104&adurl=
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaqZ6V3321ZRElqOOLq_hLkttvT86EOKnmk5Wz_loPOv0DYzY&d=CokBAKAmf-CiRqRz8DYcbIxCTfuipWu8z3MZpq73PE6EpbMxw7ZvfXCf3jjOYy2AL1E1tOaRoRg7WZ7hyXkWl4f2_pKHGx0sczJOLQ-eJEAhvpj7SLzxidep8mt3tmMt6prRp9UWn25lsEXKkEH0zIEztEkjyf8LcwzrYjKXuwIcmHrcZi8y76l-JjQS6RMAoCZ_4D3rViSsCDEm2JTfljv4MDSkQZSnZAxCVSgYxNO7poDKKFxXSbzw2II56yYtUNQNASTjYMSNQgRfX9SBlvK6wYVI9GAHeGeINOZqJqUX3JtHZRyn_ZcIRtRHj_zZIoJoSYQtsxl3rC8N5--ACMBRvXfB6aMkFndgyQWiZMEAMkl5tKWzsHIMrnxXYpYm_YRmHXM9EMlaM0MQPOUUMtb7HQeWrG85XYfyzvqCn0Cprvu3WZZ1MuhfHTT3U4gr6B0nTXURUg5teuGgvzAIDp_DbxyMxDd1fS0_JhsN6P5qWiZgf38P1z3XzS3spPGpsq4CkaDAw4lfyR5yqJn7VKMLQ8pvQzQJeUrnomQUfEUabi_B2BA-JMKn_lN6Lp0eGC1iNcpUQxL8TUBywvg6vYMEV_4nkafgja2EaYIHu-mnxjVXEhnCHDrnfRVdSKPxOFVAjHhJ8-b5CNc6SXEz7vSLpjFzjsqftrzvEH_vDfu8SCnpdCho9GtSTZLJLAhEK3jKZBVVc3NjDgoRBtfsIzk0WIoQkAcQp3_v1xhAMYPQm3uiSRaSjrcLl0lyFP7EA-Y6z_xAzvBKdeGX6FZs6e5JRmabG9zCECIhHmHwvhZ80p_Wd2QXFULjIXHws-Rpee-rdXQv9jqK844yDQbc7Ot5pILSYVrcU0CafWfONDfQ-Jv4MPamkwexVXmb4WEHIGgxeX84NvEFeJC6nzi885d1Sg0JJiTLCY4BRFwvCMM_ckyvDOUDpb-XpWqH3yO46FClA5VJIj_J6qR6CCaAX3qI61x4hqegBnhg642bzItvBKANxsrzraZ_0-QOx8LV5m9RglCWIuof_jWtD_YBat8zAWDN3kN5dDvAbKVErA_o2XasoqfWIrd-arRc1u8W9d0bg-6tWD9OP8_bEUuiK2yFfrZyuRsJeghYz7MsOShHVQ_oqBOyDooeViPo8PQuZn-coyQdjWBgR-iC7-BtwyYeIbvT-Q-b5E3T40hJUOnI8Syp8eriDGIJ9Q4zbOGemV6qdZDcW1hOtKS5mE6nYlIQh5WGokDBA0oOAZRWDQtLfklKzDRNZvZ_gXOga3GviP30QFTqaVXStAdbLRQYbd53c6JYTih2fQrA1efe3ogHqSllpnfCpYpdpszA1UI2l_wOTxUzXsCa607ucI51Xfa3XC8DL2cfjt7rYCH8SVXFmCtzO8IW9JyXo7m-bNbpeub3qoTEYru_3E2uJDZ0iQSw3QTO8eiLYlAo4Vt93rvyhQiLrWfn6VLpF9yJb8fghkxlnYTyqari3FBlv8ZH7k7Yz95pXcR7pYK8akIc61sDb9HUD3AdbNad-sCj1fOgtzGEPLdITmLEwGJBWRmdt8G_1ttHsg-IveMtkVFGOPkzgRGdHPUvphm87ffJnO_BuUlH7xYL0D1qBPqGtujnt2Ul1cMIVVrivf5WkHUGMoJlJ3RqUn-adOmTJUB6UJoN3IMCVHbgGCr3hl0JaZ_D-AIB3p61_4BCmCBwF2Fd7mU3-vfayWk_l_XqKMGGHpiEgEmeOfqoGiGWblfcSegQ0MkWULSvmexnbBwtlKvy25pxMnmXs-qZpyJiI1dyLIxzKyJ09IybMvhmz3KbiUPOZAHmzUeuea_5UcT-jXVvY8Wt7qbIXCp5vQYn-GsazIH1FWtUJjX1xbFGWY-Um7cqD2TBeyWVDqIuPFxI1AP2QyvmXrwo4CSRzctt_iqKjGrjy_sFm0_OMtBxpdSh6qP3xnQ_JwLZksWjznEiyPXOWVsabDnM9d71aOYcLF9D6hPEa1Pp72d_Yxo98aWXq70_H-ZCw8rcgkMQq2VczIP0SCv92yLs6bv_fSmGTOreOqddvt4o-wbnBOf662MmxXTbzF8BXu748UDyKpnCQOQ4hpkDqDrAcEQHiB1K2Ye9a3o16F3vIF4emkQ4_KTIUouvmqQ94tUXtjAB_yXAYoLIdljfhzkgQmqwCJOL3qGYfthkgXTXpQsqxGjO4PZDXm3PSXQQn4Wp9FwGbwKtdhTkw-IuYAPFC3pWvx7VzY2AysSjyP0yc6WT-AD3UqWshy-2U_J-bOj_2GUUpFNMdhxuz7fxnoA702cRpKKcWQ7-BB97v7X2PsG70PmpNTP9VUe8ByDV3LXa95_uIcF45ljl5YbDGarxdbRfg5DPfyPtO9_14WdsJDwC_NR9A8rt8UQao-ZbobOKDube5f0ezPVnbWpPBEPOCDV1h4wip06MRXxzuhBuwlRZAVM379RHQEB8nSoZ7bImPNHmwGaxnEQj1AgdlIEIe9mzg_e2ZhR593ZmRvSFaUKS4UFY13sppHxr1TKghsYZPk0hLa3oraEIKayYaSxsIHg4ETX3UeQ2lsZpEkNZ9Qm8DP_lnTZO0Pp-CfHcslrC1tgKOUuYozSctnrUos1G9AsgOMHCmX01u5lNMwjU5M-kG99z9fh0exGTTaZZegH33N2r0fYLEuR6d01yoJpuNCZnvVeTL90VphYO6-3hGdi8VFJO3g8psdzlY5MZzWoObFCrQ2LwZNGGP_sP7XL3xAjeRk2ux0KPOAnUJcqeHykZy4DvBg53EmDtf0DXK9cQWPOgJBjokdq-fbQhFdzs5fzV3QyY8XYLgDM4naAkWAy1_2XdU6sJwC97UbsVRVLnx40dvDJ7CLvgU383mf87UD8Vl-GgHwlP9GBVxrigC7k2l_C6Xn-V_SvW9haLnI_Osjf7aO8fXO0JI-3zQRDDKEqoc3ipIxbWrXBJirZqaCFSQxP7NWlNjA4MhspLU9ViKSPhO5MdL2f3nx6vf2nF8n88NIVV6xUdDoulKLbQ2S2tDONeyPqbWsahb4rGpeg__h6AIIvxPzMEz75vvmDu7mjBvYcfdJXVrQYEWZGIqlVF_RZKcX2cGWxSTuCMmZe6OW4o83j_Aqk6_P3I7oCYb95TVtKaoHNkESiPl-qIdTK7dUivXba-J89uMcHlRJ2SNtLbj-5v6ncnqGLhX_-uFekbXWbaoRJhEhRqQp6ki4IncQxl5TQ5WQab96YewIR9RzEOfYwmGW8Q-BX2rksxwZHJZFJH0G2KanDEE9TA7fI2wuk0q5bwon-IGY_d37-C-i2wcVp5yPmBDXV4whsKSmCB8ngepyJ14T7MeCF2lxiiv18TvrgOhD32nFxGPpS2eQ1sdwcsHsfafLzRkp0Z_-zDQVA1niKQkUwENAd6Tt3JFJ_ELP9njkS06aUzd0Gbzz-lpNrLh_wNDWlvi66_MwItslR7xGM2vJ-5V5ZXPC4HZPynnCOmjH185JMVrgHZ_J67w8-F1DCzCeX16XhWZMCAITaN_75sKAnk16PsEMX20IV_yQhnJ95s21uI0spqDmUv4tzMyiNs1j5NsX4Jgw1achooCAASJORozw2VWLA2CLlWmCpkPNFBnbV5YQ4wp0Z_5ISpDbj1SMS652AB&cry=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
16704106125819489571
s0.2mdn.net/simgad/ Frame BD80 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16704106125819489571
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad55af223be2ccc80c6cdc3304a54ce1ad18251d70c81bd6d2ece5487b3acd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 08:36:54 GMT
x-content-type-options
nosniff
age
361057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84705
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 14:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 08:36:54 GMT
16704106125819489571
s0.2mdn.net/simgad/ Frame CA2C 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16704106125819489571
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad55af223be2ccc80c6cdc3304a54ce1ad18251d70c81bd6d2ece5487b3acd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 08:36:54 GMT
x-content-type-options
nosniff
age
361057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84705
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 14:06:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 08:36:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame CA2C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:49:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame CA2C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:53:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA2C 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGBH5Dyzan_iBmfmppiT4uK2_NiCheXKHNe7w8Ia3lLoXGymwpETQousom-C0DuFVDFL4qRpZXvLunq1yRN2RnEQAVrNDDZwDSuws_RS9w6a88zfPxjK6xWCuWtIMvCDYyrh0spVxxTE7g80xQPl4P13D6_tK-uM_8&sai=AMfl-YQID6S7JjlEG5CxC7M8WoAWNE3lyJJRHHJx5pUWEWeLlrmSm56QzkszB7UFVFrcAf6bZhe7D2mURziO8_uEY5lwajdBKn9oHBIBdpTsXu1xFkgiQBJU8QxbMRvGRQ&sig=Cg0ArKJSzJiTsI_EO3oaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220914.41065&adurl=
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaqZ6V3321ZRElqOOLq_hLkttvT86EOKnmk5Wz_loPOv0DYzY&d=CokBAKAmf-DvJ-HrbGCzxUS7fmVkuCWTMDCf4Am-sCT3qYH7FooZ3tPgqEeT5KKwt0HEmbkCwM7sr7GNoZAshY9ho_boFl-ky38Pw1IMcvXDrDpxM8fjahp3BeUXiaO198Vr8TA10FTdNB3a-9W1zdYL5w9Msfx3Qb5jt5kBL9g4RK0EXKV0Alp4m2ES2RMAoCZ_4DQg_fFJhc8TDLaesOHSxgYo6GoC5deBpvYWsP8Oas2Ibdh32Tpfp-h_1toVY63QRlzt4ZCszQHkxtFfnY-CSlbfENTud5InZ2TB6hSJbiILxtJzwHkRMqrOJX9D9_A6C5J2ZlUjxLWRvQFN8DYb7mmWFhH-BdiuwHKzRR4loOO97YUHSFrH1NoqAJpN7iKWkCLdEa6teEqYGPl-OpgO3qkouTD3aO-2C18frfOcxuSxPd8iS5eF6KRUnOWelc7jNUn0jTgEctnZz-Fwzes0MYE4XaHW5XBzuFU9TdOD5SXxf6Wr49z33UyevQVzYV_zE0x9ejnjfwUwORmGu4pv6Az0FKQakieoErCrlEO1nbkXyA5yk7xty6selT6zPD7Ec-W4IfscwBo5xVsGOTkLArf47cRq9FIvP96wWvbM6leXvkMi-Lv58YqQKM_p9KTm1UcNN7FKY5AOYtWPzfQP3US1q-nC2I9tMAdz2a4hABA4l6OHzWiLrHYjJ0QBnDwI1F2NSvpWxGL1_kMKOwW-y5ZU4FnlCqbOP7riFjsdIHbk2PYOaileZ5aVDcrM0aTsLgf6MCA4Vbm3yxQuYxXdr6_0-gwQisUb3oouBONqAxqwASx9c9xjlc-zmiIzsQ5cxYQpSWUhdZO519MJgq41yo26oL8oQxdcT0e67q8wiMeeGTAuhlGmbMBbMoeMU3VuthDxEacC4w9SxRry_lL78QZZQQlJ6EjtODOKFeP2ZiwhiOPSImXsMwIkbzv4ggK_rX5QaL8PUMHraFbSJQb15Ch053DOiMVdkyO14bz9Uo0iS439aW1_hJ8whvd1iOPdm-P13uGiO5TCadec0Au39-6JDbB8qlSG-5zdc6jSvn7NT04iyR33lS0MgIlr6j3jRIpvnj4kumMZaCKMLSrhFo4f0XD5aDHeNVfZBTKKjyUtmyP9jZtLAXwTBkfoJhmOR2g1icO5pE5pt_9o03BEHLsVPtGp81nAjiPxrjOXDXiXTg_Ae_0eRVpHW3mxKemYf1QZ8MA-wLC7nVBkeqWp0D0OPXyfccCo7N3R_bR_H3dQYns3jkVVMwvqVUP2as9SpG5hOlSrQ9M63JqEH6f_54uiwjZQ0KCMwg_QezL2aVrkhmPITawIieLULKcWduyMI2d_vm_PMuqK7wlQwjZP7EGgU9TYHhiTGWGv36tmrFLzXBD06TxBu7o7-BXYh5SkKFdQZUDQml24riO5SsSTZWlKUWOq8cyFEmkCxvk8pBzAMAdB-nPc2mwxcBT7hsWDBtCMTPVoVkZerEtUn335gRQFd0wv5UTQGeUsCSIVlNgYO1tTRZiKXFKeV6W0sXZtz3f7SQTosRA-YCwHuzg1SllDg1TG61njnq0SWU8Wc2BU_bNwRQ1xjtKd8F62MneM2ocESn9pCRrWnNT29IP1j0qCGcpazttzwrtj3hM32OeEYHuVfo8X4yw2vyXd5YoDat0urnOD2dvKmCgYRZq_QdTo0DPh2aakJDnJAr0ThrbVrx4hj09KoLGDQAXm0VoUmBB7IX4QtZK2wwbQ-QWVAS782cv0BMVhXwPmCI_a-zCNEsc3C-Uf3jjgtSV1FaLISNqY12n1zdN_xMtcd6KAWK2EA9npB0bcxNxq1rzwUMCnUSBEQEzVQ974ri17u8jiFPV_334xux-NyjWgrLbgzS32knFesFhmhSlh-_bo_SssAhy2ZrxeF4BHFe1PKSlrqaCoBbcddxsPQjxr1fan87GZEzk4xRq_N2IhOKDvOkv9c1CPHe-ZhRjvHbNxh0GH5VHwPYdw2d0rI1SPJPaqJk84TC05KNcvI6HCxzAU53evRcVUy-OV5pt1McW3CMYS525J3nIeehnHPozZ93tJ3KyF0rLjNc2aYVCaT1NBnQXAAV0CcuS9kU2fECMmxL3VfAj9qXWSnEbNEPCj9CBECbROasnsgQCc6XYYYr43cAJ4VEOWvJ_NPoTlv2nuS24s3_GnaChlbnM_e4LMu-qkwNt6FoZtFIbWPMgX6ho5kArOE4hAnhuBPrXozWaUEzaxF-zH8c-WPRt4PrHtxTtKE---MUYaqmTOqamJcF8V3Hoz70qbyaGwAxXLu9U4WWvwArmqvCVJoadYKwk4zhlrsATpbHkKaP6ob8V6dYxjGFef2I8RqjueQfuPDybpis7N7vdWS6wzbas1MvSCA0E7EejDJ6qLOlOjjntyRSalyzstsSp5dL0_V7jdsItSTkqJHTd9fNJEPjNNyAgv5F9NsFo4wrQ5VZcZoZ11MNwqXud-WvWgVhmrh9O1rZDVqD-N1ACe7ZuqVMfDxkQ3ottfdb4aE1VFr7B7w_mRspDFKNJHQ5KkQUaUW9UhMt8-Ja-Jx4r_kOF8SqZ9gX3wYXAK1XX8jlcKS4BBCrp69VyJNavkRuMU0CsDjUhs1oxd1sMOHV7m4WZUp1tR6LCFbB9HDEfUYBLvZ8IJo1lK-yalSbu2ZA3xpdlV2iXBikf5LlANa1-WBvfkECIK7IoDsLtA6cxPhsy-6TE9z8YQ8Yjl8lOxxJZmBAabozDlUHAySW4TpNq1OONUK02fkrOcJrrdI3mNpJzZ1i1hnhPSkJvAfBBHVizpKg3wQLBe5ubXlQ2sgobVjde-JOcO5Cz5-FeaU1KFAkz91t1x0iOkCptL7iEowLTIau3_mtaFNfOyMHg4O9PPyTZCCCqXPVnY31Yuz7Y4S4MrX2CffdDjyeo6syT3W033HcPKu0w9pM9Fw30w5JgaQ-cxnml7g_i_BDXCKnB-1A0sEkQjvBbfa25EeDPTokomcNrgD56p_JRuUeWdhUQiyU_Zqljf49cHjEvfoJgpWTakpMXbjIaRilmI19uTRLW_KuhmTG7c_b78d2F6kzVRzNmyulOwqpkEJgOoo4kNvyJKQfBzCvEum0N4iVkAqKTA6x9jd3SLoOxbrxWJ3GP8CXSy3Fkaa9as1234j2SdacJm6mkdvCnekXNZisDqzdcUNY3wkzUVsYzr79SH7F1jdGrPJmHCE_1TbioPeiPHLvhkR0b9wajvLz75Y8EHNawMTj8k3ehazU4x9mgTDqeDNehNciiwuF8CMkavntfo5JQ2buQTbyIKFhPkzcyS--eJygWKyS_9mX5BcEqQOg31LwmEd9vPiQ62Efwm3RWJDeodt_pnBv_iAbamaMUx3h30C8dfLdIZB5oPAuj7PwnHXH8JJuLg01ZKqI60QsB1tagUv9wxYrAHy13VJRwc9JJNZwcsuqj5epDs3bHvOjD4vf7GGGtd6dZtKQplhA9C9wGCWUk4I6iYNjDvyGF71PaeKjCsN292nzogfN3C6wE4t2gFKHKZj3kj4Lldg_2hC15SGigIABIk5GiHG7I3cYxM6doPDaBKQkURGKN8UJM9VNezbPFqf0dAxeBDYAE&cry=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame B263 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9c5b6f7e6605c704f54e2cd4c1dac96cc2854910339ee4e45c37879cd4e5b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame CCBB
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDZEM6HCJ5YoGkp1deq012E&google_cver=1&google_push=AZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZEM6HCJ5YoGkp1deq012E&google_cver=1&google_push=AZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZEM6HCJ5YoGkp1deq012E&google_cver=1&google_push=AZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74b9c053bd539244-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
264
cf-ray
74b9c0520a479244-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDZEM6HCJ5YoGkp1deq012E&google_cver=1&google_push=AZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9nR_K0mQ271gHaSEvwbriGehg123G0bBCKe-Y4a4jskfqKFoYsrzlBsJeizPImFv6LA1M9zlCE47X4jU6HauWtXOTHJXQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CCBB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECoZPtBnMMd3oXIgDj3Ln1M&google_cver=1&google_push=AZmPxg_RHp0GgGEzSrtIk_7SDpF3EONKJm4EwZkIDHpMyd7ZzB9w-yJk057jY4yMMRPYvmnXbiEzmPvx4bqg_A_kRsQPU5I6o0I
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_RHp0GgGEzSrtIk_7SDpF3EONKJm4EwZkIDHpMyd7ZzB9w-yJk057jY4yMMRPYvmnXbiEzmPvx4bqg_A_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_RHp0GgGEzSrtIk_7SDpF3EONKJm4EwZkIDHpMyd7ZzB9w-yJk057jY4yMMRPYvmnXbiEzmPvx4bqg_A_kRsQPU5I6o0I
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_RHp0GgGEzSrtIk_7SDpF3EONKJm4EwZkIDHpMyd7ZzB9w-yJk057jY4yMMRPYvmnXbiEzmPvx4bqg_A_kRsQPU5I6o0I
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 15 Sep 2022 12:54:32 GMT
pixel
cm.g.doubleclick.net/ Frame CCBB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO6s2p2n8jz7w_zdlnWvFI8&google_cver=1&google_push=AZmPxg91GRWZWdwjeAV3Hgk4pf0vRvfiTd6kLidge-hIczDRbVqim13eXAq3XuNrwwpOzzjVSGj4BGgyuWVMVe...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0Mzk2MDI4NzYwMjM0MjA0Mg%3D%3D&google_push=AZmPxg91GRWZWdwjeAV3Hgk4pf0vRvfiTd6kLidge-hIczDRbVqim13eXAq3XuNrwwpOzzjVSGj4BGgyuWVMVecu9e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0Mzk2MDI4NzYwMjM0MjA0Mg%3D%3D&google_push=AZmPxg91GRWZWdwjeAV3Hgk4pf0vRvfiTd6kLidge-hIczDRbVqim13eXAq3XuNrwwpOzzjVSGj4BGgyuWVMVecu9efQNJpiuw
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0Mzk2MDI4NzYwMjM0MjA0Mg%3D%3D&google_push=AZmPxg91GRWZWdwjeAV3Hgk4pf0vRvfiTd6kLidge-hIczDRbVqim13eXAq3XuNrwwpOzzjVSGj4BGgyuWVMVecu9efQNJpiuw
Date
Fri, 16 Sep 2022 12:54:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame CCBB
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciR...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciR...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciRtrM2X7H_IaMuEbn2M&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciRtrM2X7H_IaMuEbn2M&google_hm=
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg8uy5ybA_4Hw-eu0H7lxeRB7_NwaLujzx2tasYD17hrDm6GQBxhD7stwiW3-xPqdTVc0ZVtrPbciRtrM2X7H_IaMuEbn2M&google_hm=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame CCBB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEqeeBC7GYFtXLKvqaFhWgM&google_cver=1&google_push=AZmPxg_oZ1zAMQfgW27nD68cz2f2cIcOsolduyDsaok0G6w2VubjOk291ny4QhQY8l5AYuk5yu0tPuTHus-UBY4cjPmDeuU...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_oZ1zAMQfgW27nD68cz2f2cIcOsolduyDsaok0G6w2VubjOk291ny4QhQY8l5AYuk5yu0tPuTHus-UBY4cjPmDeuUq_qs&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_oZ1zAMQfgW27nD68cz2f2cIcOsolduyDsaok0G6w2VubjOk291ny4QhQY8l5AYuk5yu0tPuTHus-UBY4cjPmDeuUq_qs&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_oZ1zAMQfgW27nD68cz2f2cIcOsolduyDsaok0G6w2VubjOk291ny4QhQY8l5AYuk5yu0tPuTHus-UBY4cjPmDeuUq_qs&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame CCBB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDdthEOyJFV8_M8zDDMCijU&google_cver=1&google_push=AZmPxg-BnySpPw7yZrrMQJcqXTgn5yW_OVFBZQ7OU233wSEKYWFVVDP7qtKaFGpKo2OJJ6cdDcKMMFXLwZdBYfOJqRPbeH-eGA
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg-BnySpPw7yZrrMQJcqXTgn5yW_OVFBZQ7OU233wSEKYWFVVDP7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg-BnySpPw7yZrrMQJcqXTgn5yW_OVFBZQ7OU233wSEKYWFVVDP7qtKaFGpKo2OJJ6cdDcKMMFXLwZdBYfOJqRPbeH-eGA
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg-BnySpPw7yZrrMQJcqXTgn5yW_OVFBZQ7OU233wSEKYWFVVDP7qtKaFGpKo2OJJ6cdDcKMMFXLwZdBYfOJqRPbeH-eGA
date
Fri, 16 Sep 2022 12:54:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame CCBB
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEPlMzVTIlHS_aobCRtZfVJo&google_cver=1&google_push=AZmPxg8i7PkXjGHS9nsb3vTzvC9qOq2iluEzbZ79oM82wtplJWy5zuj_V7gQlZtN7qKKr98y514_H...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg8i7PkXjGHS9nsb3vTzvC9qOq2iluEzbZ79oM82wtplJWy5zuj_V7gQlZtN7qKKr98y514_Hh1X3byZxZXZMb6U0j_KF7Y&google_hm=WXlSeUNNQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg8i7PkXjGHS9nsb3vTzvC9qOq2iluEzbZ79oM82wtplJWy5zuj_V7gQlZtN7qKKr98y514_Hh1X3byZxZXZMb6U0j_KF7Y&google_hm=WXlSeUNNQ284WFVBQVBVeENDb0FBQUFB
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
18
Date
Fri, 16 Sep 2022 12:54:32 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEPlMzVTIlHS_aobCRtZfVJo&google_push=AZmPxg8i7PkXjGHS9nsb3vTzvC9qOq2iluEzbZ79oM82wtplJWy5zuj_V7gQlZtN7qKKr98y514_Hh1X3byZxZXZMb6U0j_KF7Y&proto=google_ebda","cluster_id":18,"gdpr":true,"ipv4":"0.0.0.0","key":"YyRyCMCo8XUAAPUxCCoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad338"}
X-SO-Ads-Time
3
X-SO-Key
YyRyCMCo8XUAAPUxCCoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad338
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg8i7PkXjGHS9nsb3vTzvC9qOq2iluEzbZ79oM82wtplJWy5zuj_V7gQlZtN7qKKr98y514_Hh1X3byZxZXZMb6U0j_KF7Y&google_hm=WXlSeUNNQ284WFVBQVBVeENDb0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad338.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng17.dc4p.scaleout.jp
X-SO-IP
178.162.209.137
attr
cm.g.doubleclick.net/pixel/ Frame CCBB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCsjZ2dchLNkLRN7xQPDfAvUtfZgxGD_B1NjMtnTtPuDxqZ4bhgPaJuAVt1SiHGlOkcg8t
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
setuid
ib.adnxs.com/ Frame 8F7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY6Nbp0QEwAQ&v=APEucNWe7zX8ur8w4-pbzdvapwt0X8ATjOP0vAXlyu71F2nC0JhoYJh3feFuINUOGV9pysULCsxy7K9AJH0kA-1ErPuMjEBz-eTvu8B9KrPmsJhgEdGvpnw
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8cc90acb-bf93-460b-baa3-dec222478d9e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F7E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY6Nbp0QEwAQ&v=APEucNWe7zX8ur8w4-pbzdvapwt0X8ATjOP0vAXlyu71F2nC0JhoYJh3feFuINUOGV9pysULCsxy7K9AJH0kA-1ErPuMjEBz-eTvu8B9KrPmsJhgEdGvpnw
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
60dce878-27c8-4d1a-97e8-2a21b7e37aee
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8F7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY6Nbp0QEwAQ&v=APEucNWe7zX8ur8w4-pbzdvapwt0X8ATjOP0vAXlyu71F2nC0JhoYJh3feFuINUOGV9pysULCsxy7K9AJH0kA-1ErPuMjEBz-eTvu8B9KrPmsJhgEdGvpnw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F7E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY6Nbp0QEwAQ&v=APEucNWe7zX8ur8w4-pbzdvapwt0X8ATjOP0vAXlyu71F2nC0JhoYJh3feFuINUOGV9pysULCsxy7K9AJH0kA-1ErPuMjEBz-eTvu8B9KrPmsJhgEdGvpnw
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 7864 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:49:50 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7864 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
setuid
ib.adnxs.com/ Frame 5FB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXszpWpnZhGMrM7zmWKvDqdOEjUNrogqtjFA0_KR_EP2oY75d4eLHIP-RHTJMJgdlBw1PibDiTPgvlwIBFyVPyq8qf4i8qlrkMAjD1Yx7E3RcK3RUw
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
27b6eeaf-5520-4826-900b-9928c658fb60
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEGLqKJbWuwL0v6lj1kknSIk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5FB0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXszpWpnZhGMrM7zmWKvDqdOEjUNrogqtjFA0_KR_EP2oY75d4eLHIP-RHTJMJgdlBw1PibDiTPgvlwIBFyVPyq8qf4i8qlrkMAjD1Yx7E3RcK3RUw
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
X-Proxy-Origin
178.162.209.137; 178.162.209.137; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
cddee888-61fe-4b9c-ae47-a4e16cc5d4e5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1MjE1NDUzMzk3NTE5NDEwOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5FB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXszpWpnZhGMrM7zmWKvDqdOEjUNrogqtjFA0_KR_EP2oY75d4eLHIP-RHTJMJgdlBw1PibDiTPgvlwIBFyVPyq8qf4i8qlrkMAjD1Yx7E3RcK3RUw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5FB0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXszpWpnZhGMrM7zmWKvDqdOEjUNrogqtjFA0_KR_EP2oY75d4eLHIP-RHTJMJgdlBw1PibDiTPgvlwIBFyVPyq8qf4i8qlrkMAjD1Yx7E3RcK3RUw
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame CE94 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.139.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-139-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8b2994922d32bfdc616524a94f09dff649cf2ad68630218517959c45892b2f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CE94 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Origin
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 13:42:29 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame CE94 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:53:30 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame CE94 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 12:49:50 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame A69E 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
141d0c16f846671454c7819c37fafe483ceb63aecb14695abd4a911d67df3d49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 11:10:06 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 17 Sep 2022 16:25:47 GMT
truncated
/ Frame CAA0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b0174d492d0202d493b32f4ac37f4773cde076b13c1c67f934db984035f5ef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
main.19.8.351.js
static.adsafeprotected.com/ Frame BD80 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.351.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
575986ceb03b41a80e51883a5ed8747fe2e71d2dabae1cf0741f4ae4d4049ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:24:25 GMT
content-encoding
gzip
age
329408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Sep 2022 15:31:10 GMT
server
AmazonS3
etag
W/"0df365965004cd53d828c594d1347e57"
vary
Accept-Encoding
x-amz-version-id
tWQXZ1XKiON.B_hqWYolQkDu8mdZui5t
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
k9y6Q2dHxPc8C-qoz4mnJk7ojVGPzQfXzd6E3quWHIczTioBGsPx-w==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FF0F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Sat, 17 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BD80 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09f45cae33fefb645acd58dcc6b3210b373ec1d499bad580e30e5e84d9332a25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 3EBF 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzdykbkd3v30yhmrct6b8jbj001jqhzd60xyc3fzz0eqe440663a2r94b1rj6mqy3ka1qcts63jnm08814sspev72wsybkqd8k37em2262v33b7pbpd4w1stghns7n21785wb1cfgfb376ry05j1s917tz5krgbc144qwmv6s1tkfqaj50s5rxskbsprzmwjzmpzy25w282qt1gg7a6zkwd9dcvm6taxxjxx99cpdvrrdqyk24f8qy4ja55crx04af5h3x0p3h1cxackwsdw0pm3y1thdgmabrfqh3vf17dcg0rv0s3f9pe5mx4hyvd32sc494qf0s9sqq4zsrqcppnxcmz67ryhctp387grs2k59h25b8a66snyn0e8hybr9fbcnx4bjezgkwzr0xz8asmnmehnwyh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%26client%3Dca-pub-6163857992956964%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hzdykbkd3v30yhmrct6b8jbj001jqhzd60xyc3fzz0eqe440663a2r94b1rj6mqy3ka1qcts63jnm08814sspev72wsybkqd8k37em2262v33b7pbpd4w1stghns7n21785wb1cfgfb376ry05j1s917tz5krgbc144qwmv6s1tkfqaj50s5rxskbsprzmwjzmpzy25w282qt1gg7a6zkwd9dcvm6taxxjxx99cpdvrrdqyk24f8qy4ja55crx04af5h3x0p3h1cxackwsdw0pm3y1thdgmabrfqh3vf17dcg0rv0s3f9pe5mx4hyvd32sc494qf0s9sqq4zsrqcppnxcmz67ryhctp387grs2k59h25b8a66snyn0e8hybr9fbcnx4bjezgkwzr0xz8asmnmehnwyh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%26client%3Dca-pub-6163857992956964%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
340635
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74b9c052d9f3924a-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 3EBF 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hzdykbkd3v30yhmrct6b8jbj001jqhzd60xyc3fzz0eqe440663a2r94b1rj6mqy3ka1qcts63jnm08814sspev72wsybkqd8k37em2262v33b7pbpd4w1stghns7n21785wb1cfgfb376ry05j1s917tz5krgbc144qwmv6s1tkfqaj50s5rxskbsprzmwjzmpzy25w282qt1gg7a6zkwd9dcvm6taxxjxx99cpdvrrdqyk24f8qy4ja55crx04af5h3x0p3h1cxackwsdw0pm3y1thdgmabrfqh3vf17dcg0rv0s3f9pe5mx4hyvd32sc494qf0s9sqq4zsrqcppnxcmz67ryhctp387grs2k59h25b8a66snyn0e8hybr9fbcnx4bjezgkwzr0xz8asmnmehnwyh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%26client%3Dca-pub-6163857992956964%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267251
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:39:36 GMT
server
cloudflare
etag
W/"1a2552545a3303319c45b19addfd8947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG9hzDV6Knv8vC6oycC2fKk73IvvaaU%2FHKyiPu0oCiUueO0ikxQhRN5de0I9DWQlkllWAvGxTjOmfRt6uecRLHBEf504ZKiJGUOgyd9q6h07jvKMARXwTfCGoo6fP8CuLco%2FmrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74b9c052d9f6924a-FRA
expires
Wed, 07 Sep 2022 12:58:38 GMT
main.19.8.351.js
static.adsafeprotected.com/ Frame CA2C 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.351.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
575986ceb03b41a80e51883a5ed8747fe2e71d2dabae1cf0741f4ae4d4049ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 17:24:25 GMT
content-encoding
gzip
age
329408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Sep 2022 15:31:10 GMT
server
AmazonS3
etag
W/"0df365965004cd53d828c594d1347e57"
vary
Accept-Encoding
x-amz-version-id
tWQXZ1XKiON.B_hqWYolQkDu8mdZui5t
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
UZIErVTinotCKcB-_v8e9yO98jzv0AiWJW4zHSmoSz-R67Md-Lc9IQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 41BC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Sat, 17 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CA2C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c849af0750d4af122070af72fc7c2b125d3790cb3f66998567dddb8c9553eb9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame BD80 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFEna3z3EiowbDnZFi0ENfKlHEgQdxVHL5nGxa83gJLJPVVCJBcl3BitQ-s_ZPytFE6K1e7WxNNwlCWxiRHio_WeyC6J11J48IlHgmoEpCD0nRrupJRCx1s5q3MzORoPf185wimhW3QoFKpjK4lScZV8SWEE5Ulg72&sai=AMfl-YT5JOX_Rh8FBXbNYB7GF8dI2Rb8f3EW0qN-86myawtCXD0OqkkyrmEzLuacn1FCxqY0IwLjcmW5rnDvwT6JD93VVtuzYfwqnVVEKuWABdb67G9X8vXS9aYv05QMGA&sig=Cg0ArKJSzGMJl96L5eXfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=270&vt=11&dtpt=269&dett=2&cstd=0&cisv=r20220914.03104&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaqZ6V3321ZRElqOOLq_hLkttvT86EOKnmk5Wz_loPOv0DYzY&d=CokBAKAmf-CiRqRz8DYcbIxCTfuipWu8z3MZpq73PE6EpbMxw7ZvfXCf3jjOYy2AL1E1tOaRoRg7WZ7hyXkWl4f2_pKHGx0sczJOLQ-eJEAhvpj7SLzxidep8mt3tmMt6prRp9UWn25lsEXKkEH0zIEztEkjyf8LcwzrYjKXuwIcmHrcZi8y76l-JjQS6RMAoCZ_4D3rViSsCDEm2JTfljv4MDSkQZSnZAxCVSgYxNO7poDKKFxXSbzw2II56yYtUNQNASTjYMSNQgRfX9SBlvK6wYVI9GAHeGeINOZqJqUX3JtHZRyn_ZcIRtRHj_zZIoJoSYQtsxl3rC8N5--ACMBRvXfB6aMkFndgyQWiZMEAMkl5tKWzsHIMrnxXYpYm_YRmHXM9EMlaM0MQPOUUMtb7HQeWrG85XYfyzvqCn0Cprvu3WZZ1MuhfHTT3U4gr6B0nTXURUg5teuGgvzAIDp_DbxyMxDd1fS0_JhsN6P5qWiZgf38P1z3XzS3spPGpsq4CkaDAw4lfyR5yqJn7VKMLQ8pvQzQJeUrnomQUfEUabi_B2BA-JMKn_lN6Lp0eGC1iNcpUQxL8TUBywvg6vYMEV_4nkafgja2EaYIHu-mnxjVXEhnCHDrnfRVdSKPxOFVAjHhJ8-b5CNc6SXEz7vSLpjFzjsqftrzvEH_vDfu8SCnpdCho9GtSTZLJLAhEK3jKZBVVc3NjDgoRBtfsIzk0WIoQkAcQp3_v1xhAMYPQm3uiSRaSjrcLl0lyFP7EA-Y6z_xAzvBKdeGX6FZs6e5JRmabG9zCECIhHmHwvhZ80p_Wd2QXFULjIXHws-Rpee-rdXQv9jqK844yDQbc7Ot5pILSYVrcU0CafWfONDfQ-Jv4MPamkwexVXmb4WEHIGgxeX84NvEFeJC6nzi885d1Sg0JJiTLCY4BRFwvCMM_ckyvDOUDpb-XpWqH3yO46FClA5VJIj_J6qR6CCaAX3qI61x4hqegBnhg642bzItvBKANxsrzraZ_0-QOx8LV5m9RglCWIuof_jWtD_YBat8zAWDN3kN5dDvAbKVErA_o2XasoqfWIrd-arRc1u8W9d0bg-6tWD9OP8_bEUuiK2yFfrZyuRsJeghYz7MsOShHVQ_oqBOyDooeViPo8PQuZn-coyQdjWBgR-iC7-BtwyYeIbvT-Q-b5E3T40hJUOnI8Syp8eriDGIJ9Q4zbOGemV6qdZDcW1hOtKS5mE6nYlIQh5WGokDBA0oOAZRWDQtLfklKzDRNZvZ_gXOga3GviP30QFTqaVXStAdbLRQYbd53c6JYTih2fQrA1efe3ogHqSllpnfCpYpdpszA1UI2l_wOTxUzXsCa607ucI51Xfa3XC8DL2cfjt7rYCH8SVXFmCtzO8IW9JyXo7m-bNbpeub3qoTEYru_3E2uJDZ0iQSw3QTO8eiLYlAo4Vt93rvyhQiLrWfn6VLpF9yJb8fghkxlnYTyqari3FBlv8ZH7k7Yz95pXcR7pYK8akIc61sDb9HUD3AdbNad-sCj1fOgtzGEPLdITmLEwGJBWRmdt8G_1ttHsg-IveMtkVFGOPkzgRGdHPUvphm87ffJnO_BuUlH7xYL0D1qBPqGtujnt2Ul1cMIVVrivf5WkHUGMoJlJ3RqUn-adOmTJUB6UJoN3IMCVHbgGCr3hl0JaZ_D-AIB3p61_4BCmCBwF2Fd7mU3-vfayWk_l_XqKMGGHpiEgEmeOfqoGiGWblfcSegQ0MkWULSvmexnbBwtlKvy25pxMnmXs-qZpyJiI1dyLIxzKyJ09IybMvhmz3KbiUPOZAHmzUeuea_5UcT-jXVvY8Wt7qbIXCp5vQYn-GsazIH1FWtUJjX1xbFGWY-Um7cqD2TBeyWVDqIuPFxI1AP2QyvmXrwo4CSRzctt_iqKjGrjy_sFm0_OMtBxpdSh6qP3xnQ_JwLZksWjznEiyPXOWVsabDnM9d71aOYcLF9D6hPEa1Pp72d_Yxo98aWXq70_H-ZCw8rcgkMQq2VczIP0SCv92yLs6bv_fSmGTOreOqddvt4o-wbnBOf662MmxXTbzF8BXu748UDyKpnCQOQ4hpkDqDrAcEQHiB1K2Ye9a3o16F3vIF4emkQ4_KTIUouvmqQ94tUXtjAB_yXAYoLIdljfhzkgQmqwCJOL3qGYfthkgXTXpQsqxGjO4PZDXm3PSXQQn4Wp9FwGbwKtdhTkw-IuYAPFC3pWvx7VzY2AysSjyP0yc6WT-AD3UqWshy-2U_J-bOj_2GUUpFNMdhxuz7fxnoA702cRpKKcWQ7-BB97v7X2PsG70PmpNTP9VUe8ByDV3LXa95_uIcF45ljl5YbDGarxdbRfg5DPfyPtO9_14WdsJDwC_NR9A8rt8UQao-ZbobOKDube5f0ezPVnbWpPBEPOCDV1h4wip06MRXxzuhBuwlRZAVM379RHQEB8nSoZ7bImPNHmwGaxnEQj1AgdlIEIe9mzg_e2ZhR593ZmRvSFaUKS4UFY13sppHxr1TKghsYZPk0hLa3oraEIKayYaSxsIHg4ETX3UeQ2lsZpEkNZ9Qm8DP_lnTZO0Pp-CfHcslrC1tgKOUuYozSctnrUos1G9AsgOMHCmX01u5lNMwjU5M-kG99z9fh0exGTTaZZegH33N2r0fYLEuR6d01yoJpuNCZnvVeTL90VphYO6-3hGdi8VFJO3g8psdzlY5MZzWoObFCrQ2LwZNGGP_sP7XL3xAjeRk2ux0KPOAnUJcqeHykZy4DvBg53EmDtf0DXK9cQWPOgJBjokdq-fbQhFdzs5fzV3QyY8XYLgDM4naAkWAy1_2XdU6sJwC97UbsVRVLnx40dvDJ7CLvgU383mf87UD8Vl-GgHwlP9GBVxrigC7k2l_C6Xn-V_SvW9haLnI_Osjf7aO8fXO0JI-3zQRDDKEqoc3ipIxbWrXBJirZqaCFSQxP7NWlNjA4MhspLU9ViKSPhO5MdL2f3nx6vf2nF8n88NIVV6xUdDoulKLbQ2S2tDONeyPqbWsahb4rGpeg__h6AIIvxPzMEz75vvmDu7mjBvYcfdJXVrQYEWZGIqlVF_RZKcX2cGWxSTuCMmZe6OW4o83j_Aqk6_P3I7oCYb95TVtKaoHNkESiPl-qIdTK7dUivXba-J89uMcHlRJ2SNtLbj-5v6ncnqGLhX_-uFekbXWbaoRJhEhRqQp6ki4IncQxl5TQ5WQab96YewIR9RzEOfYwmGW8Q-BX2rksxwZHJZFJH0G2KanDEE9TA7fI2wuk0q5bwon-IGY_d37-C-i2wcVp5yPmBDXV4whsKSmCB8ngepyJ14T7MeCF2lxiiv18TvrgOhD32nFxGPpS2eQ1sdwcsHsfafLzRkp0Z_-zDQVA1niKQkUwENAd6Tt3JFJ_ELP9njkS06aUzd0Gbzz-lpNrLh_wNDWlvi66_MwItslR7xGM2vJ-5V5ZXPC4HZPynnCOmjH185JMVrgHZ_J67w8-F1DCzCeX16XhWZMCAITaN_75sKAnk16PsEMX20IV_yQhnJ95s21uI0spqDmUv4tzMyiNs1j5NsX4Jgw1achooCAASJORozw2VWLA2CLlWmCpkPNFBnbV5YQ4wp0Z_5ISpDbj1SMS652AB&cry=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C4EC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
278505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 6DF0 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 16 Sep 2022 12:54:32 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3098 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
278505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D5F3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
278505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CA2C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGBH5Dyzan_iBmfmppiT4uK2_NiCheXKHNe7w8Ia3lLoXGymwpETQousom-C0DuFVDFL4qRpZXvLunq1yRN2RnEQAVrNDDZwDSuws_RS9w6a88zfPxjK6xWCuWtIMvCDYyrh0spVxxTE7g80xQPl4P13D6_tK-uM_8&sai=AMfl-YQID6S7JjlEG5CxC7M8WoAWNE3lyJJRHHJx5pUWEWeLlrmSm56QzkszB7UFVFrcAf6bZhe7D2mURziO8_uEY5lwajdBKn9oHBIBdpTsXu1xFkgiQBJU8QxbMRvGRQ&sig=Cg0ArKJSzJiTsI_EO3oaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&vt=11&dtpt=252&dett=2&cstd=0&cisv=r20220914.41065&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWaqZ6V3321ZRElqOOLq_hLkttvT86EOKnmk5Wz_loPOv0DYzY&d=CokBAKAmf-DvJ-HrbGCzxUS7fmVkuCWTMDCf4Am-sCT3qYH7FooZ3tPgqEeT5KKwt0HEmbkCwM7sr7GNoZAshY9ho_boFl-ky38Pw1IMcvXDrDpxM8fjahp3BeUXiaO198Vr8TA10FTdNB3a-9W1zdYL5w9Msfx3Qb5jt5kBL9g4RK0EXKV0Alp4m2ES2RMAoCZ_4DQg_fFJhc8TDLaesOHSxgYo6GoC5deBpvYWsP8Oas2Ibdh32Tpfp-h_1toVY63QRlzt4ZCszQHkxtFfnY-CSlbfENTud5InZ2TB6hSJbiILxtJzwHkRMqrOJX9D9_A6C5J2ZlUjxLWRvQFN8DYb7mmWFhH-BdiuwHKzRR4loOO97YUHSFrH1NoqAJpN7iKWkCLdEa6teEqYGPl-OpgO3qkouTD3aO-2C18frfOcxuSxPd8iS5eF6KRUnOWelc7jNUn0jTgEctnZz-Fwzes0MYE4XaHW5XBzuFU9TdOD5SXxf6Wr49z33UyevQVzYV_zE0x9ejnjfwUwORmGu4pv6Az0FKQakieoErCrlEO1nbkXyA5yk7xty6selT6zPD7Ec-W4IfscwBo5xVsGOTkLArf47cRq9FIvP96wWvbM6leXvkMi-Lv58YqQKM_p9KTm1UcNN7FKY5AOYtWPzfQP3US1q-nC2I9tMAdz2a4hABA4l6OHzWiLrHYjJ0QBnDwI1F2NSvpWxGL1_kMKOwW-y5ZU4FnlCqbOP7riFjsdIHbk2PYOaileZ5aVDcrM0aTsLgf6MCA4Vbm3yxQuYxXdr6_0-gwQisUb3oouBONqAxqwASx9c9xjlc-zmiIzsQ5cxYQpSWUhdZO519MJgq41yo26oL8oQxdcT0e67q8wiMeeGTAuhlGmbMBbMoeMU3VuthDxEacC4w9SxRry_lL78QZZQQlJ6EjtODOKFeP2ZiwhiOPSImXsMwIkbzv4ggK_rX5QaL8PUMHraFbSJQb15Ch053DOiMVdkyO14bz9Uo0iS439aW1_hJ8whvd1iOPdm-P13uGiO5TCadec0Au39-6JDbB8qlSG-5zdc6jSvn7NT04iyR33lS0MgIlr6j3jRIpvnj4kumMZaCKMLSrhFo4f0XD5aDHeNVfZBTKKjyUtmyP9jZtLAXwTBkfoJhmOR2g1icO5pE5pt_9o03BEHLsVPtGp81nAjiPxrjOXDXiXTg_Ae_0eRVpHW3mxKemYf1QZ8MA-wLC7nVBkeqWp0D0OPXyfccCo7N3R_bR_H3dQYns3jkVVMwvqVUP2as9SpG5hOlSrQ9M63JqEH6f_54uiwjZQ0KCMwg_QezL2aVrkhmPITawIieLULKcWduyMI2d_vm_PMuqK7wlQwjZP7EGgU9TYHhiTGWGv36tmrFLzXBD06TxBu7o7-BXYh5SkKFdQZUDQml24riO5SsSTZWlKUWOq8cyFEmkCxvk8pBzAMAdB-nPc2mwxcBT7hsWDBtCMTPVoVkZerEtUn335gRQFd0wv5UTQGeUsCSIVlNgYO1tTRZiKXFKeV6W0sXZtz3f7SQTosRA-YCwHuzg1SllDg1TG61njnq0SWU8Wc2BU_bNwRQ1xjtKd8F62MneM2ocESn9pCRrWnNT29IP1j0qCGcpazttzwrtj3hM32OeEYHuVfo8X4yw2vyXd5YoDat0urnOD2dvKmCgYRZq_QdTo0DPh2aakJDnJAr0ThrbVrx4hj09KoLGDQAXm0VoUmBB7IX4QtZK2wwbQ-QWVAS782cv0BMVhXwPmCI_a-zCNEsc3C-Uf3jjgtSV1FaLISNqY12n1zdN_xMtcd6KAWK2EA9npB0bcxNxq1rzwUMCnUSBEQEzVQ974ri17u8jiFPV_334xux-NyjWgrLbgzS32knFesFhmhSlh-_bo_SssAhy2ZrxeF4BHFe1PKSlrqaCoBbcddxsPQjxr1fan87GZEzk4xRq_N2IhOKDvOkv9c1CPHe-ZhRjvHbNxh0GH5VHwPYdw2d0rI1SPJPaqJk84TC05KNcvI6HCxzAU53evRcVUy-OV5pt1McW3CMYS525J3nIeehnHPozZ93tJ3KyF0rLjNc2aYVCaT1NBnQXAAV0CcuS9kU2fECMmxL3VfAj9qXWSnEbNEPCj9CBECbROasnsgQCc6XYYYr43cAJ4VEOWvJ_NPoTlv2nuS24s3_GnaChlbnM_e4LMu-qkwNt6FoZtFIbWPMgX6ho5kArOE4hAnhuBPrXozWaUEzaxF-zH8c-WPRt4PrHtxTtKE---MUYaqmTOqamJcF8V3Hoz70qbyaGwAxXLu9U4WWvwArmqvCVJoadYKwk4zhlrsATpbHkKaP6ob8V6dYxjGFef2I8RqjueQfuPDybpis7N7vdWS6wzbas1MvSCA0E7EejDJ6qLOlOjjntyRSalyzstsSp5dL0_V7jdsItSTkqJHTd9fNJEPjNNyAgv5F9NsFo4wrQ5VZcZoZ11MNwqXud-WvWgVhmrh9O1rZDVqD-N1ACe7ZuqVMfDxkQ3ottfdb4aE1VFr7B7w_mRspDFKNJHQ5KkQUaUW9UhMt8-Ja-Jx4r_kOF8SqZ9gX3wYXAK1XX8jlcKS4BBCrp69VyJNavkRuMU0CsDjUhs1oxd1sMOHV7m4WZUp1tR6LCFbB9HDEfUYBLvZ8IJo1lK-yalSbu2ZA3xpdlV2iXBikf5LlANa1-WBvfkECIK7IoDsLtA6cxPhsy-6TE9z8YQ8Yjl8lOxxJZmBAabozDlUHAySW4TpNq1OONUK02fkrOcJrrdI3mNpJzZ1i1hnhPSkJvAfBBHVizpKg3wQLBe5ubXlQ2sgobVjde-JOcO5Cz5-FeaU1KFAkz91t1x0iOkCptL7iEowLTIau3_mtaFNfOyMHg4O9PPyTZCCCqXPVnY31Yuz7Y4S4MrX2CffdDjyeo6syT3W033HcPKu0w9pM9Fw30w5JgaQ-cxnml7g_i_BDXCKnB-1A0sEkQjvBbfa25EeDPTokomcNrgD56p_JRuUeWdhUQiyU_Zqljf49cHjEvfoJgpWTakpMXbjIaRilmI19uTRLW_KuhmTG7c_b78d2F6kzVRzNmyulOwqpkEJgOoo4kNvyJKQfBzCvEum0N4iVkAqKTA6x9jd3SLoOxbrxWJ3GP8CXSy3Fkaa9as1234j2SdacJm6mkdvCnekXNZisDqzdcUNY3wkzUVsYzr79SH7F1jdGrPJmHCE_1TbioPeiPHLvhkR0b9wajvLz75Y8EHNawMTj8k3ehazU4x9mgTDqeDNehNciiwuF8CMkavntfo5JQ2buQTbyIKFhPkzcyS--eJygWKyS_9mX5BcEqQOg31LwmEd9vPiQ62Efwm3RWJDeodt_pnBv_iAbamaMUx3h30C8dfLdIZB5oPAuj7PwnHXH8JJuLg01ZKqI60QsB1tagUv9wxYrAHy13VJRwc9JJNZwcsuqj5epDs3bHvOjD4vf7GGGtd6dZtKQplhA9C9wGCWUk4I6iYNjDvyGF71PaeKjCsN292nzogfN3C6wE4t2gFKHKZj3kj4Lldg_2hC15SGigIABIk5GiHG7I3cYxM6doPDaBKQkURGKN8UJM9VNezbPFqf0dAxeBDYAE&cry=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7864 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
141d0c16f846671454c7819c37fafe483ceb63aecb14695abd4a911d67df3d49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 11:10:06 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 17 Sep 2022 16:25:47 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Sep 2022 12:54:32 GMT
pixel
cm.g.doubleclick.net/ Frame 6EB3
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGD72wqtcNhimFGZ6WSt0WI&google_cver=1&google_push=AZmPxg-SBvJx5MkDrf4b4Bwa7sJK3bo2XTp4tMDIbJxwdSzv0ysS7H7yHgvonlpENm8nZ93NYWpl9...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-SBvJx5MkDrf4b4Bwa7sJK3bo2XTp4tMDIbJxwdSzv0ysS7H7yHgvonlpENm8nZ93NYWpl9YpPvK6JQejRfC7r0w_LZEhl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-SBvJx5MkDrf4b4Bwa7sJK3bo2XTp4tMDIbJxwdSzv0ysS7H7yHgvonlpENm8nZ93NYWpl9YpPvK6JQejRfC7r0w_LZEhl
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:31 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 25BBF3A9DFE7432DBAEDE49D183D9DC5 Ref B: FRAEDGE1518 Ref C: 2022-09-16T12:54:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-SBvJx5MkDrf4b4Bwa7sJK3bo2XTp4tMDIbJxwdSzv0ysS7H7yHgvonlpENm8nZ93NYWpl9YpPvK6JQejRfC7r0w_LZEhl
x-li-proto
http/2
content-length
0
x-li-uuid
AAXoytz/wnsmet9l5seUEQ==
pixel
cm.g.doubleclick.net/ Frame 6EB3
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYll...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEOwQtvtNXw8OY1ReWpyvnYQ&google_cver=1&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYll...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYllrxLOG90Jp0V_lkbCdL&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYllrxLOG90Jp0V_lkbCdL&google_hm=
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg_o7sN660NfNCZL95rm-m52D5cg1fY36UR_0wHxQkPQLJiQJ_53BSSgNDknb3zf3QszuAMJ7lnYllrxLOG90Jp0V_lkbCdL&google_hm=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 6EB3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHgvi5p6jG7L7QhhgxIzaNw&google_cver=1&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEHgvi5p6jG7L7QhhgxIzaNw&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ0vTwLLNPnwPGEE&google_hm=dmJtaGNYeFhLcEVIdnRhT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ0vTwLLNPnwPGEE&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU=
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_sw8zzYMTeiDmsi9et1nBZHh784C2C8__rtCDjF92ZY8l4tZjY0n_d_Yr9z9nfwq8FhoHsifO0MrnNJ0vTwLLNPnwPGEE&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6EB3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEthsxNMkjWIBnOk7GSBcp4&google_cver=1&google_push=AZmPxg_3G3wpDDdpM-8vurtQC5hIv_oovKs3OF2kU2skzBEyZS3yobCB3le3PI0CUHk60eHIHpe...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_3G3wpDDdpM-8vurtQC5hIv_oovKs3OF2kU2skzBEyZS3yobCB3le3PI0CUHk60eHIHpeVrFoEtMLdTfAbS3EUW6ZWDj8y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_3G3wpDDdpM-8vurtQC5hIv_oovKs3OF2kU2skzBEyZS3yobCB3le3PI0CUHk60eHIHpeVrFoEtMLdTfAbS3EUW6ZWDj8y
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_3G3wpDDdpM-8vurtQC5hIv_oovKs3OF2kU2skzBEyZS3yobCB3le3PI0CUHk60eHIHpeVrFoEtMLdTfAbS3EUW6ZWDj8y
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6EB3
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJR5gpkGCeqhNkgctGgkPzk&google_cver=1&google_push=AZmPxg9OVLL--PcOIeygC1QM9UkQzhJS-vZ8KF5Mo-q9UnUIJLWMoqvwMkEQcL_q4p_YbJGwF8xpXYJeRwCG--JOptazYC...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1TW4MGWqSEKS1k2lPME6RQ&google_push=AZmPxg9OVLL--PcOIeygC1QM9UkQzhJS-vZ8KF5Mo-q9UnUIJLWMoqvwMkEQcL_q4p_YbJGwF8xpXYJeRwCG--J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1TW4MGWqSEKS1k2lPME6RQ&google_push=AZmPxg9OVLL--PcOIeygC1QM9UkQzhJS-vZ8KF5Mo-q9UnUIJLWMoqvwMkEQcL_q4p_YbJGwF8xpXYJeRwCG--JOptazYC1VWDA
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=1TW4MGWqSEKS1k2lPME6RQ&google_push=AZmPxg9OVLL--PcOIeygC1QM9UkQzhJS-vZ8KF5Mo-q9UnUIJLWMoqvwMkEQcL_q4p_YbJGwF8xpXYJeRwCG--JOptazYC1VWDA
date
Fri, 16 Sep 2022 12:54:32 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 6EB3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG0KdMwL53W60_qcEUyOiwQ&google_cver=1&google_push=AZmPxg9gY34DziFNsWgTe1IFf7kLEhtCEU8EVafzEaUkOrJZ-kpn_zxNofcggzEoXOIA0kZKNi...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg9gY34DziFNsWgTe1IFf7kLEhtCEU8EVafzEaUkOrJZ-kpn_zxNo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg9gY34DziFNsWgTe1IFf7kLEhtCEU8EVafzEaUkOrJZ-kpn_zxNofcggzEoXOIA0kZKNikiN3QkBMkY5DI8TScp1VZRrB8P
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg9gY34DziFNsWgTe1IFf7kLEhtCEU8EVafzEaUkOrJZ-kpn_zxNofcggzEoXOIA0kZKNikiN3QkBMkY5DI8TScp1VZRrB8P
date
Fri, 16 Sep 2022 12:54:32 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 6EB3
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESECCnZKY56apnEWvP1d1f0NM&google_cver=1&google_push=AZmPxg90Lt5ucb7rA_IfQu7yJ7bXlrryqY5_TE8ofAhoYZJghxabfNnar2L3773_GaFi5Vxx2lnA69tTUQHW2uJaqtgCAHrjJ7ICjg
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg90Lt5ucb7rA_IfQu7yJ7bXlrryqY5_TE8ofAhoYZJghxabfNnar2L3773_GaFi...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg90Lt5ucb7rA_IfQu7yJ7bXlrryqY5_TE8ofAhoYZJghxabfNnar2L3773_GaFi5Vxx2lnA69tTUQHW2uJaqtgCAHrjJ7ICjg&gdpr_consent=&gdpr=
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Fri, 16 Sep 2022 12:54:32 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg90Lt5ucb7rA_IfQu7yJ7bXlrryqY5_TE8ofAhoYZJghxabfNnar2L3773_GaFi5Vxx2lnA69tTUQHW2uJaqtgCAHrjJ7ICjg&gdpr_consent=&gdpr=
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
273
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 6EB3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lr81LKwmUFASOOA5u_orFdLFusNsLqsd4lDZzzUrHMQjfbCYQNk1hw_7a34WUeeOpJbym_bXI
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 75BD 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Fri, 16 Sep 2022 12:54:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20237154
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJEMxCcdidRIHjESQtSCoUeeQw6sEkDSSivHKs3oBPN4hkmSjzAzPf4ZFupLt3ClHZTeegmUxwJlpnUU8rIHKQXP%2FwS1%2F5F1aOIYG%2BgtcOCqcCRWzSDzcNL4tfM9CI0gVr0VFeDcV3ZKQB8ftZgWF7sf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
74b9c053fea28fe8-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame A69E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=57965363&sid=1523392&dvregion=0&unit=300x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037585&aucrtv=55507177&auadid=1523392&c6=1617446&c8=&auplc=9041739&turl=&c1=VF-DE+Performance&c2=DE_22_AO_E_B_G_J_B_B-215-CREDIT-HARDWARE-Tracking-ENT&c3=RT_PD_BC-215-apl-all-PRE-Tracking&c4=iphone14_sale_220914_300x250&c5=DV360&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_apl-all-tracking
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:19:47 GMT
Server
Microsoft-IIS/10.0
ETag
"f128ce2aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
4a.js
static.adsafeprotected.com/ Frame CE94
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_B3IkY9...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 15:30:29 GMT
content-encoding
gzip
age
336244
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 12 Sep 2022 15:30:15 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
x-amz-version-id
kUNO.lvsa3A51RY9aw.Lcn61V.A.t0tw
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
nlxbNZuGpIPRJRgDSpeALIT0xti_6wy2Cbh7Vqkp6tocNBy3LRnrSg==

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame BCC6 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10642800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
ZGE6Ix2ICmeG_a3JZeG-MZ6KOJrGi9mfWUXnHSW6vM-4ffHeFl1XjA==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CE94 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2682 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Sat, 17 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CE94 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bb50dfc888f20a8a1e41253d2c95bd57762d1a26939ac1187fe1d6d21ffb74d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame EA22 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1874961
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74b9c0548d10924a-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 12:54:32 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8267dUdGxUc5Sgk%2BXDW9%2BsnvhWzadQii5NGmZg7mBI3H%2BZcv1ghm8j%2Fy7fWm1bfdhWAwuJKmpX7VmLh9FXqea%2FP4Nk43u0TBgP6B4nVZNo3X1tQtLGum2Ygp6d1n3JTurN7Abc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame C952 		817 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9ef40e39a927c1025265848f2e7d6d841a48c19e375deb37fb3a379e70a17212

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
506
content-type
text/html
date
Fri, 16 Sep 2022 12:54:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
dvbs_src.js
cdn.doubleverify.com/ Frame 7864 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=57389660&sid=1523392&dvregion=0&unit=300x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037616&aucrtv=55096406&auadid=1523392&c6=1617446&c8=&auplc=9041715&turl=&c1=VF-DE+Performance&c2=DE_22_AO_E_B_G_J_B_B-215-CREDIT-HARDWARE-Tracking-ENT&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=samsung_flipfold4_sale_220825_tec336a_300x250&c5=DV360&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:19:47 GMT
Server
Microsoft-IIS/10.0
ETag
"f128ce2aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E942 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
278505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame CE94 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=217244fb-b626-de2a-2541-553e33ae1926&tv=%7Bc:onIB1k,pingTime:-3,time:112,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:112,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldLE+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b*.990511-61634100%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g1%7C1h,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:28%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame CE94 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=217244fb-b626-de2a-2541-553e33ae1926&tv=%7Bc:onIB1n,pingTime:-6,time:115,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldLE+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b*.990511-61634100%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g1%7C1h,idMap:1b*,rmeas:1,rend:0,renddet:svg.us,siq:28%7D&tpiLookup=ao:www.dealnews.com*&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
skeleton.js
static.adsafeprotected.com/ Frame BD80
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/934251/60616147/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dealnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.g...
  • https://static.adsafeprotected.com/skeleton.js
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
age
18399389
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
FOgxdsPvYDTFwvedF_gpG2cgwlYH8SwQXflJnvJwEC2zyxs4w4nm0Q==

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 16B6 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10642800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
O5ndIZ-Q-V8GtIKUURM1nxXo16UuaZZJTxDCEFggzNJhXYOQa_nLUg==
skeleton.js
static.adsafeprotected.com/ Frame CA2C
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/934251/60616147/skeleton.js?adsafe_url=https%3A%2F%2Fwww.dealnews.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F40b312ad77076455bff9ac93bcce4040.safeframe.g...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
age
18399389
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
YbS620BqLM_URYYtKvgjyd2z_J5plw-_66e0A0AkLiKBXa1WRpA5Gg==

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 9F6F 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10642800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
lyDwvofs0hgNBdADux7Ywn83YAwkGRpSvRuA1ykJZzL6wXilyHL2TA==
pixel
cm.g.doubleclick.net/ Frame FF0F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg8HMT3Rp2r_sB6cwrx4rehEkGYoUrpnX5I5kwXo04f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg8HMT3Rp2r_sB6cwrx4rehEkGYoUrpnX5I5kwXo04fLoQ7el7xKeRWw-Iw73Bn4okDSxJItSNjNTJO4RfNnzl5ejBta7Hp_
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:31 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg8HMT3Rp2r_sB6cwrx4rehEkGYoUrpnX5I5kwXo04fLoQ7el7xKeRWw-Iw73Bn4okDSxJItSNjNTJO4RfNnzl5ejBta7Hp_
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FF0F
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGD72wqtcNhimFGZ6WSt0WI&google_cver=1&google_push=AZmPxg_KDY-wTzG50Zhrlj10hUTwcUNAA8k00SaikKaxLsT3n4yxtANzWxNk52lrxHejiPe6vTX9c...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_KDY-wTzG50Zhrlj10hUTwcUNAA8k00SaikKaxLsT3n4yxtANzWxNk52lrxHejiPe6vTX9cde8PNLQVQNq0dXUDiLzuPE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_KDY-wTzG50Zhrlj10hUTwcUNAA8k00SaikKaxLsT3n4yxtANzWxNk52lrxHejiPe6vTX9cde8PNLQVQNq0dXUDiLzuPE
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:31 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B0AE74741D0E4B6095188AA981C80C9E Ref B: FRAEDGE1518 Ref C: 2022-09-16T12:54:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_KDY-wTzG50Zhrlj10hUTwcUNAA8k00SaikKaxLsT3n4yxtANzWxNk52lrxHejiPe6vTX9cde8PNLQVQNq0dXUDiLzuPE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXoyt0EMxBYTaXZTLPOqA==
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame FF0F 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEzcPU5pV2ZTE3gQTbKAMz0&google_cver=1&google_push=AZmPxg97dSdKm__BK2JyCgM_wa37hVcB-Xtf9mt6usRdskDeVEVVEz4SUmcaFn7MmigVEKsPlQ2Q-cVvKtpESgFcvGnMcYKdQMEo
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame FF0F
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEHm74TUFF1wDZvh-q9ZtSYQ&google_cver=1&google_push=AZmPxg-u-GjraFuKVBWKd5_VWfaIb1V9NbCr-pr4b-oRTlAIwHIrMBI69m6pkLdjTqxh0rUXGJ_ySe6VpA1HBcYsx_EPdF9Cjw4
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
date
Fri, 16 Sep 2022 12:54:32 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame FF0F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEqeeBC7GYFtXLKvqaFhWgM&google_cver=1&google_push=AZmPxg9c0j__fW_DKZzWNCReYYG_UF3ElOj63GJF5Jj_h8L0htHErSj7Gl-6x74lT2BeBkB09RT3LhrUG_o81r3FQcPo5sW...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9c0j__fW_DKZzWNCReYYG_UF3ElOj63GJF5Jj_h8L0htHErSj7Gl-6x74lT2BeBkB09RT3LhrUG_o81r3FQcPo5sWfzIqF&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9c0j__fW_DKZzWNCReYYG_UF3ElOj63GJF5Jj_h8L0htHErSj7Gl-6x74lT2BeBkB09RT3LhrUG_o81r3FQcPo5sWfzIqF&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9c0j__fW_DKZzWNCReYYG_UF3ElOj63GJF5Jj_h8L0htHErSj7Gl-6x74lT2BeBkB09RT3LhrUG_o81r3FQcPo5sWfzIqF&google_hm=ODk2NDQ2OTI4NTA5MDA1ODA1
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
um
cs.emxdgt.com/ Frame FF0F 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFXlPTWKnT4ZlSlqb6-6eyk&google_cver=1&google_push=AZmPxg8V7Ww38U5FGCwtQc44cd-hLITqQG_0SY98RJJbgBYOS6AuPpMBaXqC8Wf-zqixnJQsQHXAAvpYc1oXdd5ulXYIZuum7SPOrQ
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
content-length
0
content-type
text/html
/
onetag-sys.com/match/ Frame FF0F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHAxbyoVHclmlXOPtNYofWo&google_cver=1&google_push=AZmPxg-KwTGwadzsT6bs7VA8GDEjXFP83bknh9x-eHBjGawyNm_yHzjPg-GqkNBix-G-k6w6_VWswLXyBeA...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-KwTGwadzsT6bs7VA8GDEjXFP83bknh9x-eHBjGawyNm_yHzjPg-GqkNBix-G-k6w6_VWswLXyBeA4GAjbd1ibtzQAg6QR
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FF0F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Loh97PfTcsuSJ2nttCqKElywxLeCZoixjCzOwfixkLJduqh2ZkWYN6nP75RxIFPyin4JWPjQw
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame AAAB 		142 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
145644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 20:27:08 GMT
expires
Thu, 14 Sep 2023 20:27:08 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CE94 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmJzB6NG1S2vbJfSTzSvpoK1xFDqJvY5En5Vuw2jV7Kw-NcEzu9JpSbc0iDMDwhyYN-zFMIrmuohqNHh_NzGWICElaGHeTDQzY791fUaAgvoCD5qIIPxX3xqP8G_SbJUsTAr9auJglfMnzqo3VG2yzJHHFtML5BDa7jBHwLycdcgz-2mlbsdDKY70ZKAwCC6YmjcnOhmVKb51Rg6zeeKGnQs4Tihb5RS9YEpqW6G-CHAMOiztifG9TxhVl9iCg9sMR2wkGQNKY_S4p-U6Kq7lR7kvXWKJBdjQuPpxHb2E-cPeVqGYU34l0D9XlJQAlH18X5NU1ZkvH3oOAS4cxou3RbpKBdu0g_GLKwJrNOFtScHnVUaonIvumPuXrfKaz25xeR16vbxUpkMMIG5SNOgzT6KeL33BRDZosNo7dlmmOmTw8Jg6vM6ZST6Ex1VpUsVz5rboBYAN9dpOxg1k6I6kGRdZWYSUoRVuzyKkr527WIiO7c6THabK0n3AKsabxDeLgBG7q7x_8TvHPhLvdBP1pLG_qjsLF2l4hJtq66EEipEH_-onXbZ0RnH4OhFSYNo39d0qqgztwqyV-Kn7yzaGpqGxHIBryQVsx09q2vCuWqbqNhgbuhZ92vldjVEYljoa3AThSjjr7TKt8WgxQAz6MDRWfTI1amIjBrPGE5qBn4IgoHH5y1eXpvd3pvm9YV9-rt2hu9q3JVn-5UJadnkV2gkLR6kk4LnzNqnFPwT9ox0K_14mAXd7WaQsghyN9alyfyKPGp8XzZzthSS64Q-6y3lJUfADGjy2MCekiBLN-vVCx740pg4v_1AvGqTa-oWcqK31luVElQjYTIcXT328VvZizXv9tz22zMyzkJabPKsWKOL3hTZYWIfygzoEwW5xQkRW5Uw_zgNE46-Q0tX8kowpRx562PQqs_uh9tz0aCYbmc6Y2dAvc1n7VGMlwKk-FsTolA6mVSulVq4RVV4sqSDci5vx4NhTdQAmZLrAPqc0dVjaE2fwPvK9-eqD-oWCL5xc1puE3ZnskjWXp1CCKMiO-d7PY3TgjOsFYtEb2rg0TgsQI9zf2s5mLodzusqgpoPXFd3y6I2yhvE4TTLrwEmnKxBvEERSEbQdB3B0vrgUcHBtuU6PploIDr2vXDNAfHxxYLF85vXwRl5JsU5PskTtAK6tVdJQsA4-TrLZmEGjeCErmtxJWHawH16lSjMQ9hbMpXiqQFoYjjIfvxJ-yW2AyeLMiu12Pi55G2LeIFKw0Lm-Y5saNp8GBfP4oknOqj-01YoEZy0Zdm-WViRQHVsDlAXCiHq5XUkrSwBiCJfhAvDn6ApviWnbg&sai=AMfl-YSKCNXykmA9Wx9BTNo06w3wBOaX85e4LLkZgYDvJEQRRC861OBz47r3Ow1wxX1iFYgug8jNntptrOQSjKFViGNjYtzMhZ0zjvSd98Nz_h5N8gpektuczOcdPDItqzfStI3qtxjRY4klhrIPvN7RLCGkOsAaPCaEIiMixcNSihvKTF6jWw0wUPkwhk-kA_Jnhh77KY5OS_Z7Tm7vJdV-hrnO&sig=Cg0ArKJSzH0sGNpH-mNiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=518&cbvp=1&cstd=514&cisv=r20220914.90311&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 16 Sep 2022 12:54:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3EBF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Fri, 16 Sep 2022 12:54:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20229368
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFmpAzTTYW%2FoZ3gzpGmrUjTdAMwTgP4YXCgY9NO3BoApSkKfngY9h7Dm6tl2Hrq7Iv5Lvdu9iaR6SrTZwPqyGuLuNmkEUot7xAasnCX05DSVvF6MWKGNX9yKxBDlHbTTqvFO5UWE37NNqxNNWR%2Fc0vI0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
74b9c05599ff92a7-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
pixel
cm.g.doubleclick.net/ Frame 41BC
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECoZPtBnMMd3oXIgDj3Ln1M&google_cver=1&google_push=AZmPxg_uDO2ic4vmjqPMAljlP1zGJ25rV6prvvy8gqpFijRZmYGEiKrOv9Aluy7Lqeezof5PLNpuuhrZ2tPO3djFGTOooA_EsQc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_uDO2ic4vmjqPMAljlP1zGJ25rV6prvvy8gqpFijRZmYGEiKrOv9Aluy7Lqeezof5PLNpuuhrZ2tPO3dj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_uDO2ic4vmjqPMAljlP1zGJ25rV6prvvy8gqpFijRZmYGEiKrOv9Aluy7Lqeezof5PLNpuuhrZ2tPO3djFGTOooA_EsQc
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg_uDO2ic4vmjqPMAljlP1zGJ25rV6prvvy8gqpFijRZmYGEiKrOv9Aluy7Lqeezof5PLNpuuhrZ2tPO3djFGTOooA_EsQc
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 15 Sep 2022 12:54:32 GMT
google
match.adsrvr.org/track/cmf/ Frame 41BC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA9Xc-1JLMo4j-CM4CnTx-U&google_cver=1&google_push=AZmPxg8kuhyrs9IxktrtQtYvMpBNQusGfncD18HbZwMjDXNNM1P0-rBUc6VrUNJNm8cuS5o6WM6sEIxWwCx2aPJqjwLye-ChLGI
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 41BC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHgvi5p6jG7L7QhhgxIzaNw&google_cver=1&google_push=AZmPxg9sTjwRCs1gIqNYeVgMDKYRq692ZJIqiSmzfpT4VLytg69bcsFH5WpcLneJkzwuda5mPVJgWE637nMc_...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9sTjwRCs1gIqNYeVgMDKYRq692ZJIqiSmzfpT4VLytg69bcsFH5WpcLneJkzwuda5mPVJgWE637nMc_AAso6evUUCfhG4&google_hm=dmJtaGNYeFhLcEVIdnRhT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9sTjwRCs1gIqNYeVgMDKYRq692ZJIqiSmzfpT4VLytg69bcsFH5WpcLneJkzwuda5mPVJgWE637nMc_AAso6evUUCfhG4&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU=
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9sTjwRCs1gIqNYeVgMDKYRq692ZJIqiSmzfpT4VLytg69bcsFH5WpcLneJkzwuda5mPVJgWE637nMc_AAso6evUUCfhG4&google_hm=dmJtaGNYeFhLcEVIdnRhTGhwQWU=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 41BC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEthsxNMkjWIBnOk7GSBcp4&google_cver=1&google_push=AZmPxg-E-X5ywIMa9VrV2zoeAmFR3i6b-0cq1B1gjRE5R2EHYDIrLJzWJV-Qozxg9QUccaYnaTk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg-E-X5ywIMa9VrV2zoeAmFR3i6b-0cq1B1gjRE5R2EHYDIrLJzWJV-Qozxg9QUccaYnaTkdp3FVxX1PaeLrojR6IqQhipM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg-E-X5ywIMa9VrV2zoeAmFR3i6b-0cq1B1gjRE5R2EHYDIrLJzWJV-Qozxg9QUccaYnaTkdp3FVxX1PaeLrojR6IqQhipM
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg-E-X5ywIMa9VrV2zoeAmFR3i6b-0cq1B1gjRE5R2EHYDIrLJzWJV-Qozxg9QUccaYnaTkdp3FVxX1PaeLrojR6IqQhipM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 41BC
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFodRCsaCsJA8cP8iDp1bjM&google_cver=1&google_push=AZmPxg-CTVyMhN2jKYg9Y9bQ6KegqYHFr0kcshsRYRFbzYOobHdSlNA8eGGpNNXB2hLFjiVUctfG7hiCwQjtOZAE...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-CTVyMhN2jKYg9Y9bQ6KegqYHFr0kcshsRYRFbzYOobHdSlNA8eGGpNNXB2hLFjiVUctfG7hiCwQjtOZAEh7o53YWxWA4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-CTVyMhN2jKYg9Y9bQ6KegqYHFr0kcshsRYRFbzYOobHdSlNA8eGGpNNXB2hLFjiVUctfG7hiCwQjtOZAEh7o53YWxWA4
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-CTVyMhN2jKYg9Y9bQ6KegqYHFr0kcshsRYRFbzYOobHdSlNA8eGGpNNXB2hLFjiVUctfG7hiCwQjtOZAEh7o53YWxWA4
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
_aBSlxAH5hF41qMWb_WkslnF44IAhzDVv-Kagjb4oz3A3GvHhQlzRw==
pixel
cm.g.doubleclick.net/ Frame 41BC
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESED0QAeNPOJs2d7HGTrC720U&google_cver=1&google_push=AZmPxg-D2CkgrnXJUDtu1DvSDlv6EvQm0l7zqQModIHSxTKTcoAJCXXLahsZK7cYWlkFNz3L54HHSRbXzSuJS16PLd2IcCuKXw
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&mn_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-D2CkgrnXJUDtu1DvSDlv6EvQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&mn_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-D2CkgrnXJUDtu1DvSDlv6EvQm0l7zqQModIHSxTKTcoAJCXXLahsZK7cYWlkFNz3L54HHSRbXzSuJS16PLd2IcCuKXw&gdpr=&gdpr_consent=
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&mn_hm=MzA2MzM0NDcyMTQ5MjE2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg-D2CkgrnXJUDtu1DvSDlv6EvQm0l7zqQModIHSxTKTcoAJCXXLahsZK7cYWlkFNz3L54HHSRbXzSuJS16PLd2IcCuKXw&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Fri, 16 Sep 2022 12:54:32 GMT
/
b1sync.zemanta.com/usersync/googleadx/ Frame 41BC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ7Ih9dvcKLE7b7SJ3jOERA&google_cver=1&google_push=AZmPxg-ULWylhd8MD_NQX4ou1ysTTJFd1l6dE48NrjhtFutesQV67YrLl-yT0-PIk15EIV12bG8hgrK2Br4Nb...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg-ULWylhd8MD_NQX4ou1ysTTJFd1l6dE48NrjhtFutesQV67YrLl-yT0-PIk15EIV12bG8hgrK2Br4NbYkldltamHhMmBMD&google_hm=dmJtaGNYeFhLcEVIdnRh...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
64.202.112.159 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 41BC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDqoiLwawlo20CD1Q1CCClXzvyrK8OLYlSkKFoRco6QlL6vaIYXcWSdfsSE46lLk60OFimqQ
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame CE94 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=217244fb-b626-de2a-2541-553e33ae1926&tv=%7Bc:onIB3S,pingTime:-2,time:270,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:929,beZ:931,mfA:933,cmA:935,inA:935,inZ:941,prA:941,prZ:951,si:957,poA:958,poZ:978,cmZ:978,mfZ:978,loA:1044,loZ:1049,ltA:1199,ltZ:1199%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:270,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B262~0%5D,as:%5B262~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldLE+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b*.990511-61634100%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g1%7C1h,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:28,sinceFw:241,readyFired:true%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame BD80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=770ad8ac-3fe7-c5bb-9da3-47e5b34b6039&tv=%7Bc:onIB4g,pingTime:-3,time:543,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:395%7D,%7Bpiv:0,vs:o,r:l,t:542%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:543,n:542,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:395,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B167~1,0~0%5D,as:%5B167~300.250%5D%7D%7D,%7Bsl:o,t:542,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f*.934251-60616147%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1h%7C1i,idMap:1f*,rmeas:1,rend:1,renddet:IMG.qs,siq:397%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame BD80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=770ad8ac-3fe7-c5bb-9da3-47e5b34b6039&tv=%7Bc:onIB4l,pingTime:-6,time:548,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:548,n:542,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:395,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B167~1,0~0%5D,as:%5B167~300.250%5D%7D%7D,%7Bsl:o,t:542,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f*.934251-60616147%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1h%7C1i,idMap:1f*,rmeas:1,rend:1,renddet:IMG.qs,siq:397%7D&tpiLookup=ao:www.dealnews.com*&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
collect
b.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:32 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
dt
dt.adsafeprotected.com/ Frame CA2C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=558d58eb-65e0-384d-7dd3-bc2d5f0f2c22&tv=%7Bc:onIB4G,pingTime:-3,time:509,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:376%7D,%7Bpiv:0,vs:o,r:l,t:508%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:509,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B141~1,0~0%5D,as:%5B141~300.250%5D%7D%7D,%7Bsl:o,t:508,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.934251-60616147%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f.934251-60616147%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1h%7C1i,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:377%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame CA2C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=558d58eb-65e0-384d-7dd3-bc2d5f0f2c22&tv=%7Bc:onIB4I,pingTime:-6,time:510,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:510,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B141~1,0~0%5D,as:%5B141~300.250%5D%7D%7D,%7Bsl:o,t:508,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.934251-60616147%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f.934251-60616147%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1h%7C1i,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:377%7D&tpiLookup=ao:www.dealnews.com*&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
frame.html
ad4m.at/ Frame 525E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1874961
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74b9c056490e924a-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 12:54:32 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2r4fZRupTM8J4tmo1dTj9C2PuJDNnOO42fcpcvqm5d2lQs9XQJrF3O880CCjK%2BEZqp3j2uGK1GoXE5HUP%2FGSXxbBJZu%2BcqZOjdFbUeWJ9fww9t0eWIkmekA9ngfaO5qpRnWN8mE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dvbs_src_internal109.js
cdn.doubleverify.com/ Frame A69E 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:20:14 GMT
Server
Microsoft-IIS/10.0
ETag
"03bb312aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19455
dvbs_src_internal109.js
cdn.doubleverify.com/ Frame 7864 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:20:14 GMT
Server
Microsoft-IIS/10.0
ETag
"03bb312aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19455
setuid
prebid-server.pubgalaxy.com/ Frame C952 		0
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.pubgalaxy.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&us_privacy=1---&f=b&uid=0b5be8d8-376a-4f27-9f2d-334d646c983c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.165.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-165-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html
content-length
0
expires
0
sd
eu-u.openx.net/w/1.0/ Frame C952
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ee26324-7209-4a00-865b-395a1bf675ce
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ee26324-7209-4a00-865b-395a1bf675ce
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ee26324-7209-4a00-865b-395a1bf675ce
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Sep 2022 12:54:32 GMT
sd
us-u.openx.net/w/1.0/ Frame C952
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=ivKbB4vzmQuRopAHhPKEUd2lnAaR9s0AjvU-DsOH
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=ivKbB4vzmQuRopAHhPKEUd2lnAaR9s0AjvU-DsOH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=ivKbB4vzmQuRopAHhPKEUd2lnAaR9s0AjvU-DsOH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C952
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3865101669408010213
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3865101669408010213
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3865101669408010213
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C952 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=32856717-8ef5-7cce-f4a1-f358e5375ab1&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C952 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWVlYWI0ZGQtNDc4Mi0yMjZhLWUxNDEtYTllMTJmZDU5NGQx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C952
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKoNn-Hjd_HQxT8NGcpcv6E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame BD80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=770ad8ac-3fe7-c5bb-9da3-47e5b34b6039&tv=%7Bc:onIB5J,pingTime:-2,time:634,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:263,bdZ:442,beA:642,beZ:643,mfA:1013,cmA:1014,inA:1015,inZ:1019,prA:1019,prZ:1029,si:1038,poA:1040,poZ:1064,cmZ:1064,mfZ:1064,loA:1189,loZ:1194,ltA:1275,ltZ:1275,mdA:644,mdZ:732%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:395%7D,%7Bpiv:0,vs:o,r:l,t:542%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:634,n:542,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:395,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B167~1,0~0%5D,as:%5B167~300.250%5D%7D%7D,%7Bsl:o,t:542,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B92~0%5D,as:%5B92~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a.934251-60616147%7C1a1%7C1a2%7C1a3%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f*.934251-60616147%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1h%7C1i,idMap:1f*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:397,sinceFw:235,readyFired:true%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dealnews.com%2F&domain=www.dealnews.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.dealnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 16 Sep 2022 12:54:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
412930
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dealnews.com%2F&domain=www.dealnews.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=0Pq4Rnw4WTY3K3duNmEwTk1ia3FscUxsUXFISjErbmwraUlLQS80SGU2bEl6Ky9iZ21mdmtwVFR4NEdCcWtBYUJtbmVRWG9pbm1iRzMxcHBEaVdpdVhnVi91N0tYbEJtWVErSDNqYnhYNGZZUnJlVG5IY2NGakZVWGFCRW...
354 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0Pq4Rnw4WTY3K3duNmEwTk1ia3FscUxsUXFISjErbmwraUlLQS80SGU2bEl6Ky9iZ21mdmtwVFR4NEdCcWtBYUJtbmVRWG9pbm1iRzMxcHBEaVdpdVhnVi91N0tYbEJtWVErSDNqYnhYNGZZUnJlVG5IY2NGakZVWGFCRWxXUUpXVW9HbWphMDZmM1oyODJEWEhjVXg0YkRkR056eGZUMVRROUdLRkwveVJLbkhaUHhqZUE0U2JESHZlUzVLb1Qrc2o4cXBzaE0zcE0xV3gvTFk5MVJ0b1hnVktZVE9DSXBZWUZHTzBDQ2NUMnlKemNBVXl6alFWUzUvOGZUd1NlNmFmNjV6fA&cppv=2
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
57d599682474f6efc9daef4430831d5361b1a004abc0b99a4247c37a76fe07d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1503213
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=0Pq4Rnw4WTY3K3duNmEwTk1ia3FscUxsUXFISjErbmwraUlLQS80SGU2bEl6Ky9iZ21mdmtwVFR4NEdCcWtBYUJtbmVRWG9pbm1iRzMxcHBEaVdpdVhnVi91N0tYbEJtWVErSDNqYnhYNGZZUnJlVG5IY2NGakZVWGFCRWxXUUpXVW9HbWphMDZmM1oyODJEWEhjVXg0YkRkR056eGZUMVRROUdLRkwveVJLbkhaUHhqZUE0U2JESHZlUzVLb1Qrc2o4cXBzaE0zcE0xV3gvTFk5MVJ0b1hnVktZVE9DSXBZWUZHTzBDQ2NUMnlKemNBVXl6alFWUzUvOGZUd1NlNmFmNjV6fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
665133
content-length
0
expires
0
341.json
id5-sync.com/g/v2/ 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/341.json
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
bdb5ccdd449c9d7b5678aa4ab1745c445174bacd2d1e4eb2058d654514862a73
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:31 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=cw39kyg&fmt=json
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
839e8a58aeb47596c00292280fd2294c7c7ecd8bce2eef7d8cb461bd6f6b3ab6

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 16 Oct 2022 12:54:32 GMT
envelope
api.rlcdn.com/api/identity/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=76
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ 		63 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&us_privacy=1---
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.120.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-120-198.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f6fb50975638c7408379a9bdf4c350cbac0c090e681f2415638ed521ce2f724f

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dealnews.com
cache-control
no-cache
x-server
10.45.22.246
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
dt
dt.adsafeprotected.com/ Frame CA2C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=558d58eb-65e0-384d-7dd3-bc2d5f0f2c22&tv=%7Bc:onIB5Y,pingTime:-2,time:588,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:288,bdZ:474,beA:749,beZ:750,mfA:1115,cmA:1115,inA:1115,inZ:1116,prA:1116,prZ:1122,si:1125,poA:1126,poZ:1139,cmZ:1139,mfZ:1139,loA:1259,loZ:1262,ltA:1336,ltZ:1336,mdA:750,mdZ:788%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:376%7D,%7Bpiv:0,vs:o,r:l,t:508%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:588,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B141~1,0~0%5D,as:%5B141~300.250%5D%7D%7D,%7Bsl:o,t:508,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.934251-60616147%7C1a1%7C1a2%7C1a3%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f.934251-60616147%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1h%7C1i,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:377,sinceFw:210,readyFired:true%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=b0d60b5dd6&gdpr=0&gdpr_consent=
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img&gdpr=0&us_privacy=1---
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
cookiesync
bttrack.com/pixel/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=720920&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&gdpr=0
35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&gdpr=0
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Fri, 16 Sep 2022 12:54:25 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-type
image/gif
content-length
35
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrYeskFViDLn2r05JqtaUQ1bCqqAuMjYv3juMi%2BHizr8azL%2BwKPflnd23btS2IMzAGWVecTsy6Wp1YgyvncPwJBvDBsDen6tjPkH5CV7pmcSPxEKt%2FiENaXGJWifAufTo9AjiUTX"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&gdpr=0
content-type
text/html; charset=iso-8859-1
cache-control
no-cache
cf-ray
74b9c056cd6a9034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ea4e6324-7209-4400-a980-3de900f6699b
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ea4e6324-7209-4400-a980-3de900f6699b
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-43
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=ea4e6324-7209-4400-a980-3de900f6699b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Sep 2022 12:54:32 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=7adcbe78-9639-40bf-9c11-ec8460e37791&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=693325687609&expires=30&user_group=1&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7adcbe78-9639-40bf-9c11-ec8460e37791
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7adcbe78-9639-40bf-9c11-ec8460e37791
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-43
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=7adcbe78-9639-40bf-9c11-ec8460e37791
Date
Fri, 16 Sep 2022 12:54:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157230&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:31 GMT
content-length
0
sync
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1---&
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame C4EC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 11:55:25 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 3098 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 11:55:25 GMT
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame D5F3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 11:55:25 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame AAAB 		0
0
dpixel
cms.quantserve.com/ Frame 2682 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGTVHcbaT-wi-Gk0hREs1g4&google_cver=1&google_push=AZmPxg_HpTEOAbZMcfv963VmJ7o2W9agKOg_O7OxKBz7mOndKIC_Hl6RqnMG0-H38Yb5DE1j5vCbP6IOv8o4V4oxg5tc2WRKzubLMQ
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame 2682 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEDZEM6HCJ5YoGkp1deq012E&google_cver=1&google_push=AZmPxg8P_uW9L6IEpMJHSYheyVHcSg4eBoEeLQOwVkGq5thId6vmwMljZah7HbMm3I_7qAP_Ge8v92yo0WdBgvr433uO8Xzh1zTOjg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8P_uW9L6IEpMJHSYheyVHcSg4eBoEeLQOwVkGq5thId6vmwMljZah7HbMm3I_7qAP_Ge8v92yo0WdBgvr433uO8Xzh1zTOjg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74b9c0571d249a30-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2682
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOcM-X5m8WtlfpU8Es544Zo&google_cver=1&google_push=AZmPxg9-DuIHtNeEFJU14KBOOwFLULMLpaJuPR6hsBhUkYbnBS7P8CXyc9yIK95HLYjt0e3FH70be4dJsXZdZkSg_gyY...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=88dc6297-0acf-480a-b5ea-07dfbf1087f6&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9-DuIHtNeEFJU14KBOOwFLULMLpaJuPR6hsBhUkYbnBS7P8CXyc9yIK95HLYjt0e3FH70be4dJsXZdZkSg_gyYh77wVSgU&google_hm=ety-eJY5QL-cEeyEYON3kQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9-DuIHtNeEFJU14KBOOwFLULMLpaJuPR6hsBhUkYbnBS7P8CXyc9yIK95HLYjt0e3FH70be4dJsXZdZkSg_gyYh77wVSgU&google_hm=ety-eJY5QL-cEeyEYON3kQ==
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9-DuIHtNeEFJU14KBOOwFLULMLpaJuPR6hsBhUkYbnBS7P8CXyc9yIK95HLYjt0e3FH70be4dJsXZdZkSg_gyYh77wVSgU&google_hm=ety-eJY5QL-cEeyEYON3kQ==
Date
Fri, 16 Sep 2022 12:54:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2682
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPbNk9WUQaNSWBhThAI8tmM&google_cver=1&google_push=AZmPxg-XScVWLtGjWc02kewzpmYWj5Ah6nsGgJD9IRa8n5yQyrPirq9gTuWRVt1iiI83hW0I3dnRQV0Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTEwNzUwODE1OTc2NTEyNjczNA&google_push=AZmPxg-XScVWLtGjWc02kewzpmYWj5Ah6nsGgJD9IRa8n5yQyrPirq9gTuWRVt1iiI83hW0I3dnRQV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTEwNzUwODE1OTc2NTEyNjczNA&google_push=AZmPxg-XScVWLtGjWc02kewzpmYWj5Ah6nsGgJD9IRa8n5yQyrPirq9gTuWRVt1iiI83hW0I3dnRQV0YdZq3sU2Gwr7-e2qh8tu5Jg
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTEwNzUwODE1OTc2NTEyNjczNA&google_push=AZmPxg-XScVWLtGjWc02kewzpmYWj5Ah6nsGgJD9IRa8n5yQyrPirq9gTuWRVt1iiI83hW0I3dnRQV0YdZq3sU2Gwr7-e2qh8tu5Jg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2682
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDdthEOyJFV8_M8zDDMCijU&google_cver=1&google_push=AZmPxg8Jztumb73kZmpiBa0qi1KnFIrfqpkn9sPCt_qNyrcfi3fJXFtgb0xYAtiOAU0waWqEUOagUvFh2MWD13oznnMHJF8uAT...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg8Jztumb73kZmpiBa0qi1KnFIrfqpkn9sPCt_qNyrcfi3fJXFtg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg8Jztumb73kZmpiBa0qi1KnFIrfqpkn9sPCt_qNyrcfi3fJXFtgb0xYAtiOAU0waWqEUOagUvFh2MWD13oznnMHJF8uATj4Yw
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU3NjI5NzcwNzE1NDY3MTQ3NjgyMA%3D%3D&google_push=AZmPxg8Jztumb73kZmpiBa0qi1KnFIrfqpkn9sPCt_qNyrcfi3fJXFtgb0xYAtiOAU0waWqEUOagUvFh2MWD13oznnMHJF8uATj4Yw
date
Fri, 16 Sep 2022 12:54:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 2682
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHAxbyoVHclmlXOPtNYofWo&google_cver=1&google_push=AZmPxg9s5OI-JbFCYnemaaPNT6b3fCUtDSii3tKjnT54NXlTLQmUadU93zdFoT1PU0fXajyazxlveb8Txmz...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9s5OI-JbFCYnemaaPNT6b3fCUtDSii3tKjnT54NXlTLQmUadU93zdFoT1PU0fXajyazxlveb8TxmzoNjC9SlGfETRjk7PZzNI
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
b1sync.zemanta.com/usersync/googleadx/ Frame 2682
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJ7Ih9dvcKLE7b7SJ3jOERA&google_cver=1&google_push=AZmPxg8cVQocP-bqkWBk12_tls8uVgf9Jnbidb5sT_qI9neOUKb23muDe6r8Xm4KEPu6CmfBGorawG9n-hONv...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8cVQocP-bqkWBk12_tls8uVgf9Jnbidb5sT_qI9neOUKb23muDe6r8Xm4KEPu6CmfBGorawG9n-hONvRy5wLVWspDGWiax7tY&google_hm=dmJtaGNYeFhLcEVId...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
64.202.112.159 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2682 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXfsYXQ8xykCbuz5E4yXR_U3K--mfmU1y-v-ehSPc2c4hbTs_yQ41AiY2PULnbMblrEIExuqI
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame CE94 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswETzJPlgnI_YixI5iXKtr06N_qke9kHXDbj34X9-9GLVNy8J70kOkHW3cc1eyOYctYMQw5FgpREc16cyvDnGLFYNrZGrwvDEbkHcWw3l0qWJjBwGC1fkbtmo1CXSdr6FIj60Wvrs2RQyGychPM8pGeScE4GX6WTWY&sai=AMfl-YROnHgH-L6dNfKoehmwDZdbDUkCalA20IP8g-v6PC5E6ZpP8_aBhFLqJ1wnj_tvPCsfQaUPJ1TwoT1aI8BPrC5e6AsDXRjgPiEdbePO8O_bIzLGVZNm6wFK6Ml_6w&sig=Cg0ArKJSzGpq-WQV20aQEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FCAC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
278505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame A69E 		1 KB
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_140628065768&jsTagObjCallback=__tagObject_callback_140628065768&num=6&ctx=11655933&cmp=2661571&plc=57965363&sid=1523392&advid=&adsrv=&unit=300x250&isdvvid=&uid=140628065768&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=105&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661571&aucrtv=55507177&auorder=84037585&auplc=9041739&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_E_B_G_J_B_B-215-CREDIT-HARDWARE-Tracking-ENT&c3=RT_PD_BC-215-apl-all-PRE-Tracking&c4=iphone14_sale_220914_300x250&c5=DV360&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_apl-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&prr=1&m1=13&noc=4&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D562%3D%3F6HD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D562%3D%3F6HD%5D4%40%3ETar9EEADTbpTauTauc_3b%60a25ff_fecdd377h24hb3446c_c_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=8.50&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_140628065768
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
057b033d85e0517bfac06e79f005b74914e89d67776eb42b5fbcd499d7072a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Expires
09/15/2022 12:54:32
verify.js
rtb0.doubleverify.com/ Frame 7864 		1 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_142059927971&jsTagObjCallback=__tagObject_callback_142059927971&num=6&ctx=11655933&cmp=2661571&plc=57389660&sid=1523392&advid=&adsrv=&unit=300x250&isdvvid=&uid=142059927971&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=105&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661571&aucrtv=55096406&auorder=84037616&auplc=9041715&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_E_B_G_J_B_B-215-CREDIT-HARDWARE-Tracking-ENT&c3=RT_PD_BC-215-sam-all-PRE-Tracking&c4=samsung_flipfold4_sale_220825_tec336a_300x250&c5=DV360&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_sam-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&prr=1&m1=13&noc=4&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D562%3D%3F6HD%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D562%3D%3F6HD%5D4%40%3ETar9EEADTbpTauTauc_3b%60a25ff_fecdd377h24hb3446c_c_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.30&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_142059927971
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
00f28f185360e6347304e9cef26e3b2fb3e60ef05b765c6e81d41f31e352d52d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:31 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Expires
09/15/2022 12:54:32
passback_300x250.js
static.adsafeprotected.com/ Frame 130E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
etag
W/"44f0ac540dc9c11f94344414c879b658"
age
128472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
date
Thu, 15 Sep 2022 01:13:21 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
jyeptdJKF_9o0w_7wEcxk415dbMdX96uIKUurQGfG6IBVJPoJzSCvQ==
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame E942 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 11:55:25 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0Pq4Rnw4WTY3K3duNmEwTk1ia3FscUxsUXFISjErbmwraUlLQS80SGU2bEl6Ky9iZ21mdmtwVFR4NEdCcWtBYUJtbmVRWG9pbm1iRzMxcHBEaVdpdVhnVi91N0tYbEJtWVErSDNqYnhYNGZZUnJlVG5IY2NGakZVWGFCRWxXUUpXVW9HbWphMDZmM1oyODJEWEhjVXg0YkRkR056eGZUMVRROUdLRkwveVJLbkhaUHhqZUE0U2JESHZlUzVLb1Qrc2o4cXBzaE0zcE0xV3gvTFk5MVJ0b1hnVktZVE9DSXBZWUZHTzBDQ2NUMnlKemNBVXl6alFWUzUvOGZUd1NlNmFmNjV6fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 16 Sep 2022 12:54:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
418626
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
stats
gw.geoedge.be/api/ Frame B263 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/stats
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:32 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 130E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
etag
"65a8b98b798ce416d94c2847aca40c71"
age
580896
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
date
Sat, 10 Sep 2022 00:17:42 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
iIA2KWBgl_jkDBXUkuhv0iTTJ7V5Af92mFO389f1YbE66Nsl-66yIA==
bsevent.gif
rtbc-frc.doubleverify.com/ Frame A69E 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=ccd7085f03ef4e8681713a640f21144a&vfdur=161&cbust=1663332873069485
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
09/15/2022 12:54:33
dcmads.js
www.googletagservices.com/dcm/ Frame A69E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 16 Sep 2022 13:29:33 GMT
bsevent.gif
rtbc-frc.doubleverify.com/ Frame 7864 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=893ff3acb4c54c6fac91568d161a505c&vfdur=142&cbust=1663332873071565
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
09/15/2022 12:54:33
dcmads.js
www.googletagservices.com/dcm/ Frame 7864 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 16 Sep 2022 13:29:33 GMT
rs
ad4m.at/ Frame 75BD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9164c16a35eb6f4030b14b53c902b8b2658d9fa91807656f8e1721f2164bd715

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
74b9c059093b927d-FRA
date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv1h%2Fp4hzRuBib32YHoeCdXJwphfHBLY0HeD6XvLyKOh68kd4nxNt95oEICbRXYxFGZL7EoNPJ1FNonbOOgRyHh%2FIVtPACDt2l%2BuKDi7%2FHxCJ8WP%2FMxqjgtG4gWbwZvgBo%2FUTAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74b9c058d8ec927d-FRA
content-length
24
content-type
text/plain
date
Fri, 16 Sep 2022 12:54:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nC5zzSb%2B7txL%2BL1HQL5YftEO%2FTyvL6%2FbqNt%2FULMUTCUZa0ta5N6VPxrGnPqmsG6LSTfAEdAKcj%2B0NlKMTNKu6vGDo%2BSa0hh%2FiFaExh4xvDbdllEbRkN7UEUCS7pwm9q78kuqkSc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame FCAC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 11:55:25 GMT
dt
dt.adsafeprotected.com/ Frame CE94 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=217244fb-b626-de2a-2541-553e33ae1926&tv=%7Bc:onIBcP,pingTime:-10,time:825,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663332873151%7C%7C4b3de4be1f8d3124b37146bb76bdfd98%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cfc5006e455e75c6d392dd63d5a2e161e%7C%7C2c6fdedbae3eb75617088e12f1ed5864%7C%7C6b6ab9aeb934a9bc300a2eb8477e6146%7C%7C62eb13df62baa0be55ee0746d09fce82%7C%7Cfbbe29ea7a05175672fb36d4afb3ac62%7C%7C1629390669,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:0,cnst:0%7D%7D%7D
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
impl_v90.js
www.googletagservices.com/dcm/ Frame A69E 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Sep 2023 16:29:42 GMT
impl_v90.js
www.googletagservices.com/dcm/ Frame 7864 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Sep 2023 16:29:42 GMT
rs
ad4m.at/ Frame 3EBF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfea518f4e09df5b8de2520c3c5930863c0b3607db885f88d8f1aaceef2b9e18

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
74b9c0599a10927d-FRA
date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1At4a4lxXTMe%2FGE66zrJoyI8NpgmqSMnLuCN76Wf23NY0tSEDRtgC1Q5yyZAuxBmIjXhL0c52XgsB33RoMSrDE8L2utbNnsH0V3wS9Eb8nunE9Gd9EQzm0BpRjVpPSsv1Kz5wo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74b9c05979d8927d-FRA
content-length
24
content-type
text/plain
date
Fri, 16 Sep 2022 12:54:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCt8qybV%2B%2F%2BGW3i44dPx7pI97GsEF67owLPosODmWG11jz%2BZwCs7XxmqlQ1GSYnc%2BUDQsaaqeiqUowOA33%2B1wXOeesm2OhlX%2B80sRqXHfrmkDgOS%2FQFAdbnjQvxXEg2gRrm3IQk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-h8v1
rar
as.ad4m.at/ad/ Frame F80B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54f0a586c9aa22081bb9e0f3b46d79724b5f89ab0e96358ddd59ef80adfc471
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hcpq9ym0nt9naeqvk6bekrc8h3a9439yd67gk3yrat678jh5hwehvmms3fja2ak5z1p5z9093zahceekyy0bqaz5m8ckpe2hg9qrh3sgd0y5gtrnwpphd6xvf5wga72ept8n48e73dgygmmryrc9z6y94rtrdp3zx983d88ymd5gg96t5r7a8mjrgfqthfxm9ywvjw8dd4gv7thtm0r82p0wqshca5bgm79zbh4dgx579er1ztyqys2zvs8f0ah98sqqsvcm4e2yv89ynky3k2b2wr96tshrsxhk8kwbfnjq3t0yjqqm12x8rnpad11h3qx6m7ktpb0pv8gasp5nphexf1j3aqjcgq1qymqzka1bm28k49d4tvxpmcnm23q0nt6697edbkq8cf32g5csz69dkdmwsp5&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%26client%3Dca-pub-6163857992956964%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74b9c0598fdb924a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:33 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
/
track.adform.net/adfserve/ Frame 7864 		0
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=57389660;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17045810788&extPm=17045810788&extCr=440036200&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CQa0xBnIkY4vDMfis9u8PqPi5oAaeq9DGa_zktp-tEI2Y0Jq5JBABIIiAvxRglYKAgLAHoAGR_tGiA8gBCakCN0lTkaS1sD6oAwGqBPwBT9BlD0Kf1fViTht7v_0po9DG52j-tHIJasiD4TPV6yA6K-ZoifpusPn7yENmu4NT0RAevLqYH6YoDx58yQSmwJeJ_NYfeng4z8UDcbyT64azCQcjrIdrjqJ58N7lCazHIq8XCYQX4MU0qXTyYHHIWq4H0Vr2U1JjHzsUKBZ6RsTPBvGN-Ic5_Mp8laGewFs1uKhueNJu-roMMoxQ2flp7_6Crx2_bsvMBn0qi67AMtVR9EONzuUzVdcf0DX1UbLiU3-NKozXAEYg7APr5m2R6xGBv0xJE-9q6ON-Pb4dnQ3UHUEO5HasVEAoPKq-dNWZ3iEbexHFfCruX3hlwATGv6vw9QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi00NDU3Njk3ODU2NDQ5NzkxgAoDmAsByAsBgAwBsBOGuLEQ0BMA2BMK2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAASJORoBYYegFXP_epzL4tF6Ztx2WtCetzGEu25DWATUXBB6cb_aw&sig=AOD64_3__MsBMvU67r8iRObyuztO3rPCNw&client=ca-pub-6163857992956964&dbm_c=AKAmf-CCA9zmp-pVPjo04liD36Ki9P8UQUdChSPurX6LvDX_NUFvGpxyXVziTC6pHArZbhY2n6GOSW6DIaBTw2suoS8IsoUirr8-lBqZY7uY3ehiC1qdZmVCfzeV3Dq_950ZNt3HS0wRwEglt7u9fYf6jHuV77FEsHQmJPb7udXC6IEFxh2BELU&cry=1&dbm_d=AKAmf-Ad8h3KDC5dMAz5nGaz2Kt7ipkC3zDOkuTqAIg6T_sq7KSONCnDlg_awMosA-I0kw8t2EDl_KQGtVzt_xtZNWEAYWSrLa71B4Ldf6HTTJOeYRefuBzKPGqLlbqk--UkGB4msd4SfGsxd5IhuJCVNy6as5nbEWX-BfCDuA5P0VYKWUsfd631Vd-6FcZpv06MI9l6f8NgdEP9MDnEZn2SpoTp_N0NTPYG7C_l464WnH0sO2jCsxSVvaaeC7jn30Ea8KbtT-QwS0shnWVSICrnAF8hYy5s-OCfU7rpBG12XxmUA2qrP98H8TWQeqPXLfXWgWuRulZdeSAt0wOFgj1B8UTh5MU3iFcCx1hto73NP2MnKbjN-P220Vu2E7LudXveVXh4BUYuNq_XMY6l0eKF9C7hdYnFaLjLhuuOEqAJ7wfP1oh04uTxqZDHtTSWsXM7xRwcxGykwlc6FzOSj6Nld4U-Y3407yulLJOlouvZdld9_NkZLBregCe5KXAwfvusXYtWZNfjMVx4kfY2wpofDz3ZHAueNg&adurl=;js=1;adfxid=2x;132;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.dealnews.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
/
track.adform.net/adfserve/ Frame A69E 		0
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=57965363;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17054712635&extPm=17054712635&extCr=443603275&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CR99rBnIkY4nDMfis9u8PqPi5oAbd8azHa_jSneqUEP_1kOPXAhABIIiAvxRglYKAgLAHoAGR_tGiA8gBCakCN0lTkaS1sD6oAwGqBPwBT9BKxIrrmf9APDnTOhlE8TRcM_rVNsUCUUKqIgLMsqC-qv3Y4Xvx5v75LfIcqjsOvj9ZRIC7FO6CVHgR2TOx7xcEuq1shmvAWvK5M7cLE0SykCr3X8qRq2R3cET62KZkLMwRtaCxsvSywYi-eB4oP-bTycb8-p26nshZhpFQwTlhuJCV8Odk9t8P09rKYeEHkUUuctHH1A_DF-6NWn6pcJ0knNCwcllNMCHMcs1ke488VTs2BhiuC2UAnYY_9HjWuQHKweo37EjLj5abflUHQ43ERqTtT89ljO_qWZZJIi8GlPqimfHtoDtmT4AWmMG8MzggvgRhwZKV-Jl_wATzjZzchQTgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi00NDU3Njk3ODU2NDQ5NzkxgAoDmAsByAsBgAwBsBPCl7EQ0BMA2BMK2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAASJORo2QZYiveFRWeoTjxfBn0OrJjnYNUhmq96y_iVrDs_yboI4Q&sig=AOD64_2A5S9SR9u1sY4w2LtGEeoY_MExxA&client=ca-pub-6163857992956964&dbm_c=AKAmf-Ak68RpmLWiQOVauCoUiamQm064vhbReEYWbz9wdFPxgmCiJ6Xe6LUnNh8zxuRAnP_3NedNDseku0HeiC7WKx6_IP4u4mxA7hXKx3DdFHa5XGE_7wGjt7ajMSdSlNAPg35ZUSxcehjLpc4JluaYTNHfA1dtoQ&cry=1&dbm_d=AKAmf-C7Jfj4ib1PbG-otHq5E9dKIjzFzD6bbDS8ryPf63IG4G2rVZwlAEtZwqJFIVkUFXQp0Vr1GPzapHVjR2z6Y0ZDv9Necd8lh_4WiIdAg2iRnIG1Q0ZPKYjAy5ptLC-o_lzJwsVarLw3areEGr0vFBmFk4zBlznuxwkKELwTPxMCWmOiE7KevyWHWzoj2GMx26QRh_Tg-WOgnANi2-UcTC4RJZCj-fPsTcAUtxGvVkEJmvlGmqS7tKFrctOUDdaAWFyDkSLehCRHTstYzHYw9eRZ66ADZnS-B8IF4IKDNKjkkNsmyieK8D6AUbYIHr4OGEFL7Cm9tvn8_cAg32NkzfqsOqlUkAvdZhoB4oK781HNlSqxs7vK6F1DqPabyV_Ial4VpFokQhuTgfHf-L3QuAV8pdwl4RC6GmAfx396yX2SbepDSQJ2mYdhGkHpUg1bMrvAgi8vlFt3H2jM8_8Ul9ANfNWOyRdtooa8SrvKL6tbpnjf7vfcB_IbA2BjwVrSDJY2jCGqC9Na7_9TNRHjzmrrtzOIwA&adurl=;js=1;adfxid=1x;10654;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.dealnews.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
dt
dt.adsafeprotected.com/ Frame BD80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=770ad8ac-3fe7-c5bb-9da3-47e5b34b6039&tv=%7Bc:onIBfl,time:1230,type:e,im:%7Bimprf:%7Bttecl:1167,ecd:194,tsecr:196%7D%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:0,cnst:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1230,n:542,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:395,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B167~1,0~0%5D,as:%5B167~300.250%5D%7D%7D,%7Bsl:o,t:542,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B688~0%5D,as:%5B688~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:603,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a.934251-60616147%7C1a1%7C1a2%7C1a3%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f*.934251-60616147%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1h%7C1i,idMap:1f*,rmeas:1,rend:1,renddet:IMG.qs,siq:397,sis:788%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame CA2C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=558d58eb-65e0-384d-7dd3-bc2d5f0f2c22&tv=%7Bc:onIBfm,time:1170,type:e,im:%7Bimprf:%7Bttecl:1195,ecd:164,tsecr:193%7D%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D,gcd2:%7Bappl:0,cnst:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1170,n:508,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:376,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B141~1,0~0%5D,as:%5B141~300.250%5D%7D%7D,%7Bsl:o,t:508,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B662~0%5D,as:%5B662~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:565,fm:thBldHD+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.934251-60616147%7C1a1%7C1a2%7C1a3%7C1b.990511-61634100%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d11%7C1d2%7C1e1%7C1e2%7C1f.934251-60616147%7C1f1%7C1f2%7C1f3%7C1f4%7C1g1%7C1g2%7C1h%7C1i,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:377,sis:734%7D&br=c
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rar
as.ad4m.at/ad/ Frame 8CC3 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35041f3d483501f3507658e3d6f21e34e75ea12a095954a80d13d8794b952ccc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hzdykbkd3v30yhmrct6b8jbj001jqhzd60xyc3fzz0eqe440663a2r94b1rj6mqy3ka1qcts63jnm08814sspev72wsybkqd8k37em2262v33b7pbpd4w1stghns7n21785wb1cfgfb376ry05j1s917tz5krgbc144qwmv6s1tkfqaj50s5rxskbsprzmwjzmpzy25w282qt1gg7a6zkwd9dcvm6taxxjxx99cpdvrrdqyk24f8qy4ja55crx04af5h3x0p3h1cxackwsdw0pm3y1thdgmabrfqh3vf17dcg0rv0s3f9pe5mx4hyvd32sc494qf0s9sqq4zsrqcppnxcmz67ryhctp387grs2k59h25b8a66snyn0e8hybr9fbcnx4bjezgkwzr0xz8asmnmehnwyh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%26client%3Dca-pub-6163857992956964%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74b9c05a49a6924a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:33 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ Frame BD80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=770ad8ac-3fe7-c5bb-9da3-47e5b34b6039&tv=%7Bc:onIBfG,pingTime:-10,time:1251,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663332873151%7C%7C4b3de4be1f8d3124b37146bb76bdfd98%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cfc5006e455e75c6d392dd63d5a2e161e%7C%7C2c6fdedbae3eb75617088e12f1ed5864%7C%7C6b6ab9aeb934a9bc300a2eb8477e6146%7C%7C62eb13df62baa0be55ee0746d09fce82%7C%7Cfbbe29ea7a05175672fb36d4afb3ac62%7C%7C1629390669,sca:%7Bspg:217244fb-b626-de2a-2541-553e33ae1926%7D%7D
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame F80B 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
340636
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74b9c05a59d5924a-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame F80B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
674080
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfmRTIACDQ07x9vGMCzDVjXo1jYARG3G4D%2B4UeC4JvCt%2BxNFCEG8MJAA%2F6gCryuY6xGSngD%2BB8lC6vaJqnSU78G0PQWdgaCzYE9eg2j4QcvlJPt1%2Bo8BXWn9ERrYFCdyW7ICwbvl%2FUUtSK6x"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05a6bce6922-FRA
cf-bgj
imgq:85,h2pri
96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame F80B 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2050293
cf-polished
qual=85, origFmt=jpeg, origSize=72345
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44118
last-modified
Tue, 14 Jun 2022 09:41:24 GMT
server
cloudflare
etag
"ed6f7b3b1b04cd5f78cf354be09c981b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOijMkob8UBl2bL6DeXLW1x54Vt8DRei9aG6SlKcBiPNEp7XjyllbBuJggtLut6zAufTu3tYroBJMnKYO4EYe7jLPNEpPns3wh8Lsi1jepIbGfm1t1AKVyDN7WE49Hraj4ICUHb0iYRtuw8e"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05b2b50924a-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame F80B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJ7_xeitmfoCFRWG_Qcd9UUMHQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b6578201-35be-11ed-9f3f-2232bdca291f
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b6578201-35be-11ed-9f3f-2232bdca291f
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:33 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b6578201-35be-11ed-9f3f-2232bdca291f
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame F80B 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280304
cf-polished
origFmt=png, origSize=77267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTyr73jWRUWXZvH0sdqGo2A%2FiCBryvhUm0cizq0hSlH6uZoKPHj0Qd1qsLSi49yfTagTlXjulnBfB54lPe%2BEKZxF2JDYkVen6fr7nwX4GH63nnaZ875XCRtYHD0LC76W04E94Uic1BmEUDQf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05b2b54924a-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame F80B 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1480561
cf-polished
origSize=90165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkaKhASq24O8e%2BBMhLS5hEmMvzbZH0T8x4How3jxc6zL5LWP1GIiCvWpgTU8jWkgjCD3jAqD%2Fx6QK4KOlq5FBmvAFpoo6s%2B0FBTK6hLRGbj2vUB9bPFHD7szfy9gC5Bta0smlOsN0ZPqQbvc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05b2b57924a-FRA
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame F80B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2040831
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTT2%2F%2BfRXDetwII9VsjOLDhBHUB0ssztVgT1DSNGHxNiOlVKaNU0WLQyfGuH58dCukKcQT%2Be2qd8TypfmnHwCAAXouFduLA6IFwXPvg%2Bg70%2F4m%2FNKOb7ksGeOuXzilZwMSb%2BEGErnI174bzl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05b2b5b924a-FRA
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame F80B 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
843270
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vluG8%2BuNgzN%2BEduKZeSQE1WBD0mnc1zvvR6RUmCfvZ%2BNreQrR1rerxMkXif94ztDiUuKj7wpQcXo%2F7e6uEtORr4m%2FMzvzTfCEs9SLpTFcLvDisInUVtFQBAi149lWQHbE8T6gAcgrUo5gR6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05b2b5c924a-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame F80B
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=b63ec9e0-35be-11ed-a5a1-2235383f8385&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b63ec9e0-35be-11ed-a5a1-2235383f8385&insert=AW&&gdpr=0&gdpr_consent=
0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b63ec9e0-35be-11ed-a5a1-2235383f8385&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
730726141
server-timing
intid;desc=a9e18e58698c9f4a
cf-ray
74b9c05d7b5c9193-FRA
expires
-1

Redirect headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b63ec9e0-35be-11ed-a5a1-2235383f8385&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E55C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Sat, 17 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7864 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d64db70c2c6aab6daba00285262e0177353aa5fdebedbd9a2f75d05e2aa594f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 754A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:30:45 GMT
etag
48472445140208031
expires
Sat, 17 Sep 2022 12:30:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A69E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f96f2efbf92ce5c8dde78d67a39c4ac2a10456dc584dd1e8c23f27c6f93d212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
/
ads.us.e-planning.net/uspd/1/ Frame FFCF
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
13 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
Requested by
Host: dsh7ky7308k4b.cloudfront.net
URL: https://dsh7ky7308k4b.cloudfront.net/publishers/dealnewscom_new.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
13
content-type
text/html
date
Fri, 16 Sep 2022 12:54:33 GMT
server
openresty
x-sid
AMS-929

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 16 Sep 2022 12:54:33 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
link.html
track.webgains.com/ Frame F80B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hw964hfn43d1ktps9fv2zf20hc6b6dc943xgg636pjbm83pc9npnp512aa67xs88emkzdhda8yq68bg3zgahb7zwmem5gmnn0yey6vw7neb77wr9x0vn36j6zp2wvb9acx74739aj1t6wsby5byezjrdazcay4y2cehrpwa9bkpz84tcetp78ab1pt6t6c9sgswrz5zjmq6fp28ysxtrtq1a9qmkpbpnpqv6pd56wwhykwcrqvzamp7qepsjd61qm%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%252526client%25253Dca-pub-6163857992956964%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
2169e6b027c4f7a75e37caf19f4ea4905b327ecdea7fadda1eb42f93253e5945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
last-modified
Fri, 16 Sep 2022 12:54:33 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 16 Sep 2022 12:55:33 GMT
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 8CC3 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
340636
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74b9c05bfcc0924a-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 8CC3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2046025
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y56kiX4V66PFf7JGZo1WYMW%2FU9aWUWdOyDez4Rbgo8B%2Bw7LIViUAMCozfWxPnCgiujq7rB5ad11Y8gb3oabC7kP7fdOITt%2BquPWcUlKR88kmPEk1w5gSt0wsZXFzcCN29xNcWeZfkmmrgWkh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05bfcc2924a-FRA
cf-bgj
imgq:85,h2pri
AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 8CC3 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2047282
cf-polished
origFmt=png, origSize=155400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95550
last-modified
Thu, 24 Mar 2022 15:45:36 GMT
server
cloudflare
etag
"6fddd7204b0a0a403f584248bda12d72"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyLcCjYTBBTF%2BIed%2FG9NNJlza7dyClzEMtCMUinZx0wllw0wOE5TcQH%2BR57NAxerer5DNN%2Fb7rkVeoMKNjjJGSCo9QKoKiavzXVjd4WHlG07%2BGILR3WfSyQwEhhRHvZ4BPhXSfSn%2Fgvjye0g"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05c4da4924a-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 8CC3
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNzMz-itmfoCFUYm4AodJaYOKw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b66341d1-35be-11ed-8280-22382f38ffb2
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b66341d1-35be-11ed-8280-22382f38ffb2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:33 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0

Redirect headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1663332873_b66341d1-35be-11ed-8280-22382f38ffb2
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 8CC3 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280304
cf-polished
origFmt=png, origSize=77267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60xfgfTDcIfGW6J8JDBZSn0ampnkm69hTFwJTJcKz%2F792KyQls2%2BvygPVKhs6fIIO87%2FBqCXC8nC0iNsQuXfk5S8KueC%2B73kK%2BiOm02Z4pYq1wCP39CwNfaoIStT%2FPk1NeDPN1g74qYmif06"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05c4da7924a-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 8CC3 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1480561
cf-polished
origSize=90165, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVQ99NaXQigC7PbrRzwjZuSxWuQ7qcWUn5tmmGXRjn9I%2B%2BBo9WiuRkS3pCWWeO70SAaGJ%2BeVCNYAAnDdsUJcyBDxK6yf%2BrQ7l%2FiidwJw1s2aHNNnnTWSsWwReI8bOzYKBouVwqqs1vOSpBHr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05c4da8924a-FRA
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 8CC3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2040831
cf-polished
origFmt=png, origSize=39979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BG35ouAXWAZjorEsXzCzL9egcnj9mPdQSplLIfn0F0C0TOEm08Drcw4ljbftupWXE%2Fs%2BZIaflzyET8hic32HyE2J0uS2BtNhMXifE%2B9m03DNMJJ6NyZv6dpd8fJuMnGAZB2FFw0tD7Hvf47"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05c4dab924a-FRA
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 8CC3 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
843270
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QoasljhwBIeJk4a6rVtcZBbGEr1Qe2VHgIHr2iktCf7SxXkZK%2FrbQ7CvuE6pEYchOw22dhvnl9oWE2PP6FPt3Exrz9BkXnmPm%2FhATrjeBMcCj24EXBBu2Cf%2F022ZMi7yLQbrZdre%2FHdZwmE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sat, 17 Sep 2022 12:54:33 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74b9c05c4dad924a-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame 8CC3
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=b64c8580-35be-11ed-9f3f-2232bdca291f&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b64c8580-35be-11ed-9f3f-2232bdca291f&insert=AW&&gdpr=0&gdpr_consent=
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b64c8580-35be-11ed-9f3f-2232bdca291f&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
735018287
server-timing
intid;desc=effbbd94d97d62b6
cf-ray
74b9c05d8b5d9193-FRA
expires
-1

Redirect headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1663332873_b64c8580-35be-11ed-9f3f-2232bdca291f&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E55C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMLmunJm1Va0bDREmCRprhM&google_cver=1&google_push=AZmPxg8hNnPor6UU_H-kQEIV35r8yw1sv7ErCE9ihC620ZRY_BjDB8cm9lsgiKJWRw8HfGZjW1OSljCFfH8y9ojm...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8hNnPor6UU_H-kQEIV35r8yw1sv7ErCE9ihC620ZRY_BjDB8cm9lsgiKJWRw8HfGZjW1OSljCFfH8y9ojm_aMjSRF7X0NdzQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8hNnPor6UU_H-kQEIV35r8yw1sv7ErCE9ihC620ZRY_BjDB8cm9lsgiKJWRw8HfGZjW1OSljCFfH8y9ojm_aMjSRF7X0NdzQ
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Sep 2022 12:54:33 GMT
Server
MT3 4505 5b23575 master nrt-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg8hNnPor6UU_H-kQEIV35r8yw1sv7ErCE9ihC620ZRY_BjDB8cm9lsgiKJWRw8HfGZjW1OSljCFfH8y9ojm_aMjSRF7X0NdzQ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Sep 2022 12:54:32 GMT
pixel
cm.g.doubleclick.net/ Frame E55C
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEHm74TUFF1wDZvh-q9ZtSYQ&google_cver=1&google_push=AZmPxg-SZu4IkKzwwKLPhDcUvoiWzbpeeW-qgYKahLgdtGB-u2gJArw_LqPZXH8vs57UsyFzSkAvjiG9-72lu7bkCdivyWsihE-Z1A
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEEwMTc3MkVDQkZCM0JGOQ==
date
Fri, 16 Sep 2022 12:54:33 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame E55C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEthsxNMkjWIBnOk7GSBcp4&google_cver=1&google_push=AZmPxg_I2o6gBcmY5h_wij48tmAwzV-SnOt643h-0iqPTcKZeHBftA67lYnq97NtqPOtPTW3qYV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_I2o6gBcmY5h_wij48tmAwzV-SnOt643h-0iqPTcKZeHBftA67lYnq97NtqPOtPTW3qYVDzL1NhR3UT7NBX1iko1dQ0N3mIA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_I2o6gBcmY5h_wij48tmAwzV-SnOt643h-0iqPTcKZeHBftA67lYnq97NtqPOtPTW3qYVDzL1NhR3UT7NBX1iko1dQ0N3mIA
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0SEcwTDQtMUUtMklUNA==&google_push=AZmPxg_I2o6gBcmY5h_wij48tmAwzV-SnOt643h-0iqPTcKZeHBftA67lYnq97NtqPOtPTW3qYVDzL1NhR3UT7NBX1iko1dQ0N3mIA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame E55C
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELdesNJtu1SshlmxfQJOkxM&google_cver=1&google_push=AZmPxg8WTl8KoCgKBbfLLKnJOghmBHKeo5-XqyHrPne1z2Z2hA-Occ2ds5BtDVoETwcGo5mC2IL1MLhiUE0oLlzQimRjVN9UhIsd0Q
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8WTl8KoCgKBbfLLKnJOghmBHKeo5-XqyHrPne1z2Z2hA-Occ2ds5BtDVoETwcGo5mC2IL1MLhiUE0oLlzQimRjVN9UhIsd0Q&google_hm=Z2ZiNWZlMmQwODIwZj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8WTl8KoCgKBbfLLKnJOghmBHKeo5-XqyHrPne1z2Z2hA-Occ2ds5BtDVoETwcGo5mC2IL1MLhiUE0oLlzQimRjVN9UhIsd0Q&google_hm=Z2ZiNWZlMmQwODIwZjYwNTQ2YmE=
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8WTl8KoCgKBbfLLKnJOghmBHKeo5-XqyHrPne1z2Z2hA-Occ2ds5BtDVoETwcGo5mC2IL1MLhiUE0oLlzQimRjVN9UhIsd0Q&google_hm=Z2ZiNWZlMmQwODIwZjYwNTQ2YmE=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame E55C 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGQNtQCRGxOKUfFnPUks5gQ&google_cver=1&google_push=AZmPxg8OSdhlyWtz6ehSjWMnGtw5u06tiRuoh-xGz4kR_N7nzDcg5uJquNFuuK_HzVn1uXb94z9pVmqbTLx4Tmi78wXlc3sgW98PuA
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E55C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG0KdMwL53W60_qcEUyOiwQ&google_cver=1&google_push=AZmPxg8afANOR8tHK5R7600OWiAWvJ8MAbkfpNKqT72d7wq-E6L7R0_MQjNZG4Qoo9eXMCX4Gp...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg8afANOR8tHK5R7600OWiAWvJ8MAbkfpNKqT72d7wq-E6L7R0_MQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg8afANOR8tHK5R7600OWiAWvJ8MAbkfpNKqT72d7wq-E6L7R0_MQjNZG4Qoo9eXMCX4GpIgjXZaTIPYGOa5Gd6lT2hF0_Spqg
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GN2pNQ1hGRTJ1SHo1Tk41RHZfTzRVTE9YMC5SSFN4bX5B&google_push=AZmPxg8afANOR8tHK5R7600OWiAWvJ8MAbkfpNKqT72d7wq-E6L7R0_MQjNZG4Qoo9eXMCX4GpIgjXZaTIPYGOa5Gd6lT2hF0_Spqg
date
Fri, 16 Sep 2022 12:54:33 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame E55C
Redirect Chain
  • https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEC8KWLqFALmxGmzGeM0vmPo&google_cver=1&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iHP4VS...
  • https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEC8KWLqFALmxGmzGeM0vmPo&google_cver=1&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iHP4VS...
  • https://cm.g.doubleclick.net/pixel?google_nid=sol_networks_limited&google_hm=NzE2Yzk2YjRiYmY2NTU5Mw&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sol_networks_limited&google_hm=NzE2Yzk2YjRiYmY2NTU5Mw&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iHP4VSIHHF1CbOyVLrow
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
location
https://cm.g.doubleclick.net/pixel?google_nid=sol_networks_limited&google_hm=NzE2Yzk2YjRiYmY2NTU5Mw&google_push=AZmPxg9xx-LnEVbareWIRyapesbZuXtDRwsEK7IjT4zCvxa_6K9kIummx9W_cOIFKUDFkgFf6EG8YuFbxO8iHP4VSIHHF1CbOyVLrow
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame E55C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-IpHqaHhKtUI9h3bJpW5ljtN4fnOzRqyDWbMjeYSrq-TC8uoT7uMEi-SgIN2C_qHRbwcCFZw
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
stats
gw.geoedge.be/api/ Frame CE94 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/stats
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.235.242.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-242-182.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:33 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame CE94 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmJzB6NG1S2vbJfSTzSvpoK1xFDqJvY5En5Vuw2jV7Kw-NcEzu9JpSbc0iDMDwhyYN-zFMIrmuohqNHh_NzGWICElaGHeTDQzY791fUaAgvoCD5qIIPxX3xqP8G_SbJUsTAr9auJglfMnzqo3VG2yzJHHFtML5BDa7jBHwLycdcgz-2mlbsdDKY70ZKAwCC6YmjcnOhmVKb51Rg6zeeKGnQs4Tihb5RS9YEpqW6G-CHAMOiztifG9TxhVl9iCg9sMR2wkGQNKY_S4p-U6Kq7lR7kvXWKJBdjQuPpxHb2E-cPeVqGYU34l0D9XlJQAlH18X5NU1ZkvH3oOAS4cxou3RbpKBdu0g_GLKwJrNOFtScHnVUaonIvumPuXrfKaz25xeR16vbxUpkMMIG5SNOgzT6KeL33BRDZosNo7dlmmOmTw8Jg6vM6ZST6Ex1VpUsVz5rboBYAN9dpOxg1k6I6kGRdZWYSUoRVuzyKkr527WIiO7c6THabK0n3AKsabxDeLgBG7q7x_8TvHPhLvdBP1pLG_qjsLF2l4hJtq66EEipEH_-onXbZ0RnH4OhFSYNo39d0qqgztwqyV-Kn7yzaGpqGxHIBryQVsx09q2vCuWqbqNhgbuhZ92vldjVEYljoa3AThSjjr7TKt8WgxQAz6MDRWfTI1amIjBrPGE5qBn4IgoHH5y1eXpvd3pvm9YV9-rt2hu9q3JVn-5UJadnkV2gkLR6kk4LnzNqnFPwT9ox0K_14mAXd7WaQsghyN9alyfyKPGp8XzZzthSS64Q-6y3lJUfADGjy2MCekiBLN-vVCx740pg4v_1AvGqTa-oWcqK31luVElQjYTIcXT328VvZizXv9tz22zMyzkJabPKsWKOL3hTZYWIfygzoEwW5xQkRW5Uw_zgNE46-Q0tX8kowpRx562PQqs_uh9tz0aCYbmc6Y2dAvc1n7VGMlwKk-FsTolA6mVSulVq4RVV4sqSDci5vx4NhTdQAmZLrAPqc0dVjaE2fwPvK9-eqD-oWCL5xc1puE3ZnskjWXp1CCKMiO-d7PY3TgjOsFYtEb2rg0TgsQI9zf2s5mLodzusqgpoPXFd3y6I2yhvE4TTLrwEmnKxBvEERSEbQdB3B0vrgUcHBtuU6PploIDr2vXDNAfHxxYLF85vXwRl5JsU5PskTtAK6tVdJQsA4-TrLZmEGjeCErmtxJWHawH16lSjMQ9hbMpXiqQFoYjjIfvxJ-yW2AyeLMiu12Pi55G2LeIFKw0Lm-Y5saNp8GBfP4oknOqj-01YoEZy0Zdm-WViRQHVsDlAXCiHq5XUkrSwBiCJfhAvDn6ApviWnbg&sai=AMfl-YSKCNXykmA9Wx9BTNo06w3wBOaX85e4LLkZgYDvJEQRRC861OBz47r3Ow1wxX1iFYgug8jNntptrOQSjKFViGNjYtzMhZ0zjvSd98Nz_h5N8gpektuczOcdPDItqzfStI3qtxjRY4klhrIPvN7RLCGkOsAaPCaEIiMixcNSihvKTF6jWw0wUPkwhk-kA_Jnhh77KY5OS_Z7Tm7vJdV-hrnO&sig=Cg0ArKJSzH0sGNpH-mNiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1656&vt=11&dtpt=1138&dett=4&cstd=514&cisv=r20220914.90311&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5F3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BALXbB3IkY_LrLNa9x_AP0J6QwAEAAAAAOAHgBAI&bg=!np2lndnNAAZqQh0mSkI7ACkAdvg8Wl2VPp6lQDK6-YQl3MmalCuZvuhWcuDVsvxUlRmeGp-MnRS-qgIAAAJcUgAAAAJoAQcKABaHd9chn6ZVEnxqXjl2A8yEXedq9JgRmQLsWMCtkuLZ8jIoF7RodsvYCGO8VS2CH2r426iSXGkK6q9oTVKyPqVwSzAQJzSRwCPu_EOcz6cUKqkhlYX-6B0bcTRWloQl46xM7kRn3WOynHvMeHinP-mhg4LoKsqP-qisUW0PLImRVDuYNFw8wK-0O9SFFiA5WPPYhfUWuVk2BuUanFgRy28jWlCMpw6JVpWVRm70gSEK_PbbZHcvAAiIsXGp2ObV4LL2jkYrioyWm8nKiQRYGDTqbXJOfnYC8OrjwpDTJNtxsfYYM4iNQF_VVQD-B82Rh_QbiT4rTE0k1fnNZfD_5SMjQPhfCh7IJtpQkgN1Y4aOOnbxlZlsWIs1YL_Ml-M1v1X0IfuGw1Dv1u3K2dAVDukDCMs4DHQDYGMPBDepPcVdt4oITDCPMtL5TVYkEYf-ycQxlaQNQVMpP7oXD9pynG55268rqgh6vq4SL4Xpgd83J4HfpVmGz4902gg12MtbQPwcuR4clDK3LKAQclBRZUAujjH7t39Z5KEb8oFIXRDxf2PrWG_Q5G0CCkmP1sQKqRE_Yw36WuDPyxN4Mb7V6Ilwpf-tPTGLIOPuA28brnpa4Z1Kgtmv8CQvaVycFPdt6Qa1ATMVXMuGaLHhtCW5lzTPwVid4ZRlXAVGU5LUPIVVLhkpOu_4CAmxFeQYVhKTPxwrKu9vBJUh4l1L--LtFrnRCTR_leoyU5vi8gbV3s7IuGLGFoxGoGDyp_nzW5U0_qgtzlnEXyDYNTWuvjRuGfJe9PJyKN8o3AZW8x7zZgYceEUsaqyKHkV44Ho8MAY_mAGOxKqREvwqDMsv_CX-4l8O4oBAVNpKyxbommSEU-7qzoPQcKBj2CRJpPrdOP1hw9cFjGlgeSC9k9hhZBpntA2lZKiBJwv2TzBtfzK8TXH14dba5C8HkSKqkL-bUGddKT0XxO5atk0cdscU-cebwrwAqlrV4P7s7lm_z3zFOlHLSkESg-K19e4tW-ZOvpm9nM6oPEUQVA
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 754A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg-vT7TI5mlU619Fn_JRPabYxjUSCynGQs4vwVJI71t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg-vT7TI5mlU619Fn_JRPabYxjUSCynGQs4vwVJI71tdr7jfnPYPmFxzYZ81YoL60VsaE-HKNPm3SEmbJjYU4VbCBRDh3Mli
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 12:54:32 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Zk1NdUxsSU8xT3phUnk1&google_gid=CAESEJiyY746kGnb6-fepEOJjCA&google_cver=1&google_push=AZmPxg-vT7TI5mlU619Fn_JRPabYxjUSCynGQs4vwVJI71tdr7jfnPYPmFxzYZ81YoL60VsaE-HKNPm3SEmbJjYU4VbCBRDh3Mli
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 754A 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENmu4mIZpJSftPpa23kcDjs&google_cver=1&google_push=AZmPxg8MlrGBJ8m0z-21Rn3BOGwnIqDZmbvVht-6KmToMKmBwLzwsESXJUSeKfyuOz-UX4Grv2QuNnuGnJJ0Xvia4AzyDn6A6V8QOw
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663332874.788966,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-fra19144-FRA
pixel
cm.g.doubleclick.net/ Frame 754A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECoZPtBnMMd3oXIgDj3Ln1M&google_cver=1&google_push=AZmPxg-K3dNKK9vfxC3pJ-eGpAKQM0NAQ758gj2Ko-_si7M9wTwVQtlJcXY1Q1imKsIMOeVFOa3AJXJKMbRdFHKQBVHHTgkpk3mqLA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg-K3dNKK9vfxC3pJ-eGpAKQM0NAQ758gj2Ko-_si7M9wTwVQtlJcXY1Q1imKsIMOeVFOa3AJXJKMbRdFHK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg-K3dNKK9vfxC3pJ-eGpAKQM0NAQ758gj2Ko-_si7M9wTwVQtlJcXY1Q1imKsIMOeVFOa3AJXJKMbRdFHKQBVHHTgkpk3mqLA
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CA832A390B3B415AA5F2BABE24908EAA&google_push=AZmPxg-K3dNKK9vfxC3pJ-eGpAKQM0NAQ758gj2Ko-_si7M9wTwVQtlJcXY1Q1imKsIMOeVFOa3AJXJKMbRdFHKQBVHHTgkpk3mqLA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 15 Sep 2022 12:54:33 GMT
pixel
cm.g.doubleclick.net/ Frame 754A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEIsTpQm-8a8Km12dQPB9E0U&google_cver=1&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi51...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIsTpQm-8a8Km12dQPB9E0U&google_cver=1&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi51o-_od9g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi51o-_od9g
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_GASuzgfnhnnwr7cheAjTanvLLrSSevERP2qzbGL_oxFUw91hVyU6-NoGopv0VNiqnodh0mX4lbpshZeWxfc8xi51o-_od9g
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 754A
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFodRCsaCsJA8cP8iDp1bjM&google_cver=1&google_push=AZmPxg9A9RTPm9yYrmP0Hy-BvBpLIcyy-VJd7jCSUT3wPVY0yF7GOs089dezE67SBYeZjXp8Yn-Xfd4WYGhqdI1O...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9A9RTPm9yYrmP0Hy-BvBpLIcyy-VJd7jCSUT3wPVY0yF7GOs089dezE67SBYeZjXp8Yn-Xfd4WYGhqdI1O6nezV4fbCuB3uQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9A9RTPm9yYrmP0Hy-BvBpLIcyy-VJd7jCSUT3wPVY0yF7GOs089dezE67SBYeZjXp8Yn-Xfd4WYGhqdI1O6nezV4fbCuB3uQ
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Sep 2022 12:54:33 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9A9RTPm9yYrmP0Hy-BvBpLIcyy-VJd7jCSUT3wPVY0yF7GOs089dezE67SBYeZjXp8Yn-Xfd4WYGhqdI1O6nezV4fbCuB3uQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
HdDIpdZKXE3RRqos31lRpnbRrukFUM1otW6a17DEnM_j61jLFcO2cQ==
um
cs.emxdgt.com/ Frame 754A 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFXlPTWKnT4ZlSlqb6-6eyk&google_cver=1&google_push=AZmPxg9CIRXljgjRXLv4B85UIc-fQlhqlwrvj5jTLRy7YT6kBcDLkTZ6glEWn1OGdrto8UEd8_ceiVPsjQHBxeHB9NealBPp84hkWAU
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
content-length
0
content-type
text/html
/
onetag-sys.com/match/ Frame 754A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHAxbyoVHclmlXOPtNYofWo&google_cver=1&google_push=AZmPxg90jyuHy7ZI8PqBJ6wi_ymk5vOqbprjiT_WE-ZAwTE0tHs1xQfoZaUrIK3chYSfQYtajVnBTBVAQls...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg90jyuHy7ZI8PqBJ6wi_ymk5vOqbprjiT_WE-ZAwTE0tHs1xQfoZaUrIK3chYSfQYtajVnBTBVAQlsWCNGR1c4P0LtcsASgqQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 754A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L47qFRQMLLdAGVNC7l5kvSAjgp894s66VVbe0AZj1ciy17H9Bb0nML7yItM4Ac_j65_EKKxw0
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
link.html
track.webgains.com/ Frame 8CC3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hwhz47j911ravhk5aq50sg9rr5dgy09fxmjfp219vhkhkhpy645zmex8cxasbts143j5a8sw5mn8sevcd2ybk3dk3htm114ew5cskme8gs1a0war57mbybnb9mm6b82bgkgy9epgac7dnnbtq6kc5e5kap1d4xt9ay4j16zzw90wts43e50dmgf9pg2npc4v8qqmae6s78s8nyv0hjbx6mfqm6n03z4drbmhsh2k7scd4cac2tc9g2fyske07vxy58g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%252526client%25253Dca-pub-6163857992956964%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=ab2e07e2311ddd6093fd77188d2efcee%2F11837415146953812994&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873241&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
f5adc8ed1959b4c7a90bc67ccd601e491937f3a4b3ad532cb03ae8bd466e2b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:33 GMT
last-modified
Fri, 16 Sep 2022 12:54:33 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 16 Sep 2022 12:55:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4EC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B08uEB3IkY6m_Ktqd-ga-7I3ACwAAAAA4AeAEAg&bg=!AgGlAUXNAAZqQh0mSkI7ACkAdvg8Wg1_70OTRVmGBbm8xUmADTnv_guPpGyL5eT1D7vlFJ7MphQWDgIAAAKpUgAAAAJoAQeZAvDTQhMQv0yaX3IWBQ0rM5Rbf3_5_WCpA7abhHiMMor-ISVcFKtMP7PKCo6LN0_64acddYg851jGDbsTubyQlLlf5EDCM1H2_0ja_Uw8zvhw7jwtpT8Vt0puX7SytEHrhOJo95g9-E8iIZa-_gpAY64Xj9uYL7Hc0_mHTyyOnsEGV5MGsJzbuk4FYHZ5UTr2_InZP0hgFHFa_SV7jXHGX8_sMb5PfVBKYU89i4pZubsRpEf455i5YDBB55MRDwPyml1hQt3slKOZcQzW_LUXORl9mdU7cBwVvJ2dFx4HoFpeTatVO4Xo9I_zxTW7VGEbd6Zsy0zWNNLHvwLVt4oHNT5LWedvD3Km9JfmiqrvT78CIgAr_OKXFidPpe3HVG7XxyG_rZS6598_V2xCigrPFGjY0tV0iNP3NEJQNUlYZbvFmZdWXBKcrylzljVCx_eGRnq7wG1FEAG5Y6RnX372rJncdXlHFG7itWHC_xxJPdvGDGNDjjqaOPD3BxIyRBtzBiRM7lIkmpRO-GPYY3LtDcBeE2HMAjkbkwdN7NrjY3wYixdK2DciM0JYPUfeoOMuMuS-jezSNJic7umxI5WblZk1X62HKhfu59k8XYTsUSfMuage8eUngXjwJtts2rmJErAClyvaH9pUvqG5PkOh_eI6ySeYp7PO-wOOZURzj4ImgPw0ES0W2aRsw98QWfz__RUubVrUpHodKuNTeSpMsffz8AB9Htd9tCErN-2-R1PCcTQj83XGK8no4UpP_eklOd4mMKSG3__hBcrnQ3fZmRaR_D3PdAZ8qNwy9AsdYL2J3UZf2sPpnk1-CmPS1-qW3QxAh2YSSS0rjS6JaQ-QBhEtheeU830B-3wHkcJurXW9uQJNPsm2of33FL0_AghEUdy0E7HFqIi-l2HOszuKcfsicev6SFnpAFoW95fVkr65WJCrd2Add1gubqbVKbfs1_pFCxdQl2U0CCHGXP_Ogkqi4e-w44ngZPmufnqVBuLw0w
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3098 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXFxpB3IkY4L1K6njx_AP0eWU0AYAAAAAOAHgBAI&bg=!9vWl9bHNAAZqQh0mSkI7ACkAdvg8WuKeWvOXBNrejptt-9cUcgeIP9f87ItzOqqXXBrR8EIHd_vWcQIAAAKhUgAAAAJoAQcKAFDcM2IdjizTnB8kIwyvS7736jYjs25XVVpQ3-W8eys9X4pH8BP-qdFXVfDp_JogGZBYk1EYmS_frvjUMjJDXLlKoKnI09DE1G6ZOnpJOjE7ZZkC3RWwajeyak36WUpIOtbJOWuceSNnqunu4KcpUmmlHFd7tbz7mQBVeBGy-__DUUc9TZbcpvH0aVe21dIhD16_9Gn2Mmav7D2oJ8CPM2XwbjAThi0BmjG_laVt-YOz3oCQvqF3ON4QrpRCn4aV6Ax3eeCvwqiENvwI6OLVstaOzqPrQJCZz5wlKOWwQg11Cq_w_HH-b7dju4P8y5ELl7su7uQDahr8uDp9iCSET6aWNTaE99MsTjtMqTKfqnIth50EzZUHkqSUPcFs6iJdzAnXO-oertDsKDL05ZMHqQy8reMP7S4u8JHVatKul5ZcEzOOtIRm9RMg1FfsWLoZRHeISdZ5Xf-niveIikGP2CITy0_dYEf1EDmyaYC_v3ZGLtzVuj3hjJ7Mbj3zlOsW0KN0Ixvkymcnj2xLIb69O2Ppq-IPX44OWsP9T9dIoqT8hkRxjY3pMHuTu-dktiFoIV-6JS9X5nfWmTJu43UuAt53l0fC-TQ1rDK_uEO-mLzvW_Le3AQ9QJ-2X-vLEXpdc4zSmSDdJ7uE7kFNwwRRBXKrybuddr0nObuongYUwnOuzuuFXIykJ6RicKajIPy6xLbv_DVS_HMEQbMTtWYUGr_ja8Is5H8Hb7Z9SqveGY_0F53HfebVivVIIbBrVJbnhvZLwsmP88dBPKHVGsJJ8bqEKzpsIz1pdVLmng3A08N00rUQzBFZDOnILxZ3upxGo3yZXoLYejwkpmDIqx8VZhcpdfIeu8XRtIpZCRAHyVjRULuFskEmqA4Fn5XmxoM4B4zrNh3ogQPYYiD2dvquC9bFy97qQlezhMRWWQTpXIVVAduaTGFyStpoxfadA-wojWVXYx7PIbOYdI1enNAcSHs8JxOLQEQZZpF5-yP6vZyLyzOMWkDqPMfnK9MhDTGPoItielJk00MUPI6esx_IuV2_uhakFN-Z2m9T_oD4-qh9SQm6ht_Bjwv9zrwYziBaS_g
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.pubgalaxy.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=189517&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid-server.pubgalaxy.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_priva...
  • https://prebid-server.pubgalaxy.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=1---&f=i&uid=YyRyCDG.bBvdIjSTDdfs7AAA%261169
86 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.pubgalaxy.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=1---&f=i&uid=YyRyCDG.bBvdIjSTDdfs7AAA%261169
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Server
35.173.165.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-165-253.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F57s0KsAOCgNAFwz%2FsbhekBCthS52NpU%2F%2Bh6KI%2FdRVJxw%2Fwb8bbTe3vD%2BvCLfBf7n5FD4%2BsEIXXW0B9WQtf74qt1y5qTb3kaqJex5Q0MK%2BANnAdoyD1OgGTI0jKHXjUPhN8Qal8m"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid-server.pubgalaxy.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=1---&f=i&uid=YyRyCDG.bBvdIjSTDdfs7AAA%261169
cache-control
no-cache
cf-ray
74b9c05d3d6391e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E942 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCL-8B3IkY9bUMsPgx_APo52p6AUAAAAAOAHgBAI&bg=!MjGlMXXNAAZqQh0mSkI7ACkAdvg8WuaqS8OvjUdlFTpasmuSHMFj8Yd7x4fAUNQBcUuMwttShSFTZQIAAAKSUgAAAANoAQeZAvCTCYii9d-P_NHyI9Q658bVYCfYsLi5ipgxqF_Rd8O7v8_9ic1Um10X_9BE0lSzjk4YAR_ug9pxBwMQS1IltXbDgE_URwMZprZrAmajNBgmdH3maYIEmgW3KOi8MR9SPj93wYUfxsrw2t8egr1HKAENFBjqtzG7TjJ7eGpK8q_rB6AKAYf_5xA4K7-KtV3gqSzYRBaaofBMNu3onUZR1pRnVjhQoYCfeEHd3exLlaLDWRgYKoSv9NaYDrxs5HP5wUTnY4uF2d6A5Id9Xfdd7-HdbBwvfKghe1OyA1yTRbGZwFPR5j8TWxokcbouAB9LPx2JJp7R3DpbZGfWKRPseWcnA1Y5UrLlmCGxteb4hw8Xaqr9m0nVuUXtnDkd5wSIT-RnX4J8LplPFH1k5R2lHktOlLM3XVv6TqDkz4DGnB3hGUpqUFEp6LiGas1hrrSgY1olvJk03r-t5cm1bNBmiu9C4vPGK7ygJSUxoCzNV_ArUBhUVC_OwtnDIUezbPPPN3igbpBhGkk3JT-S-PSJ0pHEfryVgQ0JcUPNbIq6thyhHpt4DEJ3uZiZL8i_0CBQLf6ojmvkFwUMUfkgaipEglomUXhegjil6gSn4FnWZlBipsUmx52l_xbr85bpCB0TmWWU_yK6EbVp4TwIkkaCu9kMCxUfw6zsgGdUoW13BiHQ2nRHIERiKQZOsVNdLWZftJ4DOqp1XmpqumDElwof3JS-4qH-3ppgFNMUE8nvSJBuovTvwWUxEtm-RiX2g4tlI0HeythA07AA5gHJ5mYQ0ZKiaZPL7UCSNN_c7ESSS87876octfJ0CbC8nWUbXyqJtm1ecDXdQD_p8p0Oifctsq2enjrOBkI7WiFxxlRImKNs0tfXEvJIXlGzpOq6HujoP81TwLFKdSSlIJpwpwZtNsvHmaNJOf3PTYIBEL4lztcnY3SUN18Lq3dJ0xtaO1JFlyfPeFlOSj2f16WpzlR4UCQjfCkqoUNpISjpW72irqIdVQ
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame CA2C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=934251&asId=558d58eb-65e0-384d-7dd3-bc2d5f0f2c22&tv=%7Bc:onIBni,pingTime:-10,time:1662,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663332873151%7C%7C4b3de4be1f8d3124b37146bb76bdfd98%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cfc5006e455e75c6d392dd63d5a2e161e%7C%7C2c6fdedbae3eb75617088e12f1ed5864%7C%7C6b6ab9aeb934a9bc300a2eb8477e6146%7C%7C62eb13df62baa0be55ee0746d09fce82%7C%7Cfbbe29ea7a05175672fb36d4afb3ac62%7C%7C1629390669,sca:%7Bspg:217244fb-b626-de2a-2541-553e33ae1926%7D%7D
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pvClk.min.js
analytics.webgains.io/ Frame F80B 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hw964hfn43d1ktps9fv2zf20hc6b6dc943xgg636pjbm83pc9npnp512aa67xs88emkzdhda8yq68bg3zgahb7zwmem5gmnn0yey6vw7neb77wr9x0vn36j6zp2wvb9acx74739aj1t6wsby5byezjrdazcay4y2cehrpwa9bkpz84tcetp78ab1pt6t6c9sgswrz5zjmq6fp28ysxtrtq1a9qmkpbpnpqv6pd56wwhykwcrqvzamp7qepsjd61qm%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%252526client%25253Dca-pub-6163857992956964%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:15:44 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
34739
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA2-C1
content-length
86537
x-amz-cf-id
-YayBYxXtNhcJWycxgBVq0h8VJ90zAHAG4auIJellQkIDfRkMycvag==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame F80B 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1663333173&Signature=Z3~ord52IwJOy~ENdBRBKKi9SFvqgQrDM5BtuKQ-mD6nIJgYNev7Hm752qqR8gxhRsl-DmO3sA170EOszDbvvlkxqgA4N4mguG2UP~~sHMDK9tWwAM7JjmPaqat5dJ7KJophuHYIK0CdvqVgtz472s7Q81CxMdVbx8-2OCFCiSpbI-3lbsTZ20L9JMBVbdwZEQpI1QriXtwb45NSqrNiBj0UZqydPdCljNS~6vmPomdN6XNMsYvearuvkyAGVowlH7riOAC8ZuFQ8yLn2RbwQJAy7WOo7Gl14C5hFK1E3bME-umFYdt7IOhuNfiOheoWLBxr1UswRiZuWKul2SUBVQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C14019&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=1125825cb3a102233fd317c6423dc9c4%2F7652968589118655185&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1663332873151&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g96g6hh9x0xzjjft5fqbaqck30qjwxdjgvy39mvgq06cj4gqwk8bfr0xyds43wez36jx0fkgn8hyy0j772mr2r2v5awb13fs2wpc693wy1qarvyz0mfes25j9kvk5cm2t1hjy57syyxvrjg3zt4men8z55e91nccg0k1hpetn28cmsmcfarhyshh3x7bavvg5ntws47801tf5b0yzfapxmbh5z468p91mrg4yr81qkz142en2hzt3xhebbycw2j9fwhf545qj2aw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiXO5BnIkY4jDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9AcUg9nLmhqhWhwcV2_fIeCHRD0V_YSMxAO0wLuMJ8dLrmHR6_LddEZgZbNa8KhjcYtKntlNEQFFIlpTp3NFECfDv1UCRY7a7wf4m_w4bwoYcJ-df5sH25EpayN32Ux39K0qAiOxzLLnWGedOmjgb5MLycL2u2Nh8lMrdrSiT3V_J5JBbT5ZeGe6FHa4j1IuAWiaFp4NHljG0O3V5XNy7oDcf6NMNna3eXaYzf2cjhOMzmm7RM56A8cB1Wdgu9oB7O2zZQ9cHJz0dYSbdUkQLPsnZj0yVLrtgDJLB0I3-3XAE7uQrs6eFsRwM22S6ZcB6yHCKsGU7sq91P3rlcFj9XrV-AEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3HsLvoe1FJ3fS9OHnLbv8ntxHsew%2526client%253Dca-pub-6163857992956964%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-50.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
30047
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Fri, 16 Sep 2022 04:33:47 GMT
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-length
86991
x-amz-cf-id
1rFS81bMlou0VqZbpiMBo4LJkwU-TE7C2HxK3XmBjjQ16ce6Bg83lQ==
pvClk.min.js
analytics.webgains.io/ Frame 8CC3 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hwhz47j911ravhk5aq50sg9rr5dgy09fxmjfp219vhkhkhpy645zmex8cxasbts143j5a8sw5mn8sevcd2ybk3dk3htm114ew5cskme8gs1a0war57mbybnb9mm6b82bgkgy9epgac7dnnbtq6kc5e5kap1d4xt9ay4j16zzw90wts43e50dmgf9pg2npc4v8qqmae6s78s8nyv0hjbx6mfqm6n03z4drbmhsh2k7scd4cac2tc9g2fyske07vxy58g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%252526client%25253Dca-pub-6163857992956964%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:15:44 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
34739
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA2-C1
content-length
86537
x-amz-cf-id
SmJPc1ALbeYvibaYi58BvQNXf4Q-t5GgylMO7h_0opQy1BlTwQMoGg==
Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 8CC3 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1663333173&Signature=Z3~ord52IwJOy~ENdBRBKKi9SFvqgQrDM5BtuKQ-mD6nIJgYNev7Hm752qqR8gxhRsl-DmO3sA170EOszDbvvlkxqgA4N4mguG2UP~~sHMDK9tWwAM7JjmPaqat5dJ7KJophuHYIK0CdvqVgtz472s7Q81CxMdVbx8-2OCFCiSpbI-3lbsTZ20L9JMBVbdwZEQpI1QriXtwb45NSqrNiBj0UZqydPdCljNS~6vmPomdN6XNMsYvearuvkyAGVowlH7riOAC8ZuFQ8yLn2RbwQJAy7WOo7Gl14C5hFK1E3bME-umFYdt7IOhuNfiOheoWLBxr1UswRiZuWKul2SUBVQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hwhz47j911ravhk5aq50sg9rr5dgy09fxmjfp219vhkhkhpy645zmex8cxasbts143j5a8sw5mn8sevcd2ybk3dk3htm114ew5cskme8gs1a0war57mbybnb9mm6b82bgkgy9epgac7dnnbtq6kc5e5kap1d4xt9ay4j16zzw90wts43e50dmgf9pg2npc4v8qqmae6s78s8nyv0hjbx6mfqm6n03z4drbmhsh2k7scd4cac2tc9g2fyske07vxy58g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k355fgptwj8v85ppxphq0ee3jxxwqnz87kebwj1td0gh787cxxybpajhtznsmyqh0qsw7wkh019qmkpadkctkvy3pffsk7wdm7ncnrpd8gkhdah60qpjbnzzs0wgxp2fy406f7eae69qrc9xf6xxrsyp6vhfb1jj3qzv04hkvhwn389sfxe1t0rpb3c5v4nk9chbckjt2ywzja3v864g7nhmea1kr04y91gfz5sfdvrdf9q76t3sr24wnx86q2j4wvjjf9pnbgka%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQ3WJBnIkY4fDMfis9u8PqPi5oAaQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi02MTYzODU3OTkyOTU2OTY0oAHCrujdA8gBCakCN0lTkaS1sD7gAgCoAwGqBIMCT9DemBZPPFjkz6FsgWqWtm0CmJTblnjOGXGAX7fPIiYY98zjX_PqwqoMLxBdE3qMU68cRSPArfsGGTdHwHCJ-YLDyFnvuYGssY1irlEYzbEo8Ads9dWo5TTANSSFthtAVRAOdlS9SzIFHlqzLFoF226Pt4aA_uyt8xUc-3RkVYYyRl7xG-qPjrwTg98JA-uaGwpLpc0YDHi9q7pYSKSeLwFqRBqC5VE6yG-fpcz1gTle1x4kL3u_mwy5XB9k2ytNNYRhTgi5qFQTDC46IwV4zCFhILQ4njoIGRe-vocA0aQKBG4w9KJDTPsXk_Q8KyErH7JZggTdiPiRI9h_qSSrqs5dveAEAYAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTQ0NTc2OTc4NTY0NDk3OTH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3niz6xakNl75o6BXz6e-l4biOqJw%252526client%25253Dca-pub-6163857992956964%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-50.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 09:41:36 GMT
server
AmazonS3
age
30047
etag
"92f323c42d6018008b4cf82e90ac9639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Fri, 16 Sep 2022 04:33:47 GMT
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-length
86991
x-amz-cf-id
nErb402uuZcO88M7peS1pUFh3oagbRDs6Bm7kCutlQCK7cGW2FkR_g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCAC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_pfXB3IkY9_CM9-89u8PhrihgAgAAAAAOAHgBAI&bg=!BAelB0PNAAZqQh0mSkI7ACkAdvg8WmOjgAL_VilbZ0FAMrvRKetNh5whaKeWuLLxxZcS6f7AIivPxAIAAAIuUgAAAAJoAQcKAF4i7f3mjJzZWIKr2MARQMUR536UP9ng58p2x_yavMoHzWKLo3KbfnAoM-mUvaLKPgU-VV6H8phRvg0gcnBfXk_V4nYcC-LFkgUMcRivjZAj_MJCuXv-aW-OPNw_QbpnmQLs463sKMx4tcyj36D-K4ITSosiLbkH9Wv0Tu9FKHHjOBzoZMlSqAiEZ-ySnNuEJaKBKak-995enoSinXyUl96yk07wA_AssWw-DiB04yaAMQlmbWxeBorAFNNIKXnQ_dNlBl2BR5MQLYW15A9xp3do1IrC2rRNGPHqYpHoNMrQVD-i4TWJ8jb3qE5QkV7SS4PTXQR291-2CX1ervDNpZM26cdx-QYG2_RXDn467FHo0Jg0zZXuX7_HCHjr-GqgSzkGRHCT-lqwWydJT0eKk8vGBlbXuivYERedzQ7fyqyBUbYBTiyGY-cSL5pUMwHWq6t-ewOQwnLWo0uOampccqx7gTwXIeBeOx9x5Pd8IOKhG9JE69gzACqcwwackmcZXBlyS80rJKufK9V5gPsVhCGW-G4edd9480C0kage2bN7Hk7tRKPrC6hMR6S3Nq4ULhWev1EnCL1nhsu9SCRUIBK36mygY7KVDXdfW-pPoYRLBHIa58uNsVKEBke_GQimBThMbXKLrpoJFdIOSkc2v31wvs_C4XFumtPp4MRzC8XecuicsOfU1f7fdKW2h6c19jKvkKp9mnmXt6YN3fBW_nbJOHTwo61J5egWebFykXMoyNk2-R5D77VjNvZj_6rS4qAxKhhpEg7W67SfekpzY3iCuzNeuly2kfiRXn-GkQ2hZ-58Pj8HSfsjKcSsYI2bj4Bd9CrTAp42KWF2lAgBTl2jM0m-MG7EAkm4z0ywTWt9TDHUIl3rtTxWMXrlnKnjQ43PNyXgy4OEZYAWdWW-qzwGKVrL_DlJrofDiyzluFwKXj6bt9FAT4i2cNxrLi3q20rbS3xFhlu7QZW1FcT3prOkuIppObBfcwfjJ7SqhKhua7YFc_v9mcrYSf3KT0GyxnX0WKhVPZ3PcfjQAtrs6zmK_zXpOK_TsnONbbd0azq8DdoLSAgsPC3OgcEQNq3khvEdlmSO4mvPRLCeYPVXoGKKV_slqwTNigmsNTfWwQ
Requested by
Host: 40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hub
api.pushnami.com/scripts/v1/ Frame 0B47 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
1390
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 12:31:23 GMT
vary
accept-encoding
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-cf-id
oux3GfWDRXj6J43_7MERBOjqU3nNbZ6AkgjmgMvhy49-T3AFbcQ68Q==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=007B8CF1751B4779900ED60EE8FDD6D5&RedC=c.clarity.ms&MXFR=0C60BB7ED55566E70586A95FD15568B7
  • https://c.clarity.ms/c.gif?CtsSyncId=007B8CF1751B4779900ED60EE8FDD6D5&MUID=105C581D0B4464FC39B04A3C0A2F65B9
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=007B8CF1751B4779900ED60EE8FDD6D5&MUID=105C581D0B4464FC39B04A3C0A2F65B9
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8d3298b0aac7d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 54D79A3EC6924B39B1BB532D30BD8939 Ref B: FRAEDGE1519 Ref C: 2022-09-16T12:54:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=007B8CF1751B4779900ED60EE8FDD6D5&MUID=105C581D0B4464FC39B04A3C0A2F65B9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14989bc1da4677cc11035642eb068ef24addecdbcc0583b7404f4d6ce0634602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11134
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B675 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dealnews.com&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:33 GMT
server
Kestrel
server-processing-duration-in-ticks
911428
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
vsa-lightbox-a322c7-111411.js
app.viralsweep.com/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.viralsweep.com/vsa-lightbox-a322c7-111411.js?sid=111411_539834
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74050db1d30e27cef3d52fd1ee7ddc72200f8139e8aa942bd87160efc8c4206
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
45971
cross-origin-embedder-policy
require-corp
cf-polished
origSize=102186
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
last-modified
Fri, 16 Sep 2022 00:08:23 GMT
cf-ray
74b9c05f3f199b5e-FRA
expires
Fri, 23 Sep 2022 12:54:34 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-36.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:50:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 23:20:31 GMT
server
AmazonS3
age
221
etag
W/"97dd801dd26ae0172c7875245d92f506"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
VIE50-P1
x-amz-cf-id
WFClNfeBP8lkcFFJ_QVrj3jiYCHGShEtf-7uIfyQetUwNjMeTpoWhw==
21305817.js
js.hs-scripts.com/ 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21305817.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe2ccfe4da521ee0ce2411129789d1502390d64457767463542a7d41621a8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 16 Sep 2022 12:15:20 GMT
server
cloudflare
x-hubspot-correlation-id
5d86a573-7c09-4d72-896c-989bce1fe192
x-trace
2B46DF08ED60BE33E4B079FB66343E8686CA9948EB000000000000000000
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
74b9c05e8c0791f0-FRA
expires
Fri, 16 Sep 2022 12:55:34 GMT
sid
mug.criteo.com/ Frame B675
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=www.dealnews.com&sn=ChromeSyncframe&so=0&topUrl=www.dealnews.com&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=-4m9XHw5eGtJcTVsU1phWVN0RFZ3Ymg3aUxMNHFnV01ybFhidGUzSmhNVTdqYkJUSjVrT3Jsa0VHR010UlpTTXErb1NyUjBEUjQ0U21HdFowK3NEQjlPQXdMZk1XK3AxSTBkdEY2N3BkaHVtZXhsV25GRVU3VTdpYk94b2...
343 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-4m9XHw5eGtJcTVsU1phWVN0RFZ3Ymg3aUxMNHFnV01ybFhidGUzSmhNVTdqYkJUSjVrT3Jsa0VHR010UlpTTXErb1NyUjBEUjQ0U21HdFowK3NEQjlPQXdMZk1XK3AxSTBkdEY2N3BkaHVtZXhsV25GRVU3VTdpYk94b2hwc1N0Rmd5WnJVYjVXMi9XVjUxMWNBenM0MVU5SXkvMWZEeVh0cDNveHlKNUtNU3JqZENnUGNqSGQ4Ui9WZnR0MlJHNG5ZVXBFRVNnaFo5bGtVNjdMQ0VOTWU4QXR3PT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
afe08e7415debc994fbddd642f182fcae65ab5ffe9cdf08f826bf74900c54661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1528635
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:33 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=-4m9XHw5eGtJcTVsU1phWVN0RFZ3Ymg3aUxMNHFnV01ybFhidGUzSmhNVTdqYkJUSjVrT3Jsa0VHR010UlpTTXErb1NyUjBEUjQ0U21HdFowK3NEQjlPQXdMZk1XK3AxSTBkdEY2N3BkaHVtZXhsV25GRVU3VTdpYk94b2hwc1N0Rmd5WnJVYjVXMi9XVjUxMWNBenM0MVU5SXkvMWZEeVh0cDNveHlKNUtNU3JqZENnUGNqSGQ4Ui9WZnR0MlJHNG5ZVXBFRVNnaFo5bGtVNjdMQ0VOTWU4QXR3PT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
597090
content-length
0
expires
0
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.25.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-25-113.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
key
5f0dcacb5440c8001264fa6f
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.25.113 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-25-113.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://www.dealnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://www.dealnews.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 16 Sep 2022 12:54:34 GMT
vary
accept-encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 12:54:34 GMT
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.195.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-195-221.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
key
5f0dcacb5440c8001264fa6f
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:34 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.195.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-195-221.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://www.dealnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Fri, 16 Sep 2022 12:54:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D5A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 11:55:25 GMT
expires
Sat, 16 Sep 2023 11:55:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C2FA 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c749e19623f30450daf74e411688e6c580da3cc6b2516eb3187e357e25277757
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b_QXA5dwKQthNJ5QC56RDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dealnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-b_QXA5dwKQthNJ5QC56RDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 12:54:34 GMT
expires
Fri, 16 Sep 2022 12:54:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
initialize
api.sail-personalize.com/v1/personalize/ 		92 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
55543c7f8718aa1625b566ff8f878ba8c0f1d33f07f7c7eacb521f4845f5f1ed

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer fc290d0337542b458a7edd2973d6f557
content-type
application/json
accept
application/json
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-referring-url
https://www.dealnews.com/

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
92
allowedmethods
GET,OPTIONS
initialize
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.dealnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Fri, 16 Sep 2022 12:54:34 GMT
21305817.js
js.hs-analytics.net/analytics/1663332600000/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1663332600000/21305817.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21305817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6c05d1b39ba98ab9ecf70dbb81e65381092090e9bb2fbc5cb6bfed55383409

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
HK5GF9HWHKRTYZ9A
x-amz-server-side-encryption
AES256
cf-ray
74b9c0601b57bb97-FRA
x-amz-id-2
HUekaEnp5n2zf4UKr+O7a51N7apcDgseiIygmopX5vtGE+ngRNBZUH2n9UB7FXLYyEFpisAmurU=
last-modified
Wed, 31 Aug 2022 14:22:53 GMT
server
cloudflare
etag
W/"14a73fd684137a0dca43050f864fd4c3"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Fri, 16 Sep 2022 12:59:34 GMT
collectedforms.js
js.hscollectedforms.net/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21305817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer
https://www.dealnews.com/
Origin
https://www.dealnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
via
1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
4362
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74b955e29d695c0e-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 13 Sep 2022 10:41:10 UTC
server
cloudflare
etag
W/"7a468b833be86c01bc8dfd455308f792"
vary
Accept-Encoding
x-amz-version-id
5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
HIT
x-amz-cf-pop
IAD55-P5
cf-ray
74b9c0602d306943-FRA
x-amz-cf-id
vVqaq5zYhSvtKSH_yr_lDdKqgWmZ9nm0on9ivTmjFgPv35J2lNHGxA==
x-hs-target-asset
collected-forms-embed-js/static-1.292/bundles/project.js
21305817.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/21305817.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21305817.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5419623860e50db34924e56a0702d28539da719e9e110662ae866b46d114a3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
84M17MZ5E9Z1ZX48
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
zkSvJ6+8ofydpJjsS1XDbqsucNzs0JrZ3LeLR7YkHxinHczJt3cIPxCRlF6w4BvACL/W0kEPLhnIC3zA1M7T6Q==
timing-allow-origin
*
last-modified
Tue, 30 Aug 2022 23:22:13 GMT
server
cloudflare
etag
W/"cc7dbad46f7591549a25aa8eae9b6267"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
6uEoHgiBRrs7ml5kxzBwL7uS.z5PytGy
access-control-allow-origin
https://www.dealnews.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
74b9c0601d85921f-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 16 Sep 2022 12:59:34 GMT
collect
b.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:34 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
sodar
pagead2.googlesyndication.com/pagead/ Frame C2FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=3596233146170183&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
pagead2.googlesyndication.com/bg/ Frame 5D5A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TqLSXP2QDMWDWbVwNGV4qZSIp1FuubJasGgalfjGHZY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16105
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 11:55:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A69E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuq1br55XZ7AE5cOzZZObxwlLCMaSPpC6-eWp2obse9axOBIpqfj_M8cRffoWwBmzx0K1XyltOoigi3tAKrjDNbfb5CyjRhSBo_HmFu6dR-Vaq1i14z210Hy02ffNDIj38wjuo&sai=AMfl-YTJc078yhwosKV1oXSSnrOEUramQII8qapovaEQG6Fb8SoBLVQP3ezl8oma0098FHWZVdK0aJ6OaW3Mb5MkWWD6skkkfLmV6Ga8dSjjuVG6REupYe7dwJSJ5pLcQQ&sig=Cg0ArKJSzHkLripQQvYyEAE&cid=CAASJORo2QZYiveFRWeoTjxfBn0OrJjnYNUhmq96y_iVrDs_yboI4Q&id=lidar2&mcvt=1015&p=145,1116,399,1416&mtos=0,1015,1015,1015,1015&tos=0,1015,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=437073777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663332871428&rpt=1959&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/a218b8a4-addc-4941-9cae-cffa30942404/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 12:54:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
forms.hubspot.com/collected-forms/v1/config/ 		116 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=21305817&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010adae22a829a59e8eeeee9201b766e8e35c1ebf715f3bb26557f623847f9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
b599d7b2-69ee-4858-8ea9-3d2368652351
cf-ray
74b9c06148e16928-FRA
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAylg9JVedk8gHu%2BCblCD5YEKFxByIrFbnbETI6gYcTjzrGqTnUSvwb%2F7rQWGQqztDi40c3gQHO237ML1QGxPOps8HQQwG29iB8w%2FoIbkSLYo%2FU9j0H8YD5iSV9fX2DP0D9X6D%2Fi1GM5MBiEu5nR"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=21305817&rcu=https%3A%2F%2Fwww.dealnews.com%2F&pu=https%3A%2F%2Fwww.dealnews.com%2F&t=Best+Deals+Online+-+Today%27s+Best+Daily+Deals&cts=1663332874776&vi=6be4058db3d396e88e2221bb5e0cf370&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
da302e09-adaa-4ee8-8ce1-a1417034f939
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
x-robots-tag
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaPlc3346Mb0NcOAsV2TAbIkJo1jY6aYt6oLoBftq50gTBTomO5Hv9xJoyth5txlBgT6r9UKNBve9QVDXo30Fc4yekVlREUX7A3zbtJfBCLbGSYxyF6OQysfLZy8kkyk7cUQQp%2FV%2BqfGEyK4Q2KK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
74b9c063798abbcd-FRA
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
8b8b725a-d53d-4678-976a-a48973b5ce8d
x-trace
2B06CD5D3532E85884DC08828B7F95C1DD7F1467ED000000000000000000
x-robots-tag
none
vary
Accept-Encoding
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74b9c0638d309013-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
views.php
www.dealnews.com/lw/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/views.php
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer
https://www.dealnews.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
X-Device-Target
DESKTOP
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Sep 2022 12:54:34 GMT
content-encoding
gzip
server
nginx/1.20.2
vary
Origin, Accept-Encoding, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
via
1.1 varnish
x-cache-hits
0
ul.php
www.dealnews.com/lw/ 		0
70 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.dealnews.com/lw/ul.php
Requested by
Host: www.dealnews.com
URL: https://www.dealnews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 16 Sep 2022 12:54:35 GMT
via
1.1 varnish
server
nginx/1.20.2
vary
Origin, Fastly-SSL
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.dealnews.com
access-control-max-age
86400
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
x-robots-tag
noindex
x-cache-hits
0
tracking-event
api.webgains.io/ Frame F80B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:35 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 8CC3 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Sep 2022 12:54:35 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.156.122 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-156-122.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 16 Sep 2022 12:54:35 GMT
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 5D5A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bumK5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 12:54:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=3596233146170183&bg=!urmluf3NAAZqQh0mSkI7ACkAdvg8WhIaHUCTY-nzlFYEpqFjlbaWSiVd8faXTkf8AVlMgAVyZCsALAIAAACYUgAAAAJoAQcKABIC4BW72ysXZKUwzag6SpTpyYiZAq9j2Jsgage0GbWcH4hnzSEOn7g0tMSHS6g7ee6oda8SBFRUhOfa2j_Pg5yuCihAkFBcXGvK5frdxeI5ZsT3lVUBdXEOkE5mpHI6AZIGEK4BPvFR6tsEwlZv9QiZ6_vs6ZaFzr-0FH7dRrVlIu0E-i9w6kRcfU7f9HjyDq2oB0sGNItYpNIpB9M9KBdyshhMBRyE4SxKcjq5-bwKzyggUJLZjtisjbYm32ck_mQiBAaAwp8rScOmhoAZtX8BnZXW8d70QCRtL1qZApP4O108DEdPsvVpH9HFrHKBdzS3A9GRXU9se9rTPX-7EBrfx8N7q9P48uFQ0fhi3NrMO07NvmkWJaPPr7zgP01KuwjFkinz7AV_3fYnKVluDeV0QDa8Te0rEjWieYrLF9uzuRgXXcrhz30MY5hKxluINBCrwDF72gD0qIE04UsZFF2kGEnJIl9ahoRFB0zSr_mV02JGS9GuWrh6XseKD7PtSSrjpaPzVUQt8DOQRq6V5Umfut5AQydZTVChf55ojo6b9g7FTCKdslsEx_sQ7jagaJfUIzeDfsVl2-OezLaUUvsSH90fW98Rx3GzzMO634kosIpBKaIOVPFEZovO27x04Q9HX0rKfgrPr0L5cj4kQ6s5Uy9Qr5kp0Ld-Qa3Gj5hDKPeS4kx1hW8owmSJL6C_6YS2O5EgXk3uXz-ZH6Xc8ebKvRbZULBvHQAkJJ1GfPgD6B5-NjRfuGHvD6yo77JLDbAWTeAiGbTC4-k6eS6rsPeaNTgnIpPGxcB8Eetk2pCJpJhXYrmdd9JRG4dfaAh77pe-hr0a0buuWE0PVzQntmzta2O4QzQf9gQqktzJT1qen3jqpl1pjps3fAD4N6HE5S-ZjcIpp2htllAMN-h9J8eyqcLBUEE8xr8NeJghQXuv1d0pspQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dealnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
collect
b.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.40/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.dealnews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.dealnews.com
date
Fri, 16 Sep 2022 12:54:37 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Verdicts & Comments Add Verdict or Comment

353 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| DealNews object| DN number| publicationID number| dnStartTime string| deviceTarget boolean| userLoggedIn boolean| userHasPref boolean| _DN$isProd function| wrappedFunction function| _classCallCheck function| _defineProperties function| _createClass function| Spinner function| __tcfapi function| __uspapi object| googletag object| adsbygoogle undefined| preLoadedCommands string| __unic_cmp_id string| __unic_cmp_host function| __unic_loadapp object| spinnerObjs object| opts object| target function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| realEl boolean| isAttached function| tns function| loadCarousels function| BlogSlider function| ProductWidget function| CaptchaCallback function| fbAsyncInit function| onGoogleLoadCallback object| elem object| unicj function| __unic_start object| UnicI object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gapi object| ___jsl function| setImmediate function| clearImmediate object| dn_clipboard object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_837208 object| __buffer object| recaptcha function| __unicapi string| id object| rect function| reportWebVitalMetric object| webVitals function| ClipboardJS object| enquire object| dataLayer object| d string| GoogleAnalyticsObject function| ga function| gtag object| _mTrack object| google_tag_manager number| n object| closure_lm_924429 function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| e number| __adb boolean| _initAds object| __unic_tags_loaded object| gaplugins object| gaData number| _MS_PER_DAY function| sliceLastN function| getOfferSchema function| toTag function| getOfferData function| _recordPushnami function| _recordHubSpot function| _recordOffer function| dateDiff function| getLastN function| limit object| dnv object| DN_Visitor object| DNAB object| io function| intersectionHandler object| DNTools number| spacing number| startingSlot number| skipInterval number| dynamicAdCount boolean| skipFirst object| feedAds function| getContainer undefined| inFeedAdMapping boolean| loaded function| addFeedAd function| dynamicElementHandler object| dealnewsToPgDynamicSlots function| setVisitorData number| trys function| dataReady object| banner object| zones object| enabledPages object| opt_filters object| page_map object| fixedMap object| lookUps object| hide_filters function| setupContainer function| addFilters function| createChip function| sort_features function| getFillerFilters function| getType object| groups object| filters undefined| fixedFilters object| filter_names object| fillerFilters object| suggestedFilters object| usedFilters object| pager string| selector object| cont object| chips_container object| osapi object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked object| uetq object| DNPaidSearch object| regeneratorRuntime object| pgPrebid object| _pbjsGlobals object| ADAGIO object| apstag undefined| wrapperActive object| pgPluginManager object| pgLoader object| pgGeoBidderExcludes object| grumi object| Criteo function| UET function| UET_init function| UET_push object| ueto_99b9e4e475 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| lotame_sync_16576 undefined| google_measure_js_timing function| lotameIsCompatible function| sync16576_c function| sync16576_d undefined| sync16576_e undefined| sync16576_f undefined| sync16576_g function| sync16576_h object| sync16576_j function| sync16576_k function| sync16576_l object| sync16576_ object| sync16576_la function| sync16576_a function| sync16576_b function| sync16576_i function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_aa function| sync16576_q function| sync16576_r function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_ba function| sync16576_ca function| sync16576_v function| sync16576_da function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_ea function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_fa function| sync16576_J function| sync16576_K function| sync16576_ga function| sync16576_ha function| sync16576_L function| sync16576_M function| sync16576_ia function| sync16576_ja function| sync16576_ka function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Z function| sync16576_Y function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_4 function| sync16576_5 function| sync16576_ma function| sync16576_3 function| sync16576_7 function| sync16576_6 function| sync16576_na function| sync16576_8 function| sync16576_oa function| sync16576_9 function| sync16576_pa function| sync16576_$ function| sync16576_qa object| PublisherCommonId function| clarity object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| slotElement object| ID5 object| ox_esp object| signal_decrypted function| __esp_getUID2Async object| __uid2 object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| criteo_syncframe_state function| CrossStorageClient object| pushnamiStorage function| uuid string| VIRALSWEEP_ID_FULL string| CAMPAIGN_ID string| IMAGE_URL string| viralsweep_id boolean| vs_lightbox_start_off object| vs_cont object| img_preload function| handleSweepsClick object| elems string| css object| head object| style function| vs_lightbox_load_callback function| _vs_widget_load_callback object| GoogleGcLKhOms string| sid string| vsscript_id object| viralsweep_lightbox_111411 function| vs_prefill_field object| urlParams object| url_email number| vs_timer_control number| vs_timer_control_test number| lightbox_delay_timer function| $ function| jQuery object| Sailthru function| postAuth function| sendData function| openViralsweepLightbox function| registerUser function| handleSignupError object| _hsp object| __hsCollectedFormsDebug object| _hsq object| _paq function| sanitizeKey boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hstc_loaded object| pageData string| qs boolean| _hspb_ran boolean| _hspb_loaded object| google_image_requests

128 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQw9X1srQwCgoIgQIQw9X1srQwCgoI4gEQw9X1srQwCgoI5gEQw9X1srQwCgoIhwIQw9X1srQwCgkICRDD1fWytDAKCQg6EMPV9bK0MAoJCAsQw9X1srQwCgoIjAIQw9X1srQwCgkIXxDD1fWytDA=
.dealnews.com/ Name: dnvta
Value: %7B%22uid%22%3A%223n5w98ufw0qdo81dkcfihNOS7kO17ItF%22%2C%22vid%22%3A%223o5w98ufw13do81dkcfihbDorBJmg2vF%22%2C%22fvts%22%3A1663332868%2C%22vsts%22%3A1663332868%2C%22lpvts%22%3A1663332868%2C%22lvts%22%3A0%2C%22ref%22%3A%22d41d8cd98f00b204e9800998ecf8427eda39a3ee5e6b4b0d3255bfef95601890afd80709%22%2C%22usid%22%3A0%2C%22ct%22%3A1%2C%22cr%22%3A1663332868%7D
.dealnews.com/ Name: __unid
Value: c55d6f9d-ac9e-024b-161a-6bce39af75f1
.dealnews.com/ Name: privacy_banner
Value: 1
.dealnews.com/ Name: _ga_EN54Z97LG4
Value: GS1.1.1663332869.1.0.1663332869.0.0.0
.dealnews.com/ Name: _ga
Value: GA1.2.419323822.1663332870
.dealnews.com/ Name: _gid
Value: GA1.2.1380188583.1663332870
.dealnews.com/ Name: _gat
Value: 1
.www.dealnews.com/ Name: G_ENABLED_IDPS
Value: google
.dealnews.com/ Name: _gcl_au
Value: 1.1.69688263.1663332870
.bing.com/ Name: MUID
Value: 105C581D0B4464FC39B04A3C0A2F65B9
www.dealnews.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.dealnews.com/ Name: sharedid
Value: 2a442abc-c673-4498-9837-909fb6b6f237
.dealnews.com/ Name: _uetsid
Value: b436394035be11edbe4035b87498a620
.dealnews.com/ Name: _uetvid
Value: b4362b6035be11ed9bd16f3eb2b38e5b
.360yield.com/ Name: tuuid
Value: d535b830-65aa-4842-92d6-4da53cc13a45
.360yield.com/ Name: tuuid_lu
Value: 1663332870
.google.com/ Name: NID
Value: 511=QnH34Jq6JGtHT9RAJto0NXDsYWtNwvoIsXoKqb-VZP460fuO3UNzZFtdZi4FFhZxOwr_49cIQEGN97pOjaQrSHhJA0hQQY8lR8i1JFRVEeNSvU4PT83Y-MROKQcM06tLIEnKPvAD82bvuyl90QeHPqFL636NVu93zlNUTodQzQQ
.adnxs.com/ Name: icu
Value: ChgIt95tEAoYASABKAEwhuSRmQY4AUABSAEQhuSRmQYYAA..
.adnxs.com/ Name: uuid2
Value: 5152154533975194108
.rubiconproject.com/ Name: khaos
Value: L84HG0L4-1E-2IT4
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qooSb3/TjYVUi+IXqvPVzt4X6LBWwGzep0JDp7MRhFcaVR9H1zBbTdTuSaGOKGZ8CVs7SrQMA2MP+BxGCOXoSK1WyWWupuu6mPc6UO785F0Pw==
.dealnews.com/ Name: lotame_domain_check
Value: dealnews.com
.bidswitch.net/ Name: tuuid
Value: 7adcbe78-9639-40bf-9c11-ec8460e37791
.bidswitch.net/ Name: c
Value: 1663332870
.bidswitch.net/ Name: tuuid_lu
Value: 1663332870
www.clarity.ms/ Name: CLID
Value: d36bc85017744169a4e13ef81cc08ffa.20220916.20230916
.go.sonobi.com/ Name: __uis
Value: ba5bb804-9262-4810-b76b-c91a467b0a48
.go.sonobi.com/ Name: _usd_dealnews.com
Value: a22c2731-c75b-49fe-9d75-a4733647a40a
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s8759|YyRvS
.dealnews.com/ Name: _clck
Value: 14im3fw|1|f4x|0
.3lift.com/ Name: tluid
Value: 3576297707154671476820
ads.avct.cloud/ Name: uuid
Value: 0e634405-52fe-45e9-9ff5-b9fbef388498
.dealnews.com/ Name: _clsk
Value: 1jdc2dg|1663332871259|1|1|b.clarity.ms/collect
.doubleclick.net/ Name: IDE
Value: AHWqTUnye7dj5bhMByyFKl4-wZcTfUGiap52wiLaovLBBSaGRXJY8iSrcAOEY26uvI8
.dealnews.com/ Name: __gads
Value: ID=3f3d4a6d1eb7642a:T=1663332870:S=ALNI_MZmOcbarpXxe8_XzYJYh9eC0KY6TA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&4cce5a27-65fd-4276-8393-32b507d6f619"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjMzMzI4NzE7MjswMjFg3dQC0muT2GhwPSgNFMM/ZF8nsMcboOX3oEuhSF3W2A==
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2590:u=1:x=1:i=1663332871:t=1663419271:v=2:sig=AQHc43K1QDgwLlx4y4590AzplVI5fQiM"
.amazon-adsystem.com/ Name: ad-id
Value: AwtjN9WCS0N0ruqfgQ1XAUs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.openx.net/ Name: i
Value: e129584e-2772-4339-ae77-3bb08110694c|1663332871
.adform.net/ Name: C
Value: 1
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: ad23cf2e-fb2c-5203-964d-4239f569303e
.betweendigital.com/ Name: ss
Value: 1
.casalemedia.com/ Name: CMID
Value: YyRyCDG.bBvdIjSTDdfs7AAA
.casalemedia.com/ Name: CMPS
Value: 1169
.casalemedia.com/ Name: CMPRO
Value: 1169
.yahoo.com/ Name: A3
Value: d=AQABBAdyJGMCEFzhoOKVxjU08gFV0SMmDbMFEgEBAQHDJWMuYwAAAAAA_eMAAA&S=AQAAAiBu2HMVjbuvn9kIAhCp2yA
.betweendigital.com/ Name: ut
Value: YyRyCAAASji2TiPIbtTobruy3CNP48CT5htb0g==
.adfarm1.adition.com/ Name: UserID1
Value: 7143960287602342042
.simpli.fi/ Name: suid
Value: CA832A390B3B415AA5F2BABE24908EAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%se<]OV!]tbPl1M>e)ZlrFUfJ+tGXxpS>WK:!?OztiS%X4>>9tA6K%dGh`UvqxQ+6l4*bpRz*qF1`*b^k.)zl7V
.zemanta.com/ Name: zuid
Value: vbmhcXxXKpEHvtaLhpAe
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2770
.openx.net/ Name: pd
Value: v2|1663332872|gekin0vNiygu
.w55c.net/ Name: wfivefivec
Value: fMMuLlIO1OzaRy5
.blismedia.com/ Name: b
Value: 63247208757A6B0418CEAFB4BLIS
.media.net/ Name: visitor-id
Value: 3063344721492169000V10
.media.net/ Name: data-g
Value: CAESED0QAeNPOJs2d7HGTrC720U~~3
.w55c.net/ Name: matchgoogle
Value: 5
www.dealnews.com/ Name: _lr_retry_request
Value: true
www.dealnews.com/ Name: _lr_env_src_ats
Value: false
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.casalemedia.com/ Name: CMST
Value: YyRyCGMkcggA
.quantserve.com/ Name: d
Value: EDEBCQGOJ4EA
.quantserve.com/ Name: mc
Value: 63247208-c972a-69fee-5d54e
.adform.net/ Name: uid
Value: 1107508159765126734
.acuityplatform.com/ Name: auid
Value: 693325687609
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTE3+o11c2VyTWF0Y2hpbmdJZCQDqpFsYXN0RHJvcFRpbWVNaWxsaXMlAUFRS1cViJhsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFBUUtXFYiPdGhpcmRQYXJ0eVVzZXJJZGM3YWRjYmU3OC05NjM5LTQwYmYtOWMxMS1lYzg0NjBlMzc3OTH7+4Z2ZXJzaW9uwvs="
.dealnews.com/ Name: panoramaId_expiry
Value: 1663419272762
www.dealnews.com/ Name: pbjs-id5id
Value: %7B%22created_at%22%3A%222022-09-16T12%3A54%3A32.732131906Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
www.dealnews.com/ Name: pbjs-id5id_last
Value: Fri%2C%2016%20Sep%202022%2012%3A54%3A32%20GMT
www.dealnews.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-16T12%3A54%3A32%22%7D
.fksnk.com/ Name: f_001
Value: 8A01772ECBFB3BF9
.fksnk.com/ Name: g_001
Value: 1
.sportradarserving.com/ Name: zuuid
Value: 88dc6297-0acf-480a-b5ea-07dfbf1087f6
.sportradarserving.com/ Name: c
Value: 1663332873
.sportradarserving.com/ Name: zuuid_lu
Value: 1663332873
.tribalfusion.com/ Name: ANON_ID
Value: abnseFxlqLknJVsPUmnNbwZd8rgrEZaPcvl5Fd3a5dCkU6JlMGnXqZcCKYL3JdMZbIhEZcZb47vMQm9bSaAFbOmJp2
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1663332873
.dealnews.com/ Name: cto_bundle
Value: ci-Wbl9BSmVDQTVBZm9UeHdCZWF2R3l5dVE1RjlVckZvdHpZVmVraHRPT1ByMEJyRDJMQzZ3eTlWMVF3UHBkVHlicVlwRm1lbWZndEl6dldLaG82SVhCUlZPOUtSdWt1cnNtQUZFSnB1aUpsQndTbEJ6Smljb05VMU82YkgyVWRQSkJuag
.dealnews.com/ Name: cto_bidid
Value: ZMiLCV9QMEhQUmRyNEcxNzVwdzc3amkxT2RJZ0xUVVZBRnhUTHpFbmgwcUZUOE9nJTJCUTAlMkIwUDBzOWpJM3R3dHRMWmh6JTJGZGNHYXhMJTJCN3JTc2ZRamViZVk3bWFBJTNEJTNE
.go.sonobi.com/ Name: HAPLB8S
Value: s8543|YyRx+
ads.us.e-planning.net/ Name: CT
Value: 1
.awin1.com/ Name: awpv11354
Value: 412871|1663332873|b64c8580-35be-11ed-9f3f-2232bdca291f
sync-dmp.aura-dsp.com/ Name: chk
Value: 1
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.de17a.com/ Name: guid
Value: 1.2993804150473240315
.zenaps.com/ Name: awpv11354
Value: 412871|1663332873|b64c8580-35be-11ed-9f3f-2232bdca291f
fksnk.com/ Name: AWSALBCORS
Value: e7PTWJQkjlmy9l/KLB1CWu+fOvWuol/h4MMf5qXc/lD53jxQV+X1/DeXY9B8XB64AJ2dd4RNh1kIpFe5BRNMbFfHdNaOCgeVZbAil/uyrZpRvHZzVv/rVIGClLaC
sync-dmp.aura-dsp.com/ Name: pid
Value: NzE2Yzk2YjRiYmY2NTU5Mw
.casalemedia.com/ Name: CMTS
Value: 1152
.yieldmo.com/ Name: yieldmo_id
Value: gfb5fe2d0820f60546ba%7C1663332873820%7C0%7C
.awin1.com/ Name: awpv11938
Value: 412871|1663332873|b66341d1-35be-11ed-8280-22382f38ffb2
www.conrad.de/ Name: HTLP_timestamp
Value: 1663332873
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 1G0w6y0HQI6CPeqU7uVoBcljYfNBmtXWzkgH.0A9EfU-1663332873-0-ATkPjsGYRSGMZEQHYh6BCvIGt2ck0JIvQ2GPmwgLJ9wShsDj9bZ9Dna1R73uRSnYEHOV1n05NS/+TMChbObHbpU=
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1663332873_b66341d1-35be-11ed-8280-22382f38ffb2%22%2C%22sp%22%3A%22awin%22%7D
prebid-server.pubgalaxy.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsidHJpcGxlbGlmdCI6eyJ1aWQiOiIzNTc2Mjk3NzA3MTU0NjcxNDc2ODIwIiwiZXhwaXJlcyI6IjIwMjItMDktMzBUMTI6NTQ6MzEuMTAzOTAxWiJ9LCJncmlkIjp7InVpZCI6IjdhZGNiZTc4LTk2MzktNDBiZi05YzExLWVjODQ2MGUzNzc5MSIsImV4cGlyZXMiOiIyMDIyLTA5LTMwVDEyOjU0OjMwLjUyNTE3N1oifSwiYmV0d2VlbiI6eyJ1aWQiOiJhZDIzY2YyZS1mYjJjLTUyMDMtOTY0ZC00MjM5ZjU2OTMwM2UiLCJleHBpcmVzIjoiMjAyMi0wOS0zMFQxMjo1NDozMi4xNzY3NzJaIn0sIm9wZW54Ijp7InVpZCI6IjBiNWJlOGQ4LTM3NmEtNGYyNy05ZjJkLTMzNGQ2NDZjOTgzYyIsImV4cGlyZXMiOiIyMDIyLTA5LTMwVDEyOjU0OjMyLjc1ODg2M1oifSwiaXgiOnsidWlkIjoiWXlSeUNERy5iQnZkSWpTVERkZnM3QUFBJjExNjkiLCJleHBpcmVzIjoiMjAyMi0wOS0zMFQxMjo1NDozMy45MDMzOTNaIn19LCJiZGF5IjoiMjAyMi0wOS0xNlQxMjo1NDozMC41MjUxNTJaIn0=
.mathtag.com/ Name: uuid
Value: 602d6324-7209-4b00-a593-5a4c6c0de918
.mathtag.com/ Name: mt_mop
Value: 4:1663332873
.criteo.com/ Name: uid
Value: a2f90cfb-8119-4a64-ae9e-2d71262038d5
.c.bing.com/ Name: SRM_B
Value: 105C581D0B4464FC39B04A3C0A2F65B9
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 105C581D0B4464FC39B04A3C0A2F65B9
.c.clarity.ms/ Name: ANONCHK
Value: 0
.viralsweep.com/ Name: __cf_bm
Value: _3kdzeopDSBqxvwTVmZMP_b5luWSalDxhjMBg8B_tuk-1663332874-0-AVYG3Lyze/zTsRu0Lir5fd0GjFzAu5XoZQtMiWeV8cgGtpC+T79N1Vm5E6LxZ6xydFZcULxrX2RoZNolOVyiHII=
www.dealnews.com/ Name: vs_timer_control
Value: 1
www.dealnews.com/ Name: sailthru_pageviews
Value: 1
.hubspot.com/ Name: __cf_bm
Value: 7.ojMpa.NWNgt963iHWAmRBdxsIWs5O5QVZWg4Tb53k-1663332874-0-ATkZ6PVDFK8/q6QSfSs/7iicsBv/6J10pz+vR74GySYGlt6nf2Y/+/3rqFV6gihdW/wtvyDmd/rYjM29NKZylTQ=
.dealnews.com/ Name: __hstc
Value: 226279685.6be4058db3d396e88e2221bb5e0cf370.1663332874774.1663332874774.1663332874774.1
.dealnews.com/ Name: hubspotutk
Value: 6be4058db3d396e88e2221bb5e0cf370
.dealnews.com/ Name: __hssrc
Value: 1
.dealnews.com/ Name: __hssc
Value: 226279685.1.1663332874774

9 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=76
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17045810788&extPm=17045810788&extCr=440036200&rnd=1663332870811403' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
security error URL: https://40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17054712635&extPm=17054712635&extCr=443603275&rnd=1663332870811401' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENmu4mIZpJSftPpa23kcDjs&google_cver=1&google_push=AZmPxg8MlrGBJ8m0z-21Rn3BOGwnIqDZmbvVht-6KmToMKmBwLzwsESXJUSeKfyuOz-UX4Grv2QuNnuGnJJ0Xvia4AzyDn6A6V8QOw
Message:
Failed to load resource: the server responded with a status of 503 ()
other error URL: https://www.dealnews.com/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40b312ad77076455bff9ac93bcce4040.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
accounts.google.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
analytics.webgains.io
apex.go.sonobi.com
api.btloader.com
api.dealnews.com
api.pushnami.com
api.rlcdn.com
api.sail-personalize.com
api.webgains.io
apis.google.com
app.viralsweep.com
as.ad4m.at
assets.ad4m.at
b.clarity.ms
b1sync.zemanta.com
banner.congstar.de
bat.bing.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c.dlnws.com
c.eu1.dyntrk.com
c1.adform.net
c2shb.ssp.yahoo.com
cdlnws.a.ssl.fastly.net
cdn.doubleverify.com
cdn.id5-sync.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cmp.uniconsent.com
cms.quantserve.com
connect.facebook.net
cs.emxdgt.com
cs.media.net
d5p.de17a.com
dealnews.a.ssl.fastly.net
dealnews.com
dsh7ky7308k4b.cloudfront.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
fastlane.rubiconproject.com
fksnk.com
forms.hsforms.com
forms.hubspot.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
invstatic101.creativecdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
lb.eu-1-id5-sync.com
m.exactag.com
m.media-amazon.com
match.360yield.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.pubgalaxy.com
prod-rtb.ad4mat.net
prod.uidapi.com
psp.pushnami.com
px.ads.linkedin.com
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-frc.doubleverify.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
servedbyadbutler.com
ssbsync.smartadserver.com
ssc.33across.com
ssum.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
tags.crwdcntrl.net
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
track.hubspot.com
track.webgains.com
tracker.marinsm.com
trc.pushnami.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
v3s8r2c3.stackpathcdn.com
www.awin1.com
www.clarity.ms
www.conrad.de
www.dealnews.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
x.bidswitch.net
s0.2mdn.net
103.229.205.243
104.111.239.217
104.18.18.126
104.18.19.126
124.146.215.49
13.224.189.115
13.224.189.67
13.224.195.78
13.225.78.97
13.225.84.168
13.225.87.188
13.248.245.213
13.32.99.40
130.211.23.194
141.95.98.64
141.95.98.67
142.250.181.226
142.250.184.226
142.250.185.134
142.250.185.226
142.251.5.157
148.251.139.77
151.101.130.49
151.101.193.95
151.101.194.49
151.101.2.49
151.139.128.11
154.59.122.79
162.19.80.92
162.55.80.222
169.50.137.190
172.217.18.98
178.250.2.131
178.250.2.146
18.156.0.31
18.158.177.133
18.158.8.202
18.168.156.122
18.197.134.247
18.66.15.36
18.66.15.50
184.51.9.34
185.172.90.252
185.64.190.77
185.86.137.108
185.89.211.12
188.42.196.115
192.132.33.46
195.201.242.21
198.47.127.18
198.47.127.19
199.232.196.249
20.127.253.7
20.234.93.27
20.75.32.255
2001:4860:4802:32::36
2001:4860:4802:34::178
209.54.182.161
213.155.156.167
213.254.244.112
23.35.228.23
2600:1901:0:76b9::
2600:1f13:800:7782:2ffd:4913:b6c3:d37a
2600:9000:21f3:1600:4:b37b:9440:93a1
2600:9000:223f:8e00:1b:5138:8a40:93a1
2600:9000:223f:ae00:8:48e:53c0:93a1
2600:9000:2491:9800:1d:d7f6:39d0:c781
2602:803:c003:200::51
2606:4700:10::6816:3456
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700:3032::ac43:9f63
2606:4700:4400::6812:21ab
2606:4700:4400::ac40:98f5
2606:4700::6810:5805
2606:4700::6811:44b0
2606:4700::6811:81ab
2606:4700::6811:d2cc
2606:4700::6812:272
2606:4700::6812:7b9
2606:4700::6812:7f05
2606:4700::6813:9a53
2620:116:800d:21:c5a4:625:6563:a5bb
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:27::cafe:1759
2620:1ec:c11::200
2a00:1450:4001:801::2004
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::200d
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2006
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:3500:58b::4469
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:fb24:7ad4:5f4f:4dd3
3.11.238.206
3.12.169.211
34.102.146.192
34.120.107.143
34.120.133.55
34.149.20.76
34.205.195.221
34.235.242.182
34.240.38.30
34.247.139.125
34.96.105.8
34.96.70.87
35.157.192.129
35.157.246.167
35.173.165.253
35.190.39.111
35.244.159.8
37.157.2.249
37.157.3.29
37.157.4.40
51.38.120.206
52.2.211.96
52.223.40.198
52.29.158.178
52.58.8.248
54.160.25.113
54.229.65.185
63.128.92.144
64.202.112.159
69.166.1.10
69.166.1.14
69.173.144.139
85.114.159.118
85.14.248.91
92.123.21.200
99.80.120.198
99.81.203.9
99.83.154.140
00f28f185360e6347304e9cef26e3b2fb3e60ef05b765c6e81d41f31e352d52d
010adae22a829a59e8eeeee9201b766e8e35c1ebf715f3bb26557f623847f9af
03558a79f6d34c406c21c9c3c7807e3485e07d94a416bc8a630ad1f79e6b766f
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057b033d85e0517bfac06e79f005b74914e89d67776eb42b5fbcd499d7072a0f
06a8ac62f1f1eb0935471679b9fd58e360ff81ace219f1c3c651fb535dd83cc3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09f45cae33fefb645acd58dcc6b3210b373ec1d499bad580e30e5e84d9332a25
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e03f341064f783836c55b1eb7bcb4e02f653e7f4cc5493e791000b314ab29ab
0f4ef75c22d299ab0de69902e9e8423ed9481da8e073b3de897cbc932d690243
0f9ef9c99a0b68ff79a0f1707cd3023411011366437ce787b58a496f8092e9e1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141d0c16f846671454c7819c37fafe483ceb63aecb14695abd4a911d67df3d49
14989bc1da4677cc11035642eb068ef24addecdbcc0583b7404f4d6ce0634602
16e27e4c7d3ed093bd9b19b7215bc02591da4c5090b60abdc9edd7007191fe89
172531061beded835c03e69b103d5e0baf79910eece9d7eda24d37d103f0355d
18ede46135e43d30d1d6affe6cdf5b581484c2d54bc840aedc6d1f1dfb6d5404
1ba822a1798d65e05f0cfa29442781944e6ee107d5efc3992e96057f001a7373
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097
1cbe064e881b5d18bf2bbff54557cf29735359daff21cfb8e860817c82b5d5b7
2169e6b027c4f7a75e37caf19f4ea4905b327ecdea7fadda1eb42f93253e5945
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2344c46e8c979618a16ecc313871e04574a316343676ca96cfd21d643eec34bb
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
247ce0b20a25603aab61151ac35cb6cf3c1b16c8721b46ba8fc6ebf997a4575d
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2bb633ffb290f5dab728c738305527ed750351cc5159089a7b354459b7e13b49
2e499043a3e519689203ce5ad599bf331ef30397d87584f54c3b7b5a2a2a2b11
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
300657b2d0d4646f5602ebee56021bd347f6cde1e7cbdc12632d99cabad5a375
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
30458c50c79be7e1c20b30412c295f8bc0682d4b1f16667d570ca93aee2fb550
3153563c6b618a95af03d1dc02947a6ead65aa75ee68c80013d9babbfb1b8e55
31d55ac7d1c8d4ec907bb2151871edc6736a4dee83f598d5ce9fb48a1004f3a2
32397df30d42ef8ff89a3c143675a361b68eb8471eec07b8a6d94dd17e0e788c
3359f2771068986d9e0e1445783256294012d1685777eff2a44b7d9b0aa805dd
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
35041f3d483501f3507658e3d6f21e34e75ea12a095954a80d13d8794b952ccc
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
38c545315c6ca224c17a58019d1d1a024661ce54fe16fd24d13824c74c99e998
39e5a86cfb3db6af67c1dabf0731008b873d07699b8b877130c1985bf8f167fc
3b0174d492d0202d493b32f4ac37f4773cde076b13c1c67f934db984035f5ef4
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3cc014de67759346b289435c5974bd1c82ece82546b276ef4b28aa40f702005e
3e4b121250ff51da4a3db809726aa19764785c96b6f165314e61155f89e06828
3e6c05d1b39ba98ab9ecf70dbb81e65381092090e9bb2fbc5cb6bfed55383409
3f594cda91fb698443b7082bdcc85648c15f9b30a78e7bcaf78c1f6e0d5a04d9
3f6ea66f4fee4e8832b05633a298a1de7a9c56c89091545674eb34f7ce03dd9c
41df5dabed00adddac5d754e283f958cb41c46f37ccdf242c5f56e014828710d
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
44a047b06e76316f03b181c187222a6fe44bea60b600e74a42ecb9ae3612fd4a
461f906fbdd651ac3cc6e3c4424304be60da05bd573659d5bc855724137ebcb2
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c464c75746092461d258465319200145abb96abcbb52c17ea7a804ab09fd7c
4a00d03b3c1e4bf7a22acf43491f3cbf4b5792c992ccc119a42fe7b4b4375b3d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c99f0f0f7957ed40382c6fe57cc2c2aba38a1cff3ff39c5ea44b050ba710d91
4cf6339864c06b336d8adab6fd9281f10e2cfd161d0954c518c115937b13897e
4d64db70c2c6aab6daba00285262e0177353aa5fdebedbd9a2f75d05e2aa594f
4dae01824fce42e4fa6ef4ccfafe7c6b39ceeeef292a485f9297d3d553d7946a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2d25cfd900cc58359b570346578a99488a7516eb9b25ab0681a95f8c61d96
4f96f2efbf92ce5c8dde78d67a39c4ac2a10456dc584dd1e8c23f27c6f93d212
4fe2ccfe4da521ee0ce2411129789d1502390d64457767463542a7d41621a8a8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55543c7f8718aa1625b566ff8f878ba8c0f1d33f07f7c7eacb521f4845f5f1ed
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
575986ceb03b41a80e51883a5ed8747fe2e71d2dabae1cf0741f4ae4d4049ed6
57d599682474f6efc9daef4430831d5361b1a004abc0b99a4247c37a76fe07d8
5894ee3d7d4df1ecc61c45f93b0da93ed10f59fdbed792b52a26741ad02bcb4f
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a84605cd88860657c10529ca9e7939dd005212b9bab244656803bc5e26c4b4b
5bd624c904f13d8e72e6670bf11ca71653414cae15b615f23de52c8a8ef6c77f
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d8c4234771ad9c98b855ea41b28ef63644e1228e3578d0588d0272094619698
5db625c9b1dfda87270acb2cee33549589e2e922eefdb6e602fbe3ef86f48c34
5df472b3ee468dad2ef730bc18514f0fa35f0ae17aa4a7c33d94a26004d48a55
5ec5e0d1935aa925dff55646f9654b2283b99ba5197625e86901a50523dc4b49
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
61c0a3c47c676ade3fd4856c766fa5689049ec259220852ce7869ec7250754c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6359a946669a7fe6861ffc3a0d3b4c65e97a209f82fcf3db2f9de00eeb209e02
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
63a404e7f023e1b5129d8e4005e0fa080c2fd51d1ab50c00072f25865ea8f303
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
684ca53eb93a7d9485eed3b21ed1cc4284991aa20f5e5de144b42b76909c9f05
6871b64d1f495b97f0ad4f4bf7be8a77bf6f86f1df0a584e3203f6d9ccb124e5
699d1a0eada5d0860d50c74d325a75a8eca31be6d803abd39af42d31e824e9f5
69afd4a6d8285a2adac9cc317a78ce2b1270050206b96ef505901b4f2221a5e9
69d981718f42189f55b71a435c4ebcbdfeff3a4e22f10f2fca4f048ed9071e9f
69da92ee09ff50fab9e5fa904cbdd342426c4ce6cfce08ccf12f04a7c21f14cd
6a1f8efb8aa6dd48ef00b4e7d36831ac198e998309189d8777f712725bcf83e6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c11cbe7db8518c183dd6c3ff48b05c64b8e90db9259304de19b054bef18ad76
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
723f373126e07f562d4271e8914dc0d5dd57369f2016dd44ff3770236655f9b6
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75cc3fa770e910cf839784e1a2df124d5cf0144afdea9411fa0f9ca4336bb026
787154693674c873a21656573c1b8f034457043f5d13e3e279eca38186db1821
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
80ad049e0264ae7d9ca4bad263cc4b982e5e9612d700ea789c05b24d9ded4d04
82ce4bf182dd07d37156ffded883f57d8fd13b80e970f5ad2258a2beec5c2ce0
839e8a58aeb47596c00292280fd2294c7c7ecd8bce2eef7d8cb461bd6f6b3ab6
845026e1fa34e2ac7f7e8ccef9c9ca4ad0a87b5cffffb844564caf76275c5d12
8647cf7583e55b3ef39d64bb217644e353dba1617f1fff9ce8a96cec7b22569e
86f7287f730ab7e5e35914c490d2aa02f21b164d808f7de8ae782c0f66519b25
887255276e52458576e3c34699441fd525a7df123c76586bae5a84a56c561526
8878de93f0391bd93c2be05c5e49401ea10d8b78dc6a20efe8ea965ac227b32b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2994922d32bfdc616524a94f09dff649cf2ad68630218517959c45892b2f41
8cd5b43bc49f6d23d6b3b7bf71ee4c8f087bae585cfe62f242e2df606a0dd776
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d97b07f5282ecb19876e40209098d71688c26297493e816687d4d45da0355cf
8daf34ddc58dcb10251e0c8783b53de7363df0cb6e28f65578b7a0f4c0319a6e
8dfc9626eaa0652d62044b02f8cef0c5d632c668c01b4a4355f9c6d4ca5b9f0a
8e2185b93c667da30953cd3375332234ccfe0038a72f4e23aa1434ca336d83c2
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e5ae300a6f3cfe0cf1115ef37e705157de2f4be5e9f723f8489ae46432d542f
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fbfc9cc36bed308077b4873b0c0ad8e155ee376c3cf9c5e649178739f4f72a7
90f1f713ef26870b1eb00e3aac5958a26ff4d117dd020ced646a450d1e316bcf
9164c16a35eb6f4030b14b53c902b8b2658d9fa91807656f8e1721f2164bd715
9337f499c9b0cc63404026b5448c6fd449df6ed57abf148722751a3a4b992c54
9430bcc9d39849aac0786a7b4e31c0c508f9cfa27e3165fb67daacc45f0a8975
95baf816c5d3649bc121c78bcd9edc1c8f056b0e4ed72be2c40edfaab09b3ce1
9729d30850d884cf0b26194f57124b2b7c621abc5c28c13a7d64175b3f08e3df
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac5f857840943d931357218d3d9d852559b9fd973b61692a5732fcef9f9021c
9bb50dfc888f20a8a1e41253d2c95bd57762d1a26939ac1187fe1d6d21ffb74d
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9ef40e39a927c1025265848f2e7d6d841a48c19e375deb37fb3a379e70a17212
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a0137eab139b6a47e43ce907a0552975fc9b69aff3335779ef178f653bd70f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a34acc4216f2a5991349a65fc567425a4d85c6446f58a3c6c569b9a85bbce1f1
a381e85dbfd4ff95de554ceee5f9331bfbb36b90babe6f07880d7ee3d2174acc
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a49a2419440a21770131fcfe002af1b2b5bc8aa673c90ee0195615d2a50d6b61
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7541fc5c9a11282980ed923f9b2f1827738f86dee00d52a7b3bd71b640133d1
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ad55af223be2ccc80c6cdc3304a54ce1ad18251d70c81bd6d2ece5487b3acd1b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5a3d364bd26c02f88c916bbbf2d529f8a3638dc589ceb62318ebe6922c7bbc
afe08e7415debc994fbddd642f182fcae65ab5ffe9cdf08f826bf74900c54661
aff06747afdb353ce592b3bfe26bc6285c85fd6202cf31a6c14a2ba67c2da9f7
b06aa526b2e195b72ae8094c9846133b98d3ffcd3eccf6903cd583df1a3e5c93
b08509a7ef85147f64d69c6d2cb1d96f60f7bb1779ff3a0beee680ff90a136c6
b08ddfd460f2b95eb29693ca14e55662d499a2481ac4485ee9599cecc839e5d4
b0d20eceb72bd6b00c9777c74a2691a486982b007a3302ca63b7da8e550751dc
b0ef88f0fb341918ccc404b7173a831767a94081cd96e896fdb816e9adc5f57d
b10fa5715f615ea9a15ffc584f9d550efacc16a375b06d3c9e07d4218f379efe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b163ccffc514a5d86b836108c2dfa2ae84c71b1af820257d78e048bb384f4ac1
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b4c9504e59a6049e6b8cddfc6b6701f5c670b884c3fe3999c657f5d51ebbd335
b5419623860e50db34924e56a0702d28539da719e9e110662ae866b46d114a3d
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b92e01788214c86628f07d427d7d0b88920bca7ffa3dbff917f43b0cf10274a8
baae017ded2089d8c6173a41598210e58dc9d501966fa06916e92080cdba8623
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bbeff590700782181d808a1d71764cba258112f17912edd3f4c52cf4e6511a25
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bdb5ccdd449c9d7b5678aa4ab1745c445174bacd2d1e4eb2058d654514862a73
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bebfd1b566a6b43898dce4981aa1ee01fbe8b3d77fdb6fc6eeec6a3912153da2
bfea518f4e09df5b8de2520c3c5930863c0b3607db885f88d8f1aaceef2b9e18
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c52f7ade0bf364a4707457a4f73d476c4f173b327e3d37ec3f362de970137309
c749e19623f30450daf74e411688e6c580da3cc6b2516eb3187e357e25277757
c8332e503a9261bb15192109577a874219a54e7e047037ac525f8281e7fb6b84
c849af0750d4af122070af72fc7c2b125d3790cb3f66998567dddb8c9553eb9a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf88381ca25fef969a3cf153cdeb66f0f93954c52ec49711329be6fc4fbdba70
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d54f0a586c9aa22081bb9e0f3b46d79724b5f89ab0e96358ddd59ef80adfc471
d5d62568b8ec77b8986b54e05531d84ba64435646ee535521f0bc189ebe7d55a
d7c28ef654c134a7e82341c8ef203deb69f4ad20dfe7b2ee4ed675753fd9168d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d99c1e70fd5d708a6a6f2e2129be4001d765d8dfd37c6dafe7a89b63a38118a7
db8a2379e7116a57079ac0a520e4939767d0a98e8961368bb0e09f9199f5bfa6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc97dcd6442aa25bf83bc38d470840f3c13a282dc82378b1e3face88f05189f8
dd002b246d22be6295ca76e9a22cf845925f27ee59f3c56853286392002690f4
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
de2297245e86897687e51c004aa41563bdac780d75a082da61997fc2aa3ddc9d
de66a383a3b8fb6f7644d1839bc673c5c6220927b63965c703273112710de3f7
e2af452a133c81f05bd5a78974092ccdb5ba115f17ad8a275c2a4e6491b93393
e2c84f1d0ea118080b24b543c0612114db1c0f4d4cbb09a5f0a2ce56c16ecc85
e303da08a9655f1ff1f70103f1bc408a02921a2b8d8c315872c913d29e8f6e54
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e39c57adf3cbcd6ca29c644705ed27b86afabb0599418399be038e9a5b2937
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e74050db1d30e27cef3d52fd1ee7ddc72200f8139e8aa942bd87160efc8c4206
e7b1f3c3e1cb9219eed47757f95dcc4383ea2193f90ebf65f05bbbd428ad06b8
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
e9e9d7eae4e53b327d5abfbda5af08b634fde2f8eda3bc490b4b90f2e4667cb0
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdb2784d0e9ebc144996d54be9d6d7ccbb1b5744225fb065631349d5da2427f
f5adc8ed1959b4c7a90bc67ccd601e491937f3a4b3ad532cb03ae8bd466e2b90
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f6b994ba9b12a1bf42065ab338fb8af512e73e8f03ca0da2a75fd2a890f5f941
f6fb50975638c7408379a9bdf4c350cbac0c090e681f2415638ed521ce2f724f
f981789e4a31af8f263eb84b1e571255c33f4f6e65c8984b3ee05efa629e0f1e
f9c5b6f7e6605c704f54e2cd4c1dac96cc2854910339ee4e45c37879cd4e5b20
fbfe67e02f3687e24129c5f1e2df7b688a4d97d4a857ebd910a30225883276b2
fc91d3152f47b99eeb0ec8544c6a66d8b71c77e791f12da57f1d1a33d53cf1b7
ff030bb1a91234d887e56dd29a29044b4b65aabcaab6815733fad97cafa11296
ff1e37a6f3d9a40f8459750ccaaf41e6c230c11e2035962dcac46f72d52885a8