yahoo.com Open in urlscan Pro
2001:4998:24:120d::1:0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gamadshub.com/
Effective URL:
https://yahoo.com/
Submission: On January 12 via api (January 12th 2024, 3:28:48 pm UTC) from US — Scanned from DE

Summary HTTP 526 Redirects Links 295 Behaviour Indicators

Summary

This website contacted 59 IPs in 12 countries across 50 domains to perform 526 HTTP transactions. The main IP is 2001:4998:24:120d::1:0, located in Quincy, United States and belongs to YAHOO-GQ1, US. The main domain is yahoo.com. The Cisco Umbrella rank of the primary domain is 85.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on September 26th 2023. Valid for: 6 months.

This is the only time yahoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:9926	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2001:4998:24:... 2001:4998:24:120d::1:0	36647 (YAHOO-GQ1) (YAHOO-GQ1)
94	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	52.19.173.208 52.19.173.208	16509 (AMAZON-02) (AMAZON-02)
32	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.212.205.93 52.212.205.93	16509 (AMAZON-02) (AMAZON-02)
13	23.50.131.73 23.50.131.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.199.23.180 152.199.23.180	15133 (EDGECAST) (EDGECAST)
1	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1288:f03... 2a00:1288:f032:1fa::1000	10310 (YAHOO-1) (YAHOO-1)
1	200.152.165.201 200.152.165.201	10310 (YAHOO-1) (YAHOO-1)
1	2a00:1288:f03... 2a00:1288:f037:1fa::1001	10310 (YAHOO-1) (YAHOO-1)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
7	23.35.237.37 23.35.237.37	16625 (AKAMAI-AS) (AKAMAI-AS)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	212.82.116.201 212.82.116.201	10310 (YAHOO-1) (YAHOO-1)
1	2001:4998:1c:... 2001:4998:1c:805::2001	14779 (YAHOO) (YAHOO)
1	2a00:1288:f03... 2a00:1288:f037:1fa::1000	10310 (YAHOO-1) (YAHOO-1)
1	2406:8600:f03... 2406:8600:f03f:1fa::1001	10310 (YAHOO-1) (YAHOO-1)
36	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
72	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	108.128.252.65 108.128.252.65	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223f:d600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
49	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
20 47	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
7 15	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 3	54.246.204.16 54.246.204.16	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
8	194.97.41.228 194.97.41.228	5430 (FREENETDE...) (FREENETDE freenet Datenkommunikations GmbH)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:9b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	54.73.214.63 54.73.214.63	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2607:f350:3:2... 2607:f350:3:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
2 4	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3 3	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
4	108.138.7.108 108.138.7.108	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	143.204.215.11 143.204.215.11	16509 (AMAZON-02) (AMAZON-02)
4	99.86.4.17 99.86.4.17	16509 (AMAZON-02) (AMAZON-02)
5	34.251.108.160 34.251.108.160	16509 (AMAZON-02) (AMAZON-02)
4 5	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	54.194.123.185 54.194.123.185	16509 (AMAZON-02) (AMAZON-02)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 8	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
2	2600:1f18:612... 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51	14618 (AMAZON-AES) (AMAZON-AES)
2	168.119.66.181 168.119.66.181	24940 (HETZNER-AS) (HETZNER-AS)
1 1	54.154.107.3 54.154.107.3	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.158.60.234 35.158.60.234	16509 (AMAZON-02) (AMAZON-02)
12	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	95.217.106.24 95.217.106.24	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:206... 2600:9000:206f:a800:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
526	59

1 2606:4700:3031::ac43:9926 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gamadshub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2001:4998:24:120d::1:0 (Quincy, United States)

ASN36647 (YAHOO-GQ1, US)

yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge-mcdn.secure.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dns-2mx9qn46p.sombrero.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bats.video.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video-api.yql.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.173.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-173-208.eu-west-1.compute.amazonaws.com

guce.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
udc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
noa.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.205.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-205-93.eu-west-1.compute.amazonaws.com

fsbcn.fp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.50.131.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-73.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg1.hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.180 (United States)

ASN15133 (EDGECAST, US)

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f032:1fa::1000 (United Kingdom)

ASN10310 (YAHOO-1, US)

v-aygcg5qee5.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 200.152.165.201 (Rio de Janeiro, Brazil)

ASN10310 (YAHOO-1, US)
PTR: e2.ycpi.brd.yahoo.com

v-bul65jas6h.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f037:1fa::1001 (United Kingdom)

ASN10310 (YAHOO-1, US)

v-c9n6fcob9a.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cerebro.edna.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.116.201 (Sofia, Bulgaria)

ASN10310 (YAHOO-1, US)
PTR: e2.ycpi.bga.yahoo.com

ybar-mcdn-report.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:1c:805::2001 (United States)

ASN14779 (YAHOO, US)

ybar-c9n6fcob9areport.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f037:1fa::1000 (United Kingdom)

ASN10310 (YAHOO-1, US)

ybar-aygcg5qee5report.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:8600:f03f:1fa::1001 (India)

ASN10310 (YAHOO-1, US)

ybar-bul65jas6hreport.wc.yahoodns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.252.65 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-252-65.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:d600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 142.250.185.226 (United States) 20 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.64.151.101 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.246.204.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-204-16.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 194.97.41.228 (Germany)

ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE)
PTR: ndirect.ppro.de

ndirect.ppro.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9b32 (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.73.214.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-214-63.eu-west-1.compute.amazonaws.com

jvxas.dco.mazda.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.17.21 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.159 (United States) 3 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.7.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-108.fra56.r.cloudfront.net

playercdn.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.215.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-11.fra53.r.cloudfront.net

assets.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-17.fra6.r.cloudfront.net

cdn.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.251.108.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-108-160.eu-west-1.compute.amazonaws.com

evs.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.12 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.123.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-123-185.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.97.41 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.66.181 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.181.66.119.168.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.107.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-107-3.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.60.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-60-234.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.106.24 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.106.217.95.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:a800:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
119	googlesyndication.com d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185 pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 ade.googlesyndication.com — Cisco Umbrella Rank: 360	865 KB
80	doubleclick.net 21 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677	436 KB
77	yimg.com s.yimg.com — Cisco Umbrella Rank: 876	2 MB
67	yahoo.com yahoo.com — Cisco Umbrella Rank: 85 guce.yahoo.com — Cisco Umbrella Rank: 6035 edge-mcdn.secure.yahoo.com — Cisco Umbrella Rank: 9555 geo.yahoo.com — Cisco Umbrella Rank: 1937 fsbcn.fp.yahoo.com — Cisco Umbrella Rank: 188485 opus.analytics.yahoo.com — Cisco Umbrella Rank: 6091 bats.video.yahoo.com — Cisco Umbrella Rank: 6547 udc.yahoo.com — Cisco Umbrella Rank: 5091 www.yahoo.com — Cisco Umbrella Rank: 1390 video-api.yql.yahoo.com — Cisco Umbrella Rank: 7399 noa.yahoo.com — Cisco Umbrella Rank: 7687	3 MB
49	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	974 KB
19	jivox.com as.euw1.jivox.com — Cisco Umbrella Rank: 211196 playercdn.jivox.com — Cisco Umbrella Rank: 8537 assets.euw1.jivox.com — Cisco Umbrella Rank: 224236 cdn.euw1.jivox.com — Cisco Umbrella Rank: 238046 evs.euw1.jivox.com — Cisco Umbrella Rank: 213782	320 KB
16	revjet.com ads.revjet.com — Cisco Umbrella Rank: 8504 cdn.revjet.com — Cisco Umbrella Rank: 8224 pix.revjet.com — Cisco Umbrella Rank: 7200	677 KB
15	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	9 KB
15	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385 dns-2mx9qn46p.sombrero.yahoo.net cerebro.edna.yahoo.net — Cisco Umbrella Rank: 19460 lg1.hb.yahoo.net — Cisco Umbrella Rank: 4523	218 KB
14	ad4m.at ad4m.at — Cisco Umbrella Rank: 11048 as.ad4m.at — Cisco Umbrella Rank: 25279	78 KB
8	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 2019	2 KB
8	ppro.de ndirect.ppro.de — Cisco Umbrella Rank: 550523	67 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	519 KB
7	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 4770	339 KB
7	yahoodns.net v-aygcg5qee5.wc.yahoodns.net v-bul65jas6h.wc.yahoodns.net v-c9n6fcob9a.wc.yahoodns.net ybar-mcdn-report.wc.yahoodns.net — Cisco Umbrella Rank: 24220 ybar-c9n6fcob9areport.wc.yahoodns.net ybar-aygcg5qee5report.wc.yahoodns.net ybar-bul65jas6hreport.wc.yahoodns.net	2 KB
5	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 930 rtb.openx.net — Cisco Umbrella Rank: 1007	1 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 356 secure.adnxs.com — Cisco Umbrella Rank: 793	5 KB
5	brightcove.com metrics.brightcove.com — Cisco Umbrella Rank: 4365	575 B
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 28362	46 KB
4	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1105	1 KB
4	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
4	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190 static.adsafeprotected.com — Cisco Umbrella Rank: 988	1 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 29191	1 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 1001	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	52 KB
3	zemanta.com 3 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 994	2 KB
3	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 77673	2 KB
2	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 2179	349 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 998	884 B
2	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1696	725 B
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435	1 KB
2	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 210958	2 KB
2	gstatic.com csi.gstatic.com	288 B
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 639	370 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 2057	104 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 620	613 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052	584 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 65617	610 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	146 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 5072	1 KB
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1972	880 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 1057	598 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1758	673 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10841	289 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	149 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778	774 B
1	mazda.de jvxas.dco.mazda.de	28 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 274	300 B
1	gamadshub.com 1 redirects gamadshub.com	610 B
0	loopme.me Failed csync.loopme.me Failed
526	50

	Domain	Requested by
77	s.yimg.com	yahoo.com s.yimg.com
72	pagead2.googlesyndication.com	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com yahoo.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
49	s0.2mdn.net	imasdk.googleapis.com yahoo.com s0.2mdn.net d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
47	cm.g.doubleclick.net	20 redirects googleads.g.doubleclick.net d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
36	tpc.googlesyndication.com	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com yahoo.com s0.2mdn.net s.yimg.com
16	noa.yahoo.com	s.yimg.com
16	yahoo.com	yahoo.com s.yimg.com
15	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com yahoo.com
13	geo.yahoo.com	yahoo.com s.yimg.com
12	cdn.revjet.com	yahoo.com srcdoc
11	bats.video.yahoo.com	s.yimg.com
10	ad4m.at	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com yahoo.com ad4m.at
9	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com	s.yimg.com
8	sync.teads.tv	2 redirects d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	ndirect.ppro.de	as.ad4m.at ndirect.ppro.de
8	ad.doubleclick.net	1 redirects d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com yahoo.com srcdoc
8	www.googletagservices.com	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
8	securepubads.g.doubleclick.net	s.yimg.com yahoo.com
7	players.brightcove.net	s.yimg.com
7	hb.yahoo.net	s.yimg.com yahoo.com
6	lg1.hb.yahoo.net	yahoo.com
5	evs.euw1.jivox.com	as.euw1.jivox.com d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
5	assets.euw1.jivox.com	as.euw1.jivox.com
5	metrics.brightcove.com	yahoo.com
4	img01.ztat.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cdn.euw1.jivox.com	as.euw1.jivox.com
4	playercdn.jivox.com	as.euw1.jivox.com
4	onetag-sys.com	2 redirects d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
4	www.google.com	s.yimg.com d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
4	as.ad4m.at	yahoo.com as.ad4m.at
4	googleads4.g.doubleclick.net	yahoo.com
3	sync.gonet-ads.com	3 redirects
3	c1.adform.net	3 redirects
3	cdnjs.cloudflare.com	as.euw1.jivox.com s0.2mdn.net
3	b1sync.zemanta.com	3 redirects
3	skydeutschland.demdex.net	1 redirects d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
3	udc.yahoo.com	s.yimg.com
2	pix.revjet.com	srcdoc d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
2	ads.revjet.com	yahoo.com
2	partners.tremorhub.com	googleads.g.doubleclick.net
2	ap.lijit.com	2 redirects
2	sync.go.sonobi.com	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
2	match.adsby.bidtheatre.com	2 redirects
2	ade.googlesyndication.com	securepubads.g.doubleclick.net
2	pvx.freenet-mobilfunk.de	as.ad4m.at ndirect.ppro.de
2	csi.gstatic.com	imasdk.googleapis.com
2	static.adsafeprotected.com	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	2 redirects
2	imasdk.googleapis.com	players.brightcove.net imasdk.googleapis.com
2	www.yahoo.com	yahoo.com
2	i.clean.gg	s.yimg.com
2	edge-mcdn.secure.yahoo.com	yahoo.com edge-mcdn.secure.yahoo.com
1	secure.adnxs.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	x.bidswitch.net	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
1	a.rfihub.com	1 redirects
1	cs.media.net	1 redirects
1	ads.yieldmo.com	1 redirects
1	t.adx.opera.com	1 redirects
1	rtb.openx.net	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
1	s.uuidksinc.net	1 redirects
1	match.adsrvr.org	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
1	px.ads.linkedin.com	1 redirects
1	as.euw1.jivox.com	yahoo.com
1	jvxas.dco.mazda.de	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
1	ybar-bul65jas6hreport.wc.yahoodns.net	yahoo.com
1	ybar-aygcg5qee5report.wc.yahoodns.net	yahoo.com
1	ybar-c9n6fcob9areport.wc.yahoodns.net	yahoo.com
1	ybar-mcdn-report.wc.yahoodns.net	yahoo.com
1	video-api.yql.yahoo.com	s.yimg.com
1	cerebro.edna.yahoo.net	yahoo.com
1	dns-2mx9qn46p.sombrero.yahoo.net	yahoo.com
1	v-c9n6fcob9a.wc.yahoodns.net	yahoo.com
1	v-bul65jas6h.wc.yahoodns.net	yahoo.com
1	v-aygcg5qee5.wc.yahoodns.net	yahoo.com
1	sb.scorecardresearch.com	yahoo.com
1	opus.analytics.yahoo.com	s.yimg.com
1	fsbcn.fp.yahoo.com	yahoo.com
1	guce.yahoo.com	s.yimg.com
1	gamadshub.com	1 redirects
0	csync.loopme.me Failed	d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
526	86

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
news.yahoo.com
finance.yahoo.com
sports.yahoo.com
football.fantasysports.yahoo.com
bestball.fantasysports.yahoo.com
baseball.fantasysports.yahoo.com
hockey.fantasysports.yahoo.com
basketball.fantasysports.yahoo.com
n.rivals.com
help.yahoo.com
shopping.yahoo.com
autos.yahoo.com
guce.yahoo.com
yahoo.uservoice.com
espanol.yahoo.com
au.yahoo.com
ca.yahoo.com
qc.yahoo.com
de.yahoo.com
hk.yahoo.com
malaysia.yahoo.com
sg.yahoo.com
tw.yahoo.com
uk.yahoo.com
legal.yahoo.com
www.adtech.yahooinc.com
www.yahooinc.com
mail.yahoo.com
login.yahoo.com
search.yahoo.com
twitter.com
facebook.com
www.instagram.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-26` - `2024-03-20`	6 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
guce.oath.com DigiCert SHA2 High Assurance Server CA	`2023-08-13` - `2024-02-07`	6 months	crt.sh
fsbcn.fp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-07` - `2024-05-01`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
opus.analytics.yahoo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-05-27`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2024-01-11` - `2024-04-10`	3 months	crt.sh
subs.communications.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-30` - `2024-05-30`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2023-11-23` - `2024-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ppro.de Sectigo RSA Domain Validation Secure Server CA	`2023-01-30` - `2024-02-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.freenet-mobilfunk.de Sectigo RSA Domain Validation Secure Server CA	`2023-03-14` - `2024-04-13`	a year	crt.sh
jvxas.dco.mazda.de Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh
*.app.euw1.jivox.com Amazon RSA 2048 M03	`2023-10-17` - `2024-11-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.jivox.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-06-16`	a year	crt.sh
euw1.jivox.com Amazon RSA 2048 M02	`2023-10-13` - `2024-11-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://yahoo.com/
Frame ID: 4F45251D39D5179D2B8BC1A355701F8A
Requests: 172 HTTP requests in this frame

Frame: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
Frame ID: C7D18E5FBA4046C9B11D0B4C97BF9D86
Requests: 19 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB8DAC61773B892418F2FFE5B26D8C38
Requests: 1 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 21BC45A5B51315256D216E0057CFB06D
Requests: 10 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 93D1E4865A01213734C8EF5F3F81C94B
Requests: 18 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50CE808A470A60A76AC93B1F25D21F35
Requests: 24 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F52962863DBF2E318FE4A0DC6EE4E9A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNVAnSoiVyY1z-4oqwJ62FFTttkBngf0nHLE2ciJ_6JhiKEGxk8TmUUw9T2RpL9Lh-H3MOFhDfDojknDhoPxLgDJufrA4n5aC5GoovTNUTo0XPFYkjA
Frame ID: DF9CE5D031C5C7A78E0D6932EDDE6448
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNXMtxVewz43V2cGcOIJSMTFlBUneXVZxPiLdqk0-RDax84qgH72KL8OTmAlAZlJHD9gb8fXQzlFwjJmTiP7d_zYCH43rLJB9sz5KUbjksMJlMG1u7o
Frame ID: ADD0B1DBC507A902C3B856E05536F292
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNX86L6MZHyBz9m8i3rapL-1-WJyHfzTHucNSJeYU0uSVdkkZ3E7qkkiOeeZeOqd4-KLm4GLe9MKwWy6IVxpsMS5PKBqWI5i5WxZjwI3U5Hb_hD_hY4
Frame ID: CE0EFA5CCE3529449A9B0254BF52E669
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Frame ID: 35BBD26B65C466AF24D7595A5C6C9AFB
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 04759BEED04025FFE157286EDC1B7F7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F50745342515E6CC2542E95F83650A1C
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: EEBC83AEDA9A6389489B13BE131C6C5D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250
Frame ID: 93E05EC3C5A3A39CCC39347FC1414522
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C929882D40FD4A9D828AA724A9441D2F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DBBF80F93CEA7A9CDD36D8328F20F5A9
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 2D07822CBF7BC10F08055B9780103338
Requests: 1 HTTP requests in this frame

Frame: https://hb.yahoo.net/checksync.php?cid=8YHBJ3BJ0&cs=1&cv=37&hb=1&vsSync=1&prvid=25014&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Frame ID: 9F3215031308EF8F79D54D13E8FDF3B1
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=db2a964b51ea00e0bdf7d2643501cf82%2F149638236992245927&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300056&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC_mJ8kVqhZdf_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9BBHfQZ9_HW25X-Xi6z81qVFNspAHEIOWbCurApWOdciOm7p4M323gXSY0fnrgLVbNoPKsfG-L3gSylWzopZblxtFGxwB_1SZR9DCNicscxxVnYHg3pGW_Zp26y3wqA1Urx2MYiZWzsLOWi_xWlhbkK6djpZgOeHAkrdIxq_xG-QM801fDlt17UAwECebRNQBtdgJRaOWCAjWa8bVZJlqwsfKgzX_wwO5TP-hchzgtNlObxps8gQSxCj0E02FNEZBwFo4S6RVoBI4-sIQ1XXFU8V9RowCme5V60ySYXzPBK6LBTz2dGOB3UlPVT3DwhFC2Ufc7QK565JPQOPovEEYuho2FXg4sMrx1ZOuWXKy_ABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNjZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_2_nZ1SyvL0bU-rL9evZNormMWdAA%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DUdcrpKI6IhoLtH7Zpv4-ETaWeLGSa81i_hRo773Sn0POBAUhsbcIiJdlR_ELvpfcf2fnQtQsWRFd1URh8XfhTjlp6hlL4FCqCaNHAMD0xxsmPeFvk9xxLIkzzMLqt1s_wDA2u4CmZYVwBM05nopAOgVPieEFBtKvmDS-JY04S2yciOOk%2526cry%253D1%2526dbm_d%253DAKAmf-ArGky7ywQ5rEwCING_FifRz9EPVKi2d3uF-Fbcba7bmdrKrizVSTesQ7DiCT8CAVwpNbeG-Rxotur8IbEhC26LUM1oHv4BYGFB_HdwMZWijeMrXhU_x4XBG5kSscZqXIABs_pWRoDyv2X-HhT9kQeO7BT8R2vikVozVZO-ZEDOhVzHjpwv4xdtFtWhhhAu8bj5MMzJvk5uZIEijiEZxxDCyLwOqa_jhzIzXEtZL75eOAR2KS7qR8BG22IbBnmfVFdKN0Qxbng153gTSvSYtBj77tjNgU9FHmP9jd4o4_SKWeoqb2N9BSntOrBJm79ALRMJsHpUHkVk7SKmG0q9ejTTj1HKmOikvGnz0fhRXqYl-ngkejfLB0wnutHfFrLY6DOQ-E2WCSuUI00wz72k_Z4BftmciOly7OlaE4E-vTviUNMViAQdPc7meKco7Ra5FncgRsKeziWZ3VooqDHA8sxLarRroWR1L4XhHSymYEU7ju9X0iFkPCMgSSx00fVg4juthsNEmDmMje4Ab9CpPTORL3vslp5DbRud_9EbkYk7x7IRfBhJtEZtT6kxcpXj2fwAQacX%2526adurl%253D&y=1&s=&z=0
Frame ID: A3C9B5FF71355AB892498BB1EEF626AE
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=fea52d219cee1503f79bf1716dbc5996%2F10430786718170859726&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300069&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DChLtGkVqhZdn_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9Dsl8vCHy4GdQRMO_CQq9E9gBk4nN0dYkEecML3UpQFmKkso16qmMOduENRBGhjHj0tPza0wZMwL_ks9Vd5bRkKW8WeuE4eH2ndumedi3LYjT2BFrrja9UbUZo_Z06M4iFU4LljgjM2kWzByarYqyCkA4yDosY9qfq1A7VHnZF7z2hza1X2b-slL2i4tjzdIf4DSVH4tbZvKOifwBj1xOC8pUKrKHqAYe70RffYK6tlElz0EXEJRvKk2-qI2t8g2jbiJ-u5VPyUR0bKeneZ6OUk58RoU_REPw_AkgXrp2dN_UAkSM9m7HzfLjOE9z-d3ruNKJXtqh5j3fAFj7Z_-N3rw-pJ4Rijc8Wa8tV6z2TABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNrZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_3OaKHVAhQ1ga1ASKPV50dinAxHkw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-Adr0or5_wpsU-T-hWvUQWFBeI5TWJZicSTy6czLs49iPT2NkXJJwvPNGV8R8FQpFzM_QJzYt8a3zBiMojXn5Cvz20Dtwi44jc7prykGJzg9l3NIC741Tt2cSG-CHo4DBL3FubOnL00eEZ90BeWOY2zgr3Sp3AxRRO3Q9U8XWMWya_ZiUU%2526cry%253D1%2526dbm_d%253DAKAmf-BT5VcTK1d_TJfV7ehqz3VNCUsenITqD9BmWW2h5YYo3E4F85UZcomUkAFIo48myqbcGCbstiOObIFx8041K4aUe5jCKK8Iu5xmPqrSwDqZ7hvtFbGfKy71vi7s_WZL5sFO3OpRFCFp4rA8zQKm4YGxUrgYT6uA8F3VqWvMpAD2hx177l33VlNMI7AmbWWH07o398mN5CS84GMqmIwxdvmigoPm19OLEELhGk5p0rP-krf00TzwvB5qlFTIgCO0E3ly9Y_7qc-J1OGoS5IT6rZfxU3rxptQPcl9XkbmzowL19Y27x-_EmVxJgSYYMXLsSyrtyWeePHl5tj7CGnFWD612uUrmYj_yK3ITDJxXycYzE7cTG0H2_tm9zLYN0UEGw29yKFnebvg0bfj_FG9-CVs5EUXMKUxxkTKeYTNKkdEopKQQRssqbazJOWiloLPcLb04w1fzEJmJM6sCrD9sIrRlaROCXA_HOHb5aM-FY7zjJA_kVqeSQbn3mEnEHuRwKNouSpXg2KeZwVW9o-RTBGrWo4euvBNctgrqUihlqJp0FWilL8EYbePm3yCJzsM8lNrOKdA%2526adurl%253D&y=1&s=&z=0
Frame ID: 366B49AE2D7B94B19B56F799EF0C7DEF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: A84C18F7E458445BFB818B531B479DFC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF23A2B1694BE86CBAF8870B378A540D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7025E96591082E72CAD76120D6A80571
Requests: 2 HTTP requests in this frame

Frame: https://ndirect.ppro.de/pvtr?v=307dnAeB2&vid=d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
Frame ID: 134016D18259568FFEA790C7849D8004
Requests: 2 HTTP requests in this frame

Frame: https://ndirect.ppro.de/pvtr?v=307dnAhd2&vid=d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
Frame ID: 59C03068FAD2189551673FECF460061D
Requests: 2 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 71EEBAE71295D840509524CD670CBAD6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGP-h-4ICMAE&v=APEucNVmQtE1flCTqenzR_Vehwigc95sxTOa1fvAz3LHB6OT6apt0GZj-aDy8SOVkOBhJio2RS3fOYfXmpxOtSoSDXxkXwsaLzclJT5xr82LDLYUzxHGnak
Frame ID: EB986E01D22F4C1415A81656118205BA
Requests: 4 HTTP requests in this frame

Frame: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Frame ID: 7DA92CFCFF3FD369FB95583004D2B4C7
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6048B9EDC2AC6135A684271436066EF5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7573730BBB2E07FA7C5A5B9A8022F7E0
Requests: 3 HTTP requests in this frame

Frame: https://playercdn.jivox.com/1700114009/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Frame ID: C7D02391704347D2309F00C27D1FBC61
Requests: 11 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17AC0B9B618E4790A4E325FA4D61D791
Requests: 14 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D1A1E12915CBD1736497CFEA306AE84B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNWN65F3SchOCTpCb68Fudun0izTIj9jT-xqHYalnZHZVhMWwS5_-M-BWECJuENbwB7pBrO3Q_Z6nPmkCIbGpK_diZAQeKCgVMVICMnafb75IUyzDeg
Frame ID: 6459C9EE7D13394F33C6A0406FF37CEE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD2096C3B3B57FBA98C97C9B8C5A3E2E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVYHlkQZ1o1UHjmnA7mOtWgNEJXYO4SQ2iWdyWuX3TNRw_S44j_KLhxi7bgV0aZbK61Pj0vtmdXFVw3tNyvYUZYqA9cccfLhJL_iejPbqjsepISV5A
Frame ID: 8B2FBEAAE656A307EC12AEFDA2BD216B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8F53EFFA39A2A2A27FF527E9B1394C22
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
Frame ID: 93D86B5FC70338EC240C3CD2776442B1
Requests: 24 HTTP requests in this frame

Frame: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F2AAEE7C07D2BF7666DB114F4AC85D77
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AF951C65CFDA3788B51C838C0CE1853E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNUEQredbHSiJsVD98qR-uEmTD4LGAVT03osKLDOKsWwHGXnDfmcHgjYibyJM41I8Fd-DXX8z_u-0slf04NfcAPD9Od3OerJDM7UKgetyNGbGmsf4m0
Frame ID: DFD745C6B0C52839306CAD4EB1069304
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CB7BC3E729525FC4EDB20F2CC62099E3
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
Frame ID: E4F80858F40DF8C07EB253CC8321B0A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44D541845FECE608B0A3E89CB8003B3D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BB5A173B30123CAB8EE51F728BCBDE29
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250
Frame ID: 6CFEC91CD6B3FA07036CF9768523E288
Requests: 13 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: 2DF2396C59CE17D06ABBA03F93C36AF5
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: E5BC3BCA02A42DCC7BA1B18C57A2C32D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yahoo | Mail, Weather, Search, Politics, News, Finance, Sports & Videos

Page URL History Show full URLs

http://gamadshub.com/ HTTP 302
https://yahoo.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

526
Requests

91 %
HTTPS

38 %
IPv6

50
Domains

86
Subdomains

59
IPs

12
Countries

10307 kB
Transfer

22294 kB
Size

54
Cookies

295 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/
Title: Today's news

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/us/
Title: US

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/politics/
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/world/
Title: World

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/reviews-deals/
Title: Reviews and Deals

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/audio/
Title: Audio

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/computing/
Title: Computing

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/gaming/
Title: Gaming

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/home/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/phones/
Title: Phones

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/science/
Title: Science

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/tech/tvs/
Title: TVs

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/weather/
Title: Weather

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/science/
Title: Science

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/elections/
Title: Elections

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/originals/
Title: Originals

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/tagged/360/
Title: The 360

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/
Title: Finance

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/portfolios/
Title: My portfolio

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/portfolio/p_1/view/v1
Title: My watchlist

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/stock-market-news/
Title: Stock market

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/economic-news
Title: Economic

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/earnings
Title: Earnings

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/crypto/
Title: Crypto

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/live/politics/
Title: Politics

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/bidenomics/
Title: Biden economy

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/personal-finance-news
Title: Personal finance

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/calendar/
Title: Markets

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/most-active/
Title: Stocks: most actives

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/gainers/
Title: Stocks: gainers

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/losers/
Title: Stocks: losers

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/trending-tickers/
Title: Trending tickers

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/commodities/
Title: Futures

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/world-indices/
Title: World indices

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/bonds/
Title: US Treasury bonds

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/currencies/
Title: Currencies

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/crypto/
Title: Crypto

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/etfs/
Title: Top ETFs

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/mutualfunds/
Title: Top mutual funds

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/options/highest-open-interest/
Title: Highest open interest

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/options/highest-implied-volatility/
Title: Highest implied volatility

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/currency-converter/
Title: Currency converter

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/
Title: Sectors

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/basic-materials/
Title: Basic materials

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/communication-services/
Title: Communication services

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/consumer-cyclical/
Title: Consumer cyclical

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/consumer-defensive/
Title: Consumer defensive

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/energy/
Title: Energy

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/financial-services
Title: Financial services

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/healthcare/
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/industrials/
Title: Industrials

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/real-estate/
Title: Real estate

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/technology/
Title: Technology

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/sectors/utilities/
Title: Utilities

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener
Title: Screeners

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/watchlists/
Title: Watchlists

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/new
Title: Equities

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/etf/new
Title: ETFs

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/future/new
Title: Futures

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/index/new
Title: Index

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/mutualfund/new
Title: Mutual funds

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/analyst_ratings/new?ncid=dcm_320339942_490172245_127172993
Title: Analyst rating screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/tradingcentral_event/new?ncid=dcm_320544712_490172245_127172993
Title: Technical events screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/institutional_interest/new?ncid=dcm_320344326_490172245_127172993
Title: Smart money screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/institutional_holdings/new?ncid=dcm_320545006_490172245_127172993
Title: Top holdings screener

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/personal-finance/
Title: Personal finance

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-credit-card-interest-rates-193519877.html
Title: Credit card rates

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-credit-card-for-balance-transfer-213356438.html
Title: Balance transfer credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-business-credit-cards-181530428.html
Title: Business credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-cash-back-credit-cards-220845639.html
Title: Cash back credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-rewards-credit-card-203736692.html
Title: Rewards credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-travel-credit-card-203950032.html
Title: Travel credit cards

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/find-best-cd-rates-165749654.html
Title: CD rates

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/find-best-checking-accounts-234120614.html
Title: Checking accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-online-checking-account-180614848.html
Title: Online checking accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-high-yield-savings-account-rates-203648059.html
Title: High-yield savings accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/high-yield-money-market-accounts-170614474.html
Title: Money market accounts

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/best-personal-loans-202034980.html
Title: Personal loans

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/are-federal-or-private-loans-better-175200294.html
Title: Student loans

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/personal-finance/how-to-buy-a-house-in-2023-144721139.html
Title: Home buying

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/taxes/
Title: Taxes

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/videos
Title: Videos

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/etf-report
Title: ETF report

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/fa-corner
Title: FA corner

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/topic/options-pit/
Title: Options pit

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/plus/finance?ncid=dcm_306158762_490172245_127172993
Title: Finance Plus

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/user-insights?ncid=dcm_306158750_490172245_127172993
Title: Community

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/research/trade-ideas?ncid=dcm_306158753_490172245_127172993
Title: Investment ideas

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/research?ncid=dcm_306158756_490172245_127172993
Title: Research reports

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/webinars
Title: Webinars

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/predefined/ms_basic_materials/
Title: Industries

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/
Title: Sports

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/fantasy/
Title: Fantasy

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/fantasy/news/
Title: News

Search URL Search Domain Scan URL

URL: https://football.fantasysports.yahoo.com/
Title: Fantasy football

Search URL Search Domain Scan URL

URL: https://bestball.fantasysports.yahoo.com/
Title: Best Ball

Search URL Search Domain Scan URL

URL: https://football.fantasysports.yahoo.com/pickem
Title: Pro Pick 'Em

Search URL Search Domain Scan URL

URL: https://football.fantasysports.yahoo.com/college
Title: College Pick 'Em

Search URL Search Domain Scan URL

URL: https://baseball.fantasysports.yahoo.com/
Title: Fantasy baseball

Search URL Search Domain Scan URL

URL: https://hockey.fantasysports.yahoo.com/
Title: Fantasy hockey

Search URL Search Domain Scan URL

URL: https://basketball.fantasysports.yahoo.com/
Title: Fantasy basketball

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/fantasy/mobile/
Title: Download the app

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/dailyfantasy/
Title: Daily Fantasy

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/draft/
Title: Drafts

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/injuries/
Title: Injuries

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/super-bowl/
Title: Super Bowl

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nfl/gamechannel/
Title: GameChannel

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/nfl/
Title: Video

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/mlb/
Title: Video

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/world-baseball-classic/
Title: World Baseball Classic

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/draft/
Title: Drafts

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/injuries/
Title: Injuries

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/nba/
Title: Video

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nba/playoffs/
Title: Playoffs

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/players/
Title: Players

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/odds/
Title: Odds

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nhl/stanley-cup-playoffs/
Title: Playoffs

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/
Title: Soccer

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/premier-league/
Title: Premier League

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/mls/
Title: MLS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/nwsl/
Title: NWSL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/ligamx-clausura/
Title: Liga MX

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/concacaf-league/
Title: CONCACAF League

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/champions-league/
Title: Champions League

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/la-liga/
Title: La Liga

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/serie-a/
Title: Serie A

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/bundesliga/
Title: Bundesliga

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/ligue-1/
Title: Ligue 1

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/soccer/world-cup/
Title: World Cup

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/
Title: College football

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/news/
Title: News

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/scoreboard/
Title: Scores and schedules

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/standings/
Title: Standings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/rankings/
Title: Rankings

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/stats/
Title: Stats

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-football/teams/
Title: Teams

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mma/
Title: MMA

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/wnba/
Title: WNBA

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/sportsbook/
Title: Sportsbook

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/tennis/
Title: Tennis

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/nascar/
Title: NASCAR

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-basketball/
Title: NCAAB

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/college-womens-basketball/
Title: NCAAW

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/boxing/
Title: Boxing

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/usfl/
Title: USFL

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/cycling/
Title: Cycling

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/indycar/
Title: Indycar

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/olympics/beijing-2022
Title: Olympics

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/horse-racing/
Title: Horse racing

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/mlb/gamechannel/
Title: GameChannel

Search URL Search Domain Scan URL

URL: https://n.rivals.com/
Title: Rivals

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/podcasts/
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/syndication/
Title: RSS

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/jobs/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://help.yahoo.com/kb/sports-news
Title: Help

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/news/
Title: More news

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/celebrity/
Title: Celebrity

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tv/
Title: TV

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/movies/
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/music/
Title: Music

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tagged/how-to-watch/
Title: How To Watch

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tagged/interviews/
Title: Interviews

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/tagged/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/shopping/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/
Title: Life

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/covid
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/fall-allergies
Title: Fall allergies

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/do-i-need-to-worry
Title: Health news

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/mental-health
Title: Mental health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/relax
Title: Relax

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/sexual-health
Title: Sexual health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/study
Title: Studies

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/the-unwind/
Title: The Unwind

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/parenting/
Title: Parenting

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/family-health
Title: Family health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/so-mini-ways/
Title: So mini ways

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/style-beauty
Title: Style and beauty

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/it-figures
Title: It Figures

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/unapologetically
Title: Unapologetically

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/horoscope/
Title: Horoscopes

Search URL Search Domain Scan URL

URL: https://shopping.yahoo.com/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/best-of/
Title: Buying guides

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/food/
Title: Food

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://autos.yahoo.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/terms?locale=en-US
Title: Terms

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/privacy-policy?locale=en-US
Title: Privacy

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/privacy-dashboard?locale=en-US
Title: Privacy Dashboard

Search URL Search Domain Scan URL

URL: https://yahoo.uservoice.com/forums/925969?browser=chrome&bucket=&location=US&os=mac+os+x&partner=none&rid=fssMH6Pv
Title: Feedback

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/?p=dnr
Title: USEnglish

Search URL Search Domain Scan URL

URL: https://espanol.yahoo.com/?p=dnr
Title: US y LATAMEspañol

Search URL Search Domain Scan URL

URL: https://au.yahoo.com/?p=dnr
Title: AustraliaEnglish

Search URL Search Domain Scan URL

URL: https://ca.yahoo.com/?p=dnr
Title: CanadaEnglish

Search URL Search Domain Scan URL

URL: https://qc.yahoo.com/?p=dnr
Title: CanadaFrançais

Search URL Search Domain Scan URL

URL: https://de.yahoo.com/?p=dnr
Title: DeutschlandDeutsch

Search URL Search Domain Scan URL

URL: https://hk.yahoo.com/?p=dnr
Title: 香港繁中

Search URL Search Domain Scan URL

URL: https://malaysia.yahoo.com/?p=dnr
Title: MalaysiaEnglish

Search URL Search Domain Scan URL

URL: https://sg.yahoo.com/?p=dnr
Title: SingaporeEnglish

Search URL Search Domain Scan URL

URL: https://tw.yahoo.com/?p=dnr
Title: 台灣繁中

Search URL Search Domain Scan URL

URL: https://uk.yahoo.com/?p=dnr
Title: UKEnglish

Search URL Search Domain Scan URL

URL: https://legal.yahoo.com/us/en/yahoo/privacy/adinfo/index.html
Title: About our ads

Search URL Search Domain Scan URL

URL: https://www.adtech.yahooinc.com/advertising/solutions
Title: Advertising

Search URL Search Domain Scan URL

URL: https://www.yahooinc.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/originals/
Title: Originals

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/tagged/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/style-beauty/
Title: Style and beauty

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/videos/
Title: Videos

Search URL Search Domain Scan URL

URL: https://finance.yahoo.com/screener/
Title: Screeners

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/newsletters/yahoo-sports-am/
Title: Yahoo Sports AM

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/everything/world/
Title: Editions

Search URL Search Domain Scan URL

URL: https://mail.yahoo.com/
Title: Mail

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/?.lang=en-US&src=homepage&.done=https%3A%2F%2Fyahoo.com%2F%3F&pspid=2023538075&activity=ybar-signin
Title: Sign in

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/plus?ncid=mbr_ryhacqnav00000038
Title: Yahoo Plus

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/everything/
Title: More...

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/see-retired-alabama-football-coach-145824945.html

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/report-patriots-hire-jerod-mayo-134250356.html

Search URL Search Domain Scan URL

URL: https://sports.yahoo.com/michael-jordan-delivers-message-light-012031189.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/trump-said-damaging-him-experts-140808805.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/jared-leto-ate-energy-bar-132916788.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/woman-reminds-us-careful-first-113000817.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/debate-coach-one-candidate-got-142627588.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/trans-man-shared-interacts-men-141603666.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/ben-affleck-jennifer-lopez-both-165310273.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/amy-schumer-unveils-topless-selfie-015858255.html
Title: Amy Schumer Unveils Topless Selfie With “40 Extra Lbs”

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/olympian-leryn-franco-si-swim-015000800.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/us-strikes-in-yemen-an-iowa-caucuses-preview-and-the-new-mean-girls-movie-133101744.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/florida-woman-kept-baby-alleged-090014485.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/lifestyle/abby-dahlkemper-athleticism-prepared-her-192700475.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/former-nfl-star-michael-irvin-182209115.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/looks-alabama-barker-may-just-142234864.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/joe-biden-flips-donald-trumps-112314924.html

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/entertainment/watch-matthew-mcconaughey-jimmy-fallon-091747594.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/way-fumble-bag-erik-spoelstra-194404796.html

Search URL Search Domain Scan URL

URL: https://news.yahoo.com/chosen-one-why-experts-campaign-104503999.html

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Jerod+Mayo&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 1.Jerod Mayo

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Donald+Trump&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 2.Donald Trump

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Nick+Saban&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 3.Nick Saban

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Yemen&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:flameTn,b:
Title: 4.Yemen

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=MLB+Trade+Rumors&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 5.MLB Trade Rumors

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Rand+Paul&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 6.Rand Paul

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Isabella+Strahan&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 7.Isabella Strahan

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Top+Gun+3&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 8.Top Gun 3

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Golden+State+Warriors&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 9.Golden State Warriors

Search URL Search Domain Scan URL

URL: https://search.yahoo.com/search?p=Annie+Nightingale&fr=fp-tts&fr2=p:fp,m:tn,ct:all,kt:org,pg:1,stl:txt,b:
Title: 10.Annie Nightingale

Search URL Search Domain Scan URL

URL: https://twitter.com/yahoo
Title: twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/yahoo
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yahoo/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/yahoo
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@yahoonews
Title: tiktok

Search URL Search Domain Scan URL

URL: https://www.adtech.yahooinc.com/advertising/solutions/dsp
Title: Advertise

Search URL Search Domain Scan URL

URL: https://help.yahoo.com/kb/account
Title: Help

Search URL Search Domain Scan URL

URL: https://yahoo.uservoice.com/forums/341361-yahoo-home?browser=chrome&bucket=900,seamless&os=mac%20os%20x&partner=none&location=US&rid=fssMH6Pv
Title: Feedback

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gamadshub.com/ HTTP 302
https://yahoo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 172

https://pixel.adsafeprotected.com/rfw/st/1878143/77329995/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015240955&ias_pubId=pub-2305304999188653&ias_chanId=1&ias_placementId=20877959484&bidurl=https://yahoo.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g4ipoTsjpFcq71NXK7wGJ6 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 191

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFaksOAlyC6p6W0YECEuwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFakngeaQzMdCR5goDCdgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 197

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFakngeaQzMdCR5goDCdgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 234

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=602750680&gdpr=0&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=602750680&gdpr=0&gdpr_consent=

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 320

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFakngeaQzMdCR5goDCdgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

Request Chain 334

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEApK9-XpRgT2UeKxpsxhdnU&google_cver=1&google_push=AXcoOmQag-yz98WVruucOcwsnHNOhwMj1YDWYPEZVvsbbasUy67KbNOq1HI7SHadfqjMailbZyKGnE2wrV7BUtXmXuYeZQsS2Yo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQag-yz98WVruucOcwsnHNOhwMj1YDWYPEZVvsbbasUy67KbNOq1HI7SHadfqjMailbZyKGnE2wrV7BUtXmXuYeZQsS2Yo

Request Chain 336

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPURSNBpocViiytgrxCuRgI&google_cver=1&google_push=AXcoOmTNAUeMcPYIXVyppJ_qldKkXQ7rgIoOzTo_Xhhxzql7PvSPcDoQpYFgLXPmbJDgUnNE9vIGZiGziLx_mWd5cT7vOz_NAxdI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNAUeMcPYIXVyppJ_qldKkXQ7rgIoOzTo_Xhhxzql7PvSPcDoQpYFgLXPmbJDgUnNE9vIGZiGziLx_mWd5cT7vOz_NAxdI

Request Chain 338

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHYypYDpaAj27e23qfUI6Nc&google_cver=1&google_push=AXcoOmQ1qW_ckgy6EwCXOXxdIdsB_b-U6XiLCQK96cAfw0vUBUGh0jIey9VbHcGTivmVKuC3Quf7yAVl7RmzQIaXahdADpUrWJrm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ1qW_ckgy6EwCXOXxdIdsB_b-U6XiLCQK96cAfw0vUBUGh0jIey9VbHcGTivmVKuC3Quf7yAVl7RmzQIaXahdADpUrWJrm HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 339

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMEByO7h-Fmi9_OAm26JQ3Q&google_cver=1&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4SubBUq2DDaxBmfUsY9XouFdrdg HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMEByO7h-Fmi9_OAm26JQ3Q&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4SubBUq2DDaxBmfUsY9XouFdrdg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4SubBUq2DDaxBmfUsY9XouFdrdg&google_hm=NDNnSlYxXzdwZ0pFY0xrS2hsMGQ=

Request Chain 391

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENJUNQuNjN6ME9eGzONiqhw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESENJUNQuNjN6ME9eGzONiqhw%26google_cver%3D1

Request Chain 392

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzOTQyODUxNjU5MTg5OTEy

Request Chain 393

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECbSFa5utNzF6R8dVBMCC-U&google_cver=1&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbSFa5utNzF6R8dVBMCC-U&google_cver=1&gdpr=0

Request Chain 394

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI3MDJlYWUtNDhkYS0yYThlLWQ1ZWYtMzIwZjAyM2UxY2E1

Request Chain 395

https://s.uuidksinc.net/match/47/?remote_uid=CAESEB9l9irV4OIWT-sorYsBRlA&c_param1=AXcoOmT9gAcDOY2VwP7Tp-p0bIWqIn11sOZhnnzMuHUFeoF4wBjDI-s32Dq504o2pRLcqiyGGK56QIjeppB3YP5vT7km7PAk1laQmQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmT9gAcDOY2VwP7Tp-p0bIWqIn11sOZhnnzMuHUFeoF4wBjDI-s32Dq504o2pRLcqiyGGK56QIjeppB3YP5vT7km7PAk1laQmQ

Request Chain 396

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELrW9amwgzLm6Hy78wwxuPM&google_cver=1&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCfGzdelb6a2gyOp6voWKvNW5noTsQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELrW9amwgzLm6Hy78wwxuPM&google_cver=1&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCfGzdelb6a2gyOp6voWKvNW5noTsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCfGzdelb6a2gyOp6voWKvNW5noTsQ

Request Chain 398

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkSq9JJqJKNJIME4BDv8hs&google_cver=1&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YCgJbW1NJgWbNjg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkSq9JJqJKNJIME4BDv8hs&google_cver=1&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YCgJbW1NJgWbNjg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YCgJbW1NJgWbNjg&google_hm=H-sgAGZHYRlCP0A6R46JXCHb

Request Chain 399

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQGerf5RSbp8BYLiXEJM876iP9wmlFEAF64QnEPgcSKA0H99p21JNLSMaQv9AI0_xi1rBNJmII8VRxLLQYjLzggOpiQhySipC0&google_gid=CAESED8BKkeBH_gf6IUdCMELjeo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED8BKkeBH_gf6IUdCMELjeo&google_hm=T1BVYzNhNTc2OTkwZjM3NDE3NmIwMzE2ZWJlYjRmYjhlZjE&google_nid=opera_norway_as&google_push=AXcoOmQGerf5RSbp8BYLiXEJM876iP9wmlFEAF64QnEPgcSKA0H99p21JNLSMaQv9AI0_xi1rBNJmII8VRxLLQYjLzggOpiQhySipC0

Request Chain 400

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEl1v5h_oF_9os3L5xvPw6E&google_cver=1&google_push=AXcoOmTft9fYwNUPO-DR28hyGwdIfW18hcSPz_8cODQcFCz1NA2Nz1XiMUN9sFINyP6hKjWC9w2r_gHLN6bGsSq7kJol1TrqnvTsQck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTft9fYwNUPO-DR28hyGwdIfW18hcSPz_8cODQcFCz1NA2Nz1XiMUN9sFINyP6hKjWC9w2r_gHLN6bGsSq7kJol1TrqnvTsQck HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 401

https://sync.gonet-ads.com/match/google?google_gid=CAESENwQNm8z8ofjJUb32FEM9qc&google_cver=1&google_push=AXcoOmQXBD1xf6hRhGLkioMeo8-fGWKPkeD58jYMVc84bGlZjrjcdIrMNalCIrY3Rjb6jFMNfpHeQ0DsjTcBC9WpX5XYGc9F0lXu73o HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESENwQNm8z8ofjJUb32FEM9qc&google_cver=1&google_push=AXcoOmQXBD1xf6hRhGLkioMeo8-fGWKPkeD58jYMVc84bGlZjrjcdIrMNalCIrY3Rjb6jFMNfpHeQ0DsjTcBC9WpX5XYGc9F0lXu73o&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NjlhNDZmZDYyZmUzNzEwNg&google_push=AXcoOmQXBD1xf6hRhGLkioMeo8-fGWKPkeD58jYMVc84bGlZjrjcdIrMNalCIrY3Rjb6jFMNfpHeQ0DsjTcBC9WpX5XYGc9F0lXu73o HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NjlhNDZmZDYyZmUzNzEwNg&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 431

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0

Request Chain 433

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0

Request Chain 451

https://pixel.adsafeprotected.com/rfw/st/1878143/77329995/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015562965&ias_pubId=pub-2305304999188653&ias_chanId=1&ias_placementId=20888172922&bidurl=https://yahoo.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jDvfm8NUyUoNuY0o8AGduz HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 457

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKR4xbUkHOG2y7j6fBTcJs8&google_cver=1&google_push=AXcoOmQpGAF-0zt1ztvQuSnXmGeBBBBd9mVS62dVadzE1-nevaBrkX0_O1HFOLAJuF45VrnHFfzu_2ulYxKeAUiZfmaJJ09nEZFjiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQpGAF-0zt1ztvQuSnXmGeBBBBd9mVS62dVadzE1-nevaBrkX0_O1HFOLAJuF45VrnHFfzu_2ulYxKeAUiZfmaJJ09nEZFjiA&google_hm=NDNnSlYxXzdwZ0pFY0xrS2hsMGQ=

Request Chain 458

https://ads.yieldmo.com/exptsync?google_gid=CAESEFVdV-g3M5MuGRf5asNzSDs&google_cver=1&google_push=AXcoOmTTjn0UvrPaOYAeXN-UHOwx4ImpOs7cm1nyDD19mNGELcFl49bvcZEn3BmoYb3IoQfL5lzXO8r0BVz-KF0N1fGNOkJrnnKTCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTTjn0UvrPaOYAeXN-UHOwx4ImpOs7cm1nyDD19mNGELcFl49bvcZEn3BmoYb3IoQfL5lzXO8r0BVz-KF0N1fGNOkJrnnKTCA&google_hm=VkV6XzdjY1FRWWNIeWRESWF3RHA=

Request Chain 459

https://cs.media.net/cksync?type=g&google_gid=CAESEFGNnYqO8OPVnoaJYod5omA&google_cver=1&google_push=AXcoOmQGxuVpvAHoIleQuyA0czxGwJwJbiTbOms5Im7EwDOxH4Gbz_GpP9XliEbVRY_9hsUWCxxXEm4zg9sDI9rOXPD6fFxcZcgQFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&mn_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQGxuVpvAHoIleQuyA0czxGwJwJbiTbOms5Im7EwDOxH4Gbz_GpP9XliEbVRY_9hsUWCxxXEm4zg9sDI9rOXPD6fFxcZcgQFw&gdpr=&gdpr_consent=

Request Chain 460

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENjXAtIiJJP6iZwho-5YX7U&google_cver=1&google_push=AXcoOmR8ezvOioRc13lTgLeYI1AQY_sozL-BTbqccKVEmb5_vxllEBFfe4RdR3TC9XzfObKBZShSvtLfqqR8FVJJoMp79XjEPkyiIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR8ezvOioRc13lTgLeYI1AQY_sozL-BTbqccKVEmb5_vxllEBFfe4RdR3TC9XzfObKBZShSvtLfqqR8FVJJoMp79XjEPkyiIQ&google_hm=MjY1ODI0MzAwODY4ODEwNzE0Mg==

Request Chain 461

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHYypYDpaAj27e23qfUI6Nc&google_cver=1&google_push=AXcoOmRD8Xoh1wTb5QVCoC8Cx4b7ZED9g1lqdSc29I8y9BW4o5WQRpaqMAghygNT3Ufswqs7jjjIQsbssoKXl982KYia3RXLuwQXE5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRD8Xoh1wTb5QVCoC8Cx4b7ZED9g1lqdSc29I8y9BW4o5WQRpaqMAghygNT3Ufswqs7jjjIQsbssoKXl982KYia3RXLuwQXE5g HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 462

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEl1v5h_oF_9os3L5xvPw6E&google_cver=1&google_push=AXcoOmQ_zp9Y75Y7k3iyo8rrtr8HmT7ZJbMPAeCCwc10LoKKKhiPBuFuaok5oLl6PvfPnt8dD2e33QP1UJbabMgrF2PnyDVBVEC_zCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ_zp9Y75Y7k3iyo8rrtr8HmT7ZJbMPAeCCwc10LoKKKhiPBuFuaok5oLl6PvfPnt8dD2e33QP1UJbabMgrF2PnyDVBVEC_zCA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 467

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0

Request Chain 469

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0

Request Chain 487

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDFKTydRY7nwZHa7bcmY14k&google_cver=1&google_push=AXcoOmTvgQFjQrK67YSt4FyGT2Qxy8ywpk8wm_bFeatYPvnBm8LenzjNIqBv21vMmaAzKdTDDWRpQdj8VkmxJyHB9p-vcqgvI4Z6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvgQFjQrK67YSt4FyGT2Qxy8ywpk8wm_bFeatYPvnBm8LenzjNIqBv21vMmaAzKdTDDWRpQdj8VkmxJyHB9p-vcqgvI4Z6&google_hm=jjNhljSbT62gQgPLVyR2W4M

Request Chain 488

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELrZgGbdBkCxItWHX1uFdSA&google_cver=1&google_push=AXcoOmTQpEIQ0Mjf1UGM8iPUP2GvjeB0QtJ2EZp5coZQIgwPlWMCFM_0_82ZlIVVLPBqq8E6yrcbY4j7fSm0G7nbBwuKRruXZRJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMzIzNDE1NTI3NTU0ODgxMQ%3D%3D&google_push=AXcoOmTQpEIQ0Mjf1UGM8iPUP2GvjeB0QtJ2EZp5coZQIgwPlWMCFM_0_82ZlIVVLPBqq8E6yrcbY4j7fSm0G7nbBwuKRruXZRJg

Request Chain 489

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPURSNBpocViiytgrxCuRgI&google_cver=1&google_push=AXcoOmR_0ywx91-RTtdh4x7s_7idIxo_FndweaSsaW20CBiSMkGY5AG5SbsEIdl9xZd9QYkCFsx9EG6ZoMZ1vjcdZYp4gjA8Sl8X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmR_0ywx91-RTtdh4x7s_7idIxo_FndweaSsaW20CBiSMkGY5AG5SbsEIdl9xZd9QYkCFsx9EG6ZoMZ1vjcdZYp4gjA8Sl8X

Request Chain 490

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELrW9amwgzLm6Hy78wwxuPM&google_cver=1&google_push=AXcoOmS9C9HJfMqGx-zG1Bf7XINBSrvjdA-X0ktYqT00O5E3qH-ZlTaslZESqwW3rUdNSGmeN1MjGO2J5_PI_uR1peou2UfhkrY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmS9C9HJfMqGx-zG1Bf7XINBSrvjdA-X0ktYqT00O5E3qH-ZlTaslZESqwW3rUdNSGmeN1MjGO2J5_PI_uR1peou2UfhkrY

Request Chain 491

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC8roCxpD002UriVGit3SkY&google_cver=1&google_push=AXcoOmSwYXRnDF5pbGeByQPVjHUUSUfSEd0WUcRzX0Qx1anOtkkMTUUFjGJ2N-FBZPHE-neXNvGY6hvZz7rbP8wmMDEPG-YMQrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBU01SSFItMjMtRkJZOA==&google_push=AXcoOmSwYXRnDF5pbGeByQPVjHUUSUfSEd0WUcRzX0Qx1anOtkkMTUUFjGJ2N-FBZPHE-neXNvGY6hvZz7rbP8wmMDEPG-YMQrw

Request Chain 493

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBupF1kC-OId9QjJTNjw2p8&google_cver=1&google_push=AXcoOmToW5pyCK4JpmFAaAjzK6k8S-QK2tC5u8k-mGb_T2BNzNtQpB1r1dhnmqm8qRucRjYJLEAsvW2KqPAyhN29Eoi7epluKoP9Dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzIzOTQyODUxNjU5MTg5OTEy&google_gid=CAESEBupF1kC-OId9QjJTNjw2p8&google_cver=1&google_push=AXcoOmToW5pyCK4JpmFAaAjzK6k8S-QK2tC5u8k-mGb_T2BNzNtQpB1r1dhnmqm8qRucRjYJLEAsvW2KqPAyhN29Eoi7epluKoP9Dw

Request Chain 498

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1705073321966 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=COn3vY2V2IMDFUeS_QcdIkQJ1g;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1705073321966

526 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
yahoo.com/
Redirect Chain

http://gamadshub.com/
https://yahoo.com/?

1 MB
224 KB

540ms
177ms

Document
text/html

2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

48723c58d2524d7d5c47c2ddcab4a44ca757a689c5faaf90d37dfbbdfc808b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39
cache-control: no-store, no-cache, max-age=0, private
content-encoding: gzip
content-length: 229322
content-type: text/html; charset=utf-8
date: Fri, 12 Jan 2024 15:27:38 GMT
expires: -1
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
x-amz-cf-id: EYTVkidLgcs5hX5ZdQc6pw1F6EXbh_oHWRcVIOWBMiNsMtgaPzVNkw==
x-amz-cf-pop: SEA73-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84466da0080f6fb1-CDG
Connection: keep-alive
Content-Type: text/html
Date: Fri, 12 Jan 2024 15:28:15 GMT
Location: https://yahoo.com/?
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igYjCCy5KHTWQW6z41ICc15vqHUenjy6VaDl1Xx3JCO144AsYo%2F8q7KX2XEVFPmBQ1QjOkfCOqAOsX%2FIY99IW9AqHsof0%2BEeLDTaQBPxNfb9hVuR%2FVMqCsoM073CjnOZgUlzpS1J4BQ25vJ0"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET
H2 200 YahooSans-VF-Web.woff2
s.yimg.com/cv/apiv2/ngy-fonts/ 64 KB
64 KB 91ms
15ms Font
font/woff2 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/ngy-fonts/YahooSans-VF-Web.woff2

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Origin: https://yahoo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 04 Jan 2024 17:28:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NCNMQCEAHPARWHGK
age: 684011
x-amz-server-side-encryption: AES256
content-length: 65176
x-amz-id-2: JQNhBjvYlr+q+gHnEYbBvXjv/Ade1Jms/vxMc1mbu4fcoQJqzp65egdg8kthLsUFgtmx+afUxbU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 20:20:29 GMT
server: ATS
etag: "b4df4fce99e5a3c3d1493112a0159071"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 cmp.js Show response
s.yimg.com/aaq/cmp/version/6.4.0/ 181 KB
35 KB 55ms
23ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/cmp/version/6.4.0/cmp.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

79de39502b10f052460efec133b798596c4ea73661805e0baa3f3f6fe7ee480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 04:30:04 GMT
x-amz-version-id: 0NB5wIePnD6VDNLrorup848w_F2MnmT3
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: KS08R3PZ3CGDM1SM
age: 125893
x-amz-server-side-encryption: AES256
content-length: 34928
x-amz-id-2: Y/fCHDVjp9FgZLPg4hV0e4bNOAGBk0bxWzsh7RMnr93ssSrrWHVLAMeNdWyhg1WDOAjFRTEWQxU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Sep 2023 17:41:16 GMT
server: ATS
etag: "35600da82cda4dc8a32e3f3e3d3040f0-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 consent.js Show response
s.yimg.com/oa/ 83 KB
24 KB 83ms
51ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/oa/consent.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c8de53891633ecc5cb4cb6615e90af1358e813aded05d534a5e6060476df3a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 15:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: ND7S6R2FJ8CPBZHB
age: 184
x-amz-server-side-encryption: AES256
content-length: 24639
x-amz-id-2: BYIacqpqwgis+ZceG/95kH8wPH4bFqMgFwuYw0wsv8K2i7w/LDdqNzrV4zK4XHiDifOY7hqnTkw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Jan 2024 12:45:51 GMT
server: ATS
etag: "8b3e7199261258640a1ef846d809c8fe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes

GET
H2 200 tdv2-wafer-utils.customErrorHandler.bcda778b736c3a054af62f437b536e78.js Show response
s.yimg.com/aaq/fp/js/ 4 KB
2 KB 67ms
37ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/tdv2-wafer-utils.customErrorHandler.bcda778b736c3a054af62f437b536e78.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

892e2f5e07fef6de0428e4dcb284201b3d110c0a6f2d8ef899cd2cd2c61eb546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 17 Dec 2023 03:56:17 GMT
x-amz-version-id: 4nvcVa.IxmhX7xaj3DD1aoyDc2oHnofW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: WQ79PGBS010PB7AY
age: 2287921
x-amz-server-side-encryption: AES256
content-length: 1884
x-amz-id-2: 5BWmBUpFPyVauu+hqD4xA2OlBZ6u2gqrt75F7x/spgiNapR6Iz7dwKRVgogpMGPvZi0Z7IbDiZ4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Nov 2023 02:30:41 GMT
server: ATS
etag: "bcda778b736c3a054af62f437b536e78-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 fpDesktop.946c2da0001345c6100bc419deb301d7.js Show response
s.yimg.com/aaq/scp/js/ 17 KB
6 KB 83ms
53ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/scp/js/fpDesktop.946c2da0001345c6100bc419deb301d7.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f109f14c04f73b5ebea512c9710702c15d7b3e0a9dc05aa050279e8f7e9e753b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 16 Dec 2023 17:10:27 GMT
x-amz-version-id: MKsQB3Pwy5p9DJVayJq6316bnUJPGrhY
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: VVPCBP1A44ZX4AXT
age: 2326671
x-amz-server-side-encryption: AES256
content-length: 6369
x-amz-id-2: rgwDkgm9KYItObEutE1eQxxTkA5pT5YlRoO2Q7Y0SpCrfAvGq9oQnfiYuJqojanCTtbO4NqKijc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 26 Aug 2023 20:08:13 GMT
server: ATS
etag: "946c2da0001345c6100bc419deb301d7-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 benji-1.0.131.js Show response
s.yimg.com/aaq/benji/ 45 KB
15 KB 100ms
70ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/benji/benji-1.0.131.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

543abf25cf873829e6035fe50d2c251fc1f33e550cb0e85fc51a1fb19bf28235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 11:29:49 GMT
x-amz-version-id: xIeLET12O0pxWp7W2kKbgfWP0qA7SdNv
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TTV919GNJR3RA8VP
age: 14308
x-amz-server-side-encryption: AES256
content-length: 15284
x-amz-id-2: cnoNy0+vA9Dx8DAR3Fte/CeXMjSZ1DYR4Nal/qOs+6Jxi7rK4Blkl6IYhf5U1HIGZ3hObEjdfYrs6PFii6v/hUTwvLgdocs/
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Jan 2024 21:24:40 GMT
server: ATS
etag: "e16322cc098a2227314721c3cfad388d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-caas-1.35.4-modern.js Show response
s.yimg.com/aaq/wf/ 27 KB
9 KB 99ms
69ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-caas-1.35.4-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fd9675d041aa9e86d2435708a030c1d0d96e1074b5d7b584a82684348b2ad592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 11:19:16 GMT
x-amz-version-id: zA3zLb2bn.Pa69oXiA5lh1jLuGQ1SxJA
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YKNAJE91XE0SJK9C
age: 101342
x-amz-server-side-encryption: AES256
content-length: 8537
x-amz-id-2: ZoT9Q+LLGqn8+JR/9D3BmC81ftE30RJK/dPEFVt73wYRYLX8XFkEugqumuO7O059KVyLbiLeP1k=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Nov 2023 06:52:40 GMT
server: ATS
etag: "f9c3fd700f5c2dbb03768bf662c39211-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-toggle-1.15.4-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 97ms
68ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-toggle-1.15.4-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

4f06d94cb6038f42f5c8d59d369ab21c3c54643a544b0824582cb00ebb61dfb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 12:04:25 GMT
x-amz-version-id: HE26GDjTNsmXBUPJeKnrarkIBLKe8tee
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3QM7Z77EW0WXFJQX
age: 185033
x-amz-server-side-encryption: AES256
content-length: 3937
x-amz-id-2: rgtQ2ibJx8YQNXJtPGP1yAoreijzYhxcGaWoSIQz/GoTmH4bqyU6Rp2JBNvHCJywwuy9Evyk0Wc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Apr 2022 09:12:23 GMT
server: ATS
etag: "9ec69a2055c595f415eade096a476b0d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 react-wafer-featurebar.custom.modern.12732500bc8e47693f0d777bbe88001c.js Show response
s.yimg.com/aaq/fp/js/ 2 KB
946 B 97ms
67ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/react-wafer-featurebar.custom.modern.12732500bc8e47693f0d777bbe88001c.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a03f9a37e34771c42cf7930b2f466ea2077d149f6dba0e81982e7715a87dd8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 12 Jan 2024 13:55:36 GMT
x-amz-version-id: ktIqZY5t35wTM4d07XFqB.S0kDb7QpBg
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TNETMBXM2ZF0FXRB
age: 5561
x-amz-server-side-encryption: AES256
content-length: 671
x-amz-id-2: dY/hUW1d1d1jKuqBxDtY340INgqq7iNfC5fYuiJp8ZRdIY4LuY9Rsc4/D+jA38azpDJc67JJtSE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Aug 2022 04:32:27 GMT
server: ATS
etag: "12732500bc8e47693f0d777bbe88001c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-video-2.22.15-modern.js Show response
s.yimg.com/aaq/wf/ 30 KB
10 KB 98ms
69ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-video-2.22.15-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9a7394871abbfc5eaf0a8d34dbd3db6eb06ab1595ca124d31f640a6e9c77a90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 12 Jan 2024 14:43:09 GMT
x-amz-version-id: i2Xvn4CPausMO.IP89xsYvIHYgOU2NnO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NAHQBW7XQK70H8WW
age: 2708
x-amz-server-side-encryption: AES256
content-length: 9417
x-amz-id-2: TqlhLkBkSKZ2AZzEUZkATfI/XW7CIzATOXNN8lB53SmH2S0HhuBzU6UFZVH+O+D2DoOUNlCfsqeBJ/DL2TaI6A5Hhesd2cMIxO6Gjy0yugM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Aug 2023 18:04:39 GMT
server: ATS
etag: "698c2e383831b3e3fda6895026d87c5a-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-text-1.2.0-modern.js Show response
s.yimg.com/aaq/wf/ 3 KB
1 KB 90ms
61ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-text-1.2.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ca9998a600267dc2431abc077f8cf7a5476a46ee1e82d0c6f12bb17e512c3fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 12:12:42 GMT
x-amz-version-id: 8acCB8Oldv6HTX7VU3iQtZux9BoZJqhX
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NZQ9JW3WC47TD1S0
age: 184535
x-amz-server-side-encryption: AES256
content-length: 1245
x-amz-id-2: ToyNA0iaoOeqlp3TxuiKqvn+ZSRxxy5twE28jOfyuyvYFA5iKPlZZsFNx43C2LmQAXKzf5LlgXs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Aug 2021 06:24:25 GMT
server: ATS
etag: "956dabf4d28930bc42d934995b814d6d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-bind-1.1.3-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 81ms
52ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-bind-1.1.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c6d2343a147111e4f3881e468facc72da4582c6aaeff475d3371df3fa2576bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 16:50:48 GMT
x-amz-version-id: Qyt1s0oNtpHMZryrsEe7nbfplEXvu_oO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: F4VZQ54X58QW2BMJ
age: 81450
x-amz-server-side-encryption: AES256
content-length: 1343
x-amz-id-2: NOi6J5yFBy9VuJ+2Rt+sM83xCzd5Dsz15N3WmnOYA+5TdPxhqurLHRFebOhZT6RHOo8rfOd/+Ow=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jan 2022 10:14:03 GMT
server: ATS
etag: "9fba2531ffa6cb0b4d3d34c56c295495-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-image-1.4.0-modern.js Show response
s.yimg.com/aaq/wf/ 6 KB
3 KB 77ms
49ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-image-1.4.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d77e659299c397037513aff88093b64f6ce29994b94d99256ad84a7910c0ceb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 21:50:14 GMT
x-amz-version-id: kGIIRCHIdgWfcr_wSmm8v8C_z6K3HVA8
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EXG3QKZ6TZC9XHHR
age: 63483
x-amz-server-side-encryption: AES256
content-length: 2573
x-amz-id-2: EYTrtBJQvXW2rQJOStBrqO4uMSFLbim7dA2ZdQuWBwsGT9cCn1pwQZAuIwRtM8CiywSb/zwgJZE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Apr 2022 16:44:15 GMT
server: ATS
etag: "2e3968239b770b8186bb480d513311cd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-rapid-1.10.8-modern.js Show response
s.yimg.com/aaq/wf/ 12 KB
4 KB 79ms
51ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-rapid-1.10.8-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ee6ac88fcdda8e39410e1e291495b9f5adeb2ec3e95069fb4d50964093de53a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 02:30:03 GMT
x-amz-version-id: Q69wD21Xmgx79j1lWnoee6Lougj4LC2V
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 6TZYH1CA0JPABDQB
age: 133094
x-amz-server-side-encryption: AES256
content-length: 4030
x-amz-id-2: 0mwifM5E4X874/5U+tZe68Bun+XeRlTT9PfdKVuSFAwDqRr1AB1AMBetTlFRgXoCq8dg8lq/uDM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Nov 2023 07:51:34 GMT
server: ATS
etag: "ea64a20375abf74f7191d89062a7d4f4-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-beacon-1.3.4-modern.js Show response
s.yimg.com/aaq/wf/ 10 KB
3 KB 78ms
50ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-beacon-1.3.4-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

acf529f550f2fdaad913c10e6972344e43e07eae8d5aa57b96fa30ed7c07acc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 18:16:17 GMT
x-amz-version-id: tENZ6Ri2vrrjg96D4AX.qx653XeJQH2M
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: D2KZPPQ7BCP11Y18
age: 76320
x-amz-server-side-encryption: AES256
content-length: 3304
x-amz-id-2: MOrpZUWU2tObEs6R0mMiZvPywkbpF0WuZ+UNbFML4cfeohBzflkBbgA/WcCIXIFiMvofUHNBv6w=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Feb 2023 05:31:36 GMT
server: ATS
etag: "397b59e3eeca4f747ea1f6ff6323154c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-benji-1.1.3-modern.js Show response
s.yimg.com/aaq/wf/ 8 KB
3 KB 90ms
61ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-benji-1.1.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

5df38664779ae737ba7e379597410ae785f40b41914f8e912b48e76259b88935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 08 Jan 2024 13:55:31 GMT
x-amz-version-id: D6_gE0hdDgWzE0zXZDBC61nGy_dZFLNd
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 780D9KD99H8ZRMZJ
age: 351166
x-amz-server-side-encryption: AES256
content-length: 2828
x-amz-id-2: eNjlC2y1fbMKS9KncS2CoqMGbiJDs8nK2BqezZZ92GmR5f8qaMfDwY/jxP3mkeSpd3S+RpZD8EI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 23:22:13 GMT
server: ATS
etag: "66dd7e9082b2f37836df08d0c25d4947-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-fetch-1.19.1-modern.js Show response
s.yimg.com/aaq/wf/ 16 KB
6 KB 66ms
38ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-fetch-1.19.1-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f2c2013a67c8dd205e93ef40cf60da7b3bb48a075e7b649fde2b2f646b15896f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 21:56:10 GMT
x-amz-version-id: XcyEKreDz4JYLdlgGq65LAHV5Dsub3V6
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4RE7FAD6GFS9WDWG
age: 63127
x-amz-server-side-encryption: AES256
content-length: 5500
x-amz-id-2: +eQbpk883/JxDMnNzksp+dr7qqyuVkaTI0yokHCJQhiscxxVi+GpXZNqMG7fYrG0tsILWIwUGNQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Oct 2023 09:18:13 GMT
server: ATS
etag: "f085d6c42acb1394e457e463230de8ba-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-form-1.34.5-modern.js Show response
s.yimg.com/aaq/wf/ 13 KB
5 KB 78ms
50ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-form-1.34.5-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0291e42c6c243b4177e0331b6e3692a8e03e29a39852790ce81604a998872c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 08 Jan 2024 14:18:21 GMT
x-amz-version-id: DBytk3Q0UWhxEEWk9lh0GV23FbLhPzJr
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DKG1E6T5Q5085MDK
age: 349796
x-amz-server-side-encryption: AES256
content-length: 4727
x-amz-id-2: glpuQ0wsVo6fJArBRLvOZn31+E40d4ymMkw9J5WLa8oKRnobg4AGIp7fYdMzQyocdN1bunuizYk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Nov 2023 22:30:39 GMT
server: ATS
etag: "94d07daa349c254b35ffcda6e54cc754-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-countdown-1.2.5-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 65ms
37ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-countdown-1.2.5-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 12 Jan 2024 14:39:17 GMT
x-amz-version-id: CQ1lP8549yVnp28g4QLu9GcN8rB3ImgO
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: VZJCZN2F8FJZ00RX
age: 2940
x-amz-server-side-encryption: AES256
content-length: 1815
x-amz-id-2: zki88/DU+EMcV3EU43cIWhofZwRg/pSElHVgySTgdi3qhIIx4k6eF8at/RwpIGtAr87aW3H++pUBj8icEbpUomjLef7ZyIAQz69loLNARck=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Sep 2020 18:50:05 GMT
server: ATS
etag: "681d57e9e7cbef5de44544c13f8ca62e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 wf-scrollview-2.22.2-modern.js Show response
s.yimg.com/aaq/wf/ 34 KB
10 KB 91ms
64ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-scrollview-2.22.2-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a50cd765dc960512d033632139cd57336ac7e8db767ff7eec30c5355c75dc68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 04:44:42 GMT
x-amz-version-id: m9PASXvvA3rS5amqnDs07ZXOsIzuq8R4
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: YTE8C656R2E8BWC7
age: 125015
x-amz-server-side-encryption: AES256
content-length: 9597
x-amz-id-2: HkqHJi4yf+iat/RpqlyCtXA+3mmuCdJkj2By4XzPKc3EfptCBpdevZv7Fwa3C8uI28m6Ey1ZDxhbpoPzj2b1/A==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Jan 2024 01:37:50 GMT
server: ATS
etag: "84439433192fea5b2c6de991dbb908b0-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-lightbox-1.10.6-modern.js Show response
s.yimg.com/aaq/wf/ 14 KB
5 KB 92ms
64ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-lightbox-1.10.6-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ed22526f9adcdd172c698e0dfc9fa3ee064a96a27bed3335931c4b2bddf4eee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 16:55:55 GMT
x-amz-version-id: K.68hs0p5c2EOJjfXuKP9dx0XBa4hSTK
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4Q3GF2PBBAAFCT9H
age: 81143
x-amz-server-side-encryption: AES256
content-length: 4499
x-amz-id-2: aMSR3ubnNIg+fsr9bs0S0fDcX/jvIzt7cIzNOrLbbnl74W8PFQSC8TphOuFyo5S2ivTtcq9VQ5I=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Mar 2023 01:43:59 GMT
server: ATS
etag: "69831b2f7b26bc6dd6321c8dcde85968-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-action-1.8.1-modern.js Show response
s.yimg.com/aaq/wf/ 13 KB
5 KB 75ms
48ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-action-1.8.1-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f271bf73d0eefe04f56cb6390e07d7d2a4794787283d65221397b258cef040df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 13:44:01 GMT
x-amz-version-id: wiQ3AdVTneuswkykDVtSm3aaY9QhtZW9
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: Z8RXJR1TQKGG58PZ
age: 179056
x-amz-server-side-encryption: AES256
content-length: 4796
x-amz-id-2: Lhx7e2FxqraDlBQQ3+/leSJQl5smpMtBwDaRKzYYDDkuu78rTgzlMlHi+g7RhWYsoAJwazFArsmCTYi9iSH1LQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Dec 2023 17:55:26 GMT
server: ATS
etag: "4443a60b3d3645610c9e65b7cc9f15bb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-template-1.4.3-modern.js Show response
s.yimg.com/aaq/wf/ 8 KB
3 KB 76ms
49ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-template-1.4.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

79d954b80c39513a18ee1e0143d931ba9222b4c4794438f7bad23f9e0380cdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 08 Jan 2024 13:07:33 GMT
x-amz-version-id: h9L3Y9Rw_EkQ1yH8NskMO9BjqcI4jexa
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: RHJ38DKNB1JWYEZM
age: 354044
x-amz-server-side-encryption: AES256
content-length: 2562
x-amz-id-2: ip/xjMHw2ngpy+QE+SZa8EjIvSDnOmspgS6WfYTvV3a7eihXuXiBOrA9qm+14A/ISR7vLcNEfzg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2022 02:22:21 GMT
server: ATS
etag: "85070595d47a7cc86af31833110dc18a-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-menu-1.3.0-modern.js Show response
s.yimg.com/aaq/wf/ 8 KB
3 KB 90ms
63ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-menu-1.3.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

33d8bfda78c83de19751ec84e1d7f40dc5d7c81e7fb822069f811a9030d2d459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 08 Jan 2024 07:24:48 GMT
x-amz-version-id: BhLpL.WQZsmgJZIKchhrGPJ9SR5h0N22
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 400QW48JFE8N4749
age: 374609
x-amz-server-side-encryption: AES256
content-length: 2802
x-amz-id-2: jCxvsXiUc5v/yTEqw9cYXxCkSfWXqeQ99aUke4rSuvwtZ9IIxHvS2SGouatHT7jsMuUyJZXp08A=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Nov 2023 00:39:45 GMT
server: ATS
etag: "76aeb54211fca21ec7f4f9a39b1d88d1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-clipboard-copy-1.0.2-modern.js Show response
s.yimg.com/aaq/wf/ 4 KB
2 KB 89ms
62ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-clipboard-copy-1.0.2-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f59452bba989e5a78e9492ae296cbf910745529c3294b49a58efa4ec7eba8d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 03 Jan 2024 21:52:58 GMT
x-amz-version-id: s6ZljWUzqa9Ss0D5hEgjXb_jGlec.wYG
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DPHNQZP4250X08J5
age: 754519
x-amz-server-side-encryption: AES256
content-length: 1619
x-amz-id-2: FYgfj1I30cd7Nan01TAsxcr+7r61zTqzh269qoart/9j13GTqtR0tG2gygC54dJq6Ny9NkMsLbaw/O/fF1zCIF5XLbIq4pKvI4peNNlvQA0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 May 2021 16:40:35 GMT
server: ATS
etag: "9d2a8efbe3fe9705e54df41100ea2dae-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 wf-native-da-1.0.3-modern.js Show response
s.yimg.com/aaq/wf/ 11 KB
4 KB 93ms
67ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-native-da-1.0.3-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

4a49828993f5623cb08e4fdac5b714c4f7edfabee23f4af4a5256817c6bc891f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 18 Dec 2023 11:55:56 GMT
x-amz-version-id: .WtSZPY4TBvcWVtow89uKRis9rZ.xbsA
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: EQCVDF9ZZX1RCY2K
age: 2172741
x-amz-server-side-encryption: AES256
content-length: 3704
x-amz-id-2: Sy5MawKk14lbf1Ad+GcFMp/1n03G+1EsJk/4TGoqkmyHXO3BPG7AMBVM+yRErsEoikkke+DPWMw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 08:24:28 GMT
server: ATS
etag: "1b3cba92fad04fe3b6085f9dd4504f0a-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 react-wafer-stream.custom.modern.1ed4fe71b1fc647ddbf37a7050944309.js Show response
s.yimg.com/aaq/fp/js/ 8 KB
3 KB 93ms
66ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/fp/js/react-wafer-stream.custom.modern.1ed4fe71b1fc647ddbf37a7050944309.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

faf50015de5b96281dcbf145fdf58222efc35c962759a3e915f4e95f510d7b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 16 Dec 2023 18:52:13 GMT
x-amz-version-id: xy7lqotFC.zmCqihzzE4iOckpJX.wEX6
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: K1CY8BSH01YFGDCF
age: 2320564
x-amz-server-side-encryption: AES256
content-length: 2941
x-amz-id-2: VJoEfJhvL8YndovI47qwPlRVBJDjhpy5IHO3JVEuiPkCrqKFU/LU+PcJLEBfhP4qIRw1yVC4RtU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Dec 2023 00:17:32 GMT
server: ATS
etag: "1ed4fe71b1fc647ddbf37a7050944309-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 e414c50.caas-news_web.min.js Show response
s.yimg.com/aaq/c/ 116 KB
29 KB 91ms
65ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/c/e414c50.caas-news_web.min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

46d4d1ee2e209f4cc75482672364c596eaeac1a9cefacfeda61ccec57b7025bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 06:42:17 GMT
x-amz-version-id: 0txIjr.CpzRDfZ4ysa3_pGu9iWqoxsTX
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: GXVX8VKMHYS2C7KX
age: 31561
x-amz-server-side-encryption: AES256
content-length: 29208
x-amz-id-2: ySPFv+mj6WgOQcr0JzoLe4H9jNa+jspBDCttCvVcCIl/QaxSkhOimCBQGfEGtOf3GDXabUo8+LQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Jan 2024 17:30:29 GMT
server: ATS
etag: "798288a089d493501a19565b138199e4-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 p.gif
yahoo.com/info/ 202 KB
202 KB 321ms
321ms Image
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/info/p.gif?apptype=default&beaconType=pageRenderStart&code=pageRender&bucket=900%2Cseamless&device=desktop&intl=us&rid=fssMH6Pv&site=fp&t=1705073082441

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 81
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: xTF0316BESSii-XreLQn9Dg3Ztx_2aVXVYbClxrzxt1p8drS2YBqBg==
expires: -1

GET
H/1.1 400
Bad Request consentRecord Show response
guce.yahoo.com/v1/ 64 B
585 B 175ms
29ms XHR
application/json 52.19.173.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/cmp/version/6.4.0/cmp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.173.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-173-208.eu-west-1.compute.amazonaws.com

Software

guce /

Resource Hash

be6b2025e99620fec98afa6dea4dc05421edcc5c2449827f249cdc3165dc4aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:28:16 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: guce
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://yahoo.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, User-Agent, X-Forwarded-For, X-Oath-Gcrumb
Content-Length: 82

GET
H2 200 cerebro_min.js Show response
edge-mcdn.secure.yahoo.com/ybar/ 6 KB
6 KB 24ms
14ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 20:38:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: SK3D3N1B29QA547K
age: 67772
x-amz-server-side-encryption: AES256
content-length: 5636
x-amz-id-2: Ff//+3iz0lyDe2PvI5eszmNfODSIVltshbOD6DEXcPrqqlWiDFNSnvcgsUrFFyDPC3SqR9F/W9s=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 May 2022 20:34:05 GMT
server: ATS
etag: "0ccb51bc1dd6980920da39e008a599e0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Regular.woff2
s.yimg.com/os/fontserver/YahooSans/ 28 KB
29 KB 15ms
15ms Font
application/font-woff2 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/fontserver/YahooSans/Regular.woff2

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/
Origin: https://yahoo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 15 Dec 2023 15:40:33 GMT
x-amz-version-id: null
x-amz-meta-created-date: Tue, 17 Oct 2017 20:59:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: PW8EA4NNQC7A0EKS
age: 2418464
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1508273943966280
content-length: 28860
x-amz-id-2: LxTcLdlYpXqzFsJDtb4IGysp5e9uDK9Wc34hvmD18l9BhQM812aZ/ibmLR2LuV7u8bkHTvkGiXM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 May 2018 16:32:11 GMT
server: ATS
etag: "a99b283070afc519f4816e4300c515d2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public,max-age=536112000
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:cd38276d-8695-4172-982e-30a706d38b1000055bc464a77248"
x-amz-meta-x-ysws-access: public
expires: Sat, 12 May 2035 16:32:10 GMT

GET
H2 200 7f3e7870-b14e-11ee-af7f-cf5c12a6e51f.cf.jpg
s.yimg.com/uu/api/res/1.2/W1XV0SaY7reoCVGRDJ6D_g--~B/Zmk9c3RyaW07aD0yNzI7cT05NTt3PTU2MDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 71 KB
72 KB 28ms
27ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/W1XV0SaY7reoCVGRDJ6D_g--~B/Zmk9c3RyaW07aD0yNzI7cT05NTt3PTU2MDthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/7f3e7870-b14e-11ee-af7f-cf5c12a6e51f.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c16f58e3315b6df337b13f450bac668d458e94fab61559ff159371a69cda8d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 5910
cld_latency: 1
edge-cache-tag: 340848760460270757124462951904377117412,475279004647958939364354769181425940513,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: f78b223818de5b568a93ee7bbdbd9a7b
cld_by: cache-iad-kiad7000150-IAD
x-served-by: cache-iad-kiad7000150-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705067388.951612,VS0,VE1
etag: "18999dc0be4c27f8b1c80149722b7233"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 13:49:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 340848760460270757124462951904377117412,475279004647958939364354769181425940513,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 73121
x-xss-protection: 1; mode=block
x-request-id: f78b223818de5b568a93ee7bbdbd9a7b
last-modified: Fri, 12 Jan 2024 13:49:40 GMT
server: ATS
surrogate-reporting: width=560,height=272,bytes=73121,owidth=2048,oheight=1152,obytes=241619,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 280e5b26ff50e87df5c936449aeaefba.cf.jpg
s.yimg.com/uu/api/res/1.2/7QXjP._IFHxTPe3.UNo6QA--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cnn_business_articles_218/ 10 KB
11 KB 32ms
31ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/7QXjP._IFHxTPe3.UNo6QA--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cnn_business_articles_218/280e5b26ff50e87df5c936449aeaefba.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

abbb933058b67363dc536b89d6d50ece7d2ed4b8324d3c5104f5c53ec4cf2f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 05:20:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 36473
cld_latency: 1
edge-cache-tag: 225160628530401207474604816237088048063,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 225160628530401207474604816237088048063,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Thu, 11 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 10653
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100122-IAD
x-served-by: cache-iad-kjyo7100122-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 05:13:59 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=10653,owidth=960,oheight=540,obytes=61896,ef=(1,13,17,23,30)
x-timer: S1705036826.006297,VS0,VE1
etag: "562363d248943d2f40c5c04cddc5d8d1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 4ed3e7a0-b159-11ee-b766-c143347eb04d.cf.jpg
s.yimg.com/uu/api/res/1.2/vid2lUWTnU8L9KDNrUo6ww--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 12 KB
12 KB 32ms
31ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/vid2lUWTnU8L9KDNrUo6ww--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/4ed3e7a0-b159-11ee-b766-c143347eb04d.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

2efe839994e70533a185968fe8d17d2a4f9185faf12eff90ae41bde1bcc04ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 15:06:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 1288
edge-cache-tag: 330155113474139360950460803420224077723,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 330155113474139360950460803420224077723,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 12158
x-xss-protection: 1; mode=block
x-request-id: 842adccda1dc036d6fbba00fbd408b20
x-served-by: cache-iad-kiad7000043-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 14:46:06 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=12158,owidth=1500,oheight=845,obytes=183663,ef=(1,13,17,23,30)
x-timer: S1705072008.373437,VS0,VE1
etag: "f481d99b04c85fb10cca4c45a5e015c3"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 f25bdba0-b0cb-11ee-acbf-07876b92f19e.cf.jpg
s.yimg.com/uu/api/res/1.2/DWZJGsI990i6I87XSbTg.w--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 10 KB
10 KB 33ms
32ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/DWZJGsI990i6I87XSbTg.w--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/f25bdba0-b0cb-11ee-acbf-07876b92f19e.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

7c1af6813d45b6da4e89afef9a402d7ad6dd66131055a1be90424fcdf99d401c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 61233
cld_latency: 1
edge-cache-tag: 300161853591376481020198222603492881510,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 17875c24d1fd04653b07965cae935d77
cld_by: cache-lga21945-LGA
x-served-by: cache-lga21945-LGA
referrer-policy: no-referrer-when-downgrade
x-timer: S1705012066.017524,VS0,VE1
etag: "21db8f9ce5d7ef33520d5c0c924b15c0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Thu, 11 Jan 2024 22:27:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 300161853591376481020198222603492881510,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 10107
x-xss-protection: 1; mode=block
x-request-id: 17875c24d1fd04653b07965cae935d77
last-modified: Thu, 11 Jan 2024 21:54:13 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=10107,owidth=6000,oheight=3379,obytes=2772112,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 85d88ce0-b147-11ee-bd3f-a3556d3d61e3.cf.jpg
s.yimg.com/uu/api/res/1.2/afwpPLk0i2aSfTNTmkzGgA--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 9 KB
10 KB 33ms
33ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/afwpPLk0i2aSfTNTmkzGgA--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/85d88ce0-b147-11ee-bd3f-a3556d3d61e3.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f123095e67ad97806b7dbc2475cd95aa7caa1f1617ff1480077c5582c790d9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 5373
cld_latency: 1
edge-cache-tag: 460720349204681160142929402989471184383,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 6d865b3d36879ef3f9b5c2236eee539f
cld_by: cache-iad-kiad7000124-IAD
x-served-by: cache-iad-kiad7000124-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705067924.542184,VS0,VE1
etag: "0b5f36c0671eb523021446ae37bfa889"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 13:58:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 460720349204681160142929402989471184383,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 9693
x-xss-protection: 1; mode=block
x-request-id: 6d865b3d36879ef3f9b5c2236eee539f
last-modified: Fri, 12 Jan 2024 12:39:02 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=9693,owidth=1600,oheight=900,obytes=794369,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c1091b098c46607364e9259a6763fae5.cf.jpg
s.yimg.com/uu/api/res/1.2/5VV48ryNWv4JtQpnjjLuJQ--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/bbc_us_articles_995/ 21 KB
22 KB 34ms
33ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/5VV48ryNWv4JtQpnjjLuJQ--~B/Zmk9c3RyaW07aD0xODA7cT04MDt3PTM1NjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/bbc_us_articles_995/c1091b098c46607364e9259a6763fae5.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e6a91db84a0f05c1d9a8781aa5d647292654695c0f59175dc192e7cd32a07282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 23:56:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 55893
cld_latency: 1
edge-cache-tag: 504942505898104647571495103639821221395,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 504942505898104647571495103639821221395,408809882921809563823375896807471563061,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Wed, 10 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 21654
x-xss-protection: 1; mode=block
cld_by: cache-lga21935-LGA
x-served-by: cache-lga21935-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Jan 2024 21:19:55 GMT
server: ATS
surrogate-reporting: width=356,height=180,bytes=21654,owidth=976,oheight=549,obytes=184619,ef=(1,13,17,23,30)
x-timer: S1705017404.006942,VS0,VE1
etag: "90e5989517ca98205b1e12127f1274bc"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 8cf9afd17d6d2041e1a855eb578e6eb7.cf.jpg
s.yimg.com/uu/api/res/1.2/Z6YYIZWJsOuklDvyzTwANw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/usa_today_sports_articles_558/ 45 KB
46 KB 37ms
36ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/Z6YYIZWJsOuklDvyzTwANw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/usa_today_sports_articles_558/8cf9afd17d6d2041e1a855eb578e6eb7.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

54c064a05e65ae6adbe04a6efcbc0d366998ba7daacfe0dea327dd70bba8d92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 1585
cld_latency: 1
edge-cache-tag: 201676149141802530637434870773115174716,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 3e1ccae76d310c03c75158cd72161313
cld_by: cache-iad-kjyo7100171-IAD
x-served-by: cache-iad-kjyo7100171-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705071712.871148,VS0,VE1
etag: "e869a472b635a3018f7fd5ea1d22eefb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 15:01:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 201676149141802530637434870773115174716,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 46359
x-xss-protection: 1; mode=block
x-request-id: 3e1ccae76d310c03c75158cd72161313
last-modified: Fri, 12 Jan 2024 15:00:16 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=46359,owidth=5106,oheight=3648,obytes=3755964,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 009b991b83ed925a5c4ef00bee8d0103.cf.jpg
s.yimg.com/uu/api/res/1.2/2NbkHQHEUcZX__P.SYEOEQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/csnne.com/ 17 KB
18 KB 31ms
31ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/2NbkHQHEUcZX__P.SYEOEQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/csnne.com/009b991b83ed925a5c4ef00bee8d0103.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a8036a2cf90d66f01fd22a9f4c7e5001776b505fc295c1dd89a8915544c2688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 5121
cld_latency: 1
edge-cache-tag: 308103442722701606412231176848936837852,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 6be8756c371288ec9eea5de7a9791413
cld_by: cache-lga21948-LGA
x-served-by: cache-lga21948-LGA
referrer-policy: no-referrer-when-downgrade
x-timer: S1705068176.911727,VS0,VE1
etag: "268393d76e60dc39ceaab3ef268131cc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 14:02:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 308103442722701606412231176848936837852,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 17833
x-xss-protection: 1; mode=block
x-request-id: 6be8756c371288ec9eea5de7a9791413
last-modified: Fri, 12 Jan 2024 13:44:38 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=17833,owidth=1280,oheight=721,obytes=724319,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b829aafe3ddb6dac39457818123485bd.cf.jpg
s.yimg.com/uu/api/res/1.2/cmvMD7CXWzUXgatr.juQ4Q--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/csnchicago.com/ 19 KB
20 KB 32ms
32ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/cmvMD7CXWzUXgatr.juQ4Q--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/csnchicago.com/b829aafe3ddb6dac39457818123485bd.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

2165dd788fb806053128d6faf6dde443c215da84bf12e4b69e699492cec7f9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 01:35:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 49966
edge-cache-tag: 227652480339611565411773924529218202845,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 227652480339611565411773924529218202845,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 19783
x-xss-protection: 1; mode=block
x-request-id: 8d33737cb30cf5f45f4a9a0f687f4f0a
x-served-by: cache-iad-kjyo7100028-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Dec 2023 06:13:28 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=19783,owidth=1600,oheight=900,obytes=36848,ef=(1,13,17,23,30)
x-timer: S1705023331.891656,VS0,VE1
etag: "cb3010ad69db5d9e841215704d72f2b9"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 705ae96739a0c805c045862c4ff378e1.cf.jpg
s.yimg.com/uu/api/res/1.2/fmjJMcUfnKMNLK6qEGi7hw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/salon_articles_879/ 30 KB
30 KB 33ms
33ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/fmjJMcUfnKMNLK6qEGi7hw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/salon_articles_879/705ae96739a0c805c045862c4ff378e1.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

f3aea898cd059017b5cfe0fedcfa4fa32bb4f931afc227e0fa4cbc7ab3120086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 2797
cld_latency: 1
edge-cache-tag: 375388228764603686305959337014279624309,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 37d169bfaf61086d63356cf7e937195f
cld_by: cache-iad-kjyo7100064-IAD
x-served-by: cache-iad-kjyo7100064-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705070502.033062,VS0,VE1
etag: "90f68c99534f54d3397c7d4c004f5c09"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 14:41:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 375388228764603686305959337014279624309,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 30452
x-xss-protection: 1; mode=block
x-request-id: 37d169bfaf61086d63356cf7e937195f
last-modified: Fri, 12 Jan 2024 14:39:55 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=30452,owidth=1692,oheight=1142,obytes=375134,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 icon-flame-light-202303010352.gif
s.yimg.com/pv/static/img/ 527 KB
528 KB 21ms
21ms Image
image/gif 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/icon-flame-light-202303010352.gif

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

7a18441e184306e7f51c5493c0c17f676c73e12f518dc468dcb565b25d90fc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 06 Dec 2023 00:17:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 2J0CA5RF2NJV41Q5
age: 3251452
x-amz-server-side-encryption: AES256
content-length: 539840
x-amz-id-2: LxqcG0tJ089qWwDBuxs/H1PphFsseCiTRgMo1PLiNnOb7bJSknIl640h3IMzbmmHACLeggHByAMVrqq+1r7UOQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Mar 2023 03:52:06 GMT
server: ATS
etag: "2fb9d43c74752389405abc1a5814b44a"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 01 Mar 2033 03:52:18 GMT

GET
H2 200 72719c463f6ed70b7cb446e0bd1461a9.cf.jpg
s.yimg.com/uu/api/res/1.2/x1a_GnrxMWmBdYMr2xU.EA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/insider_articles_922/ 24 KB
25 KB 52ms
47ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/x1a_GnrxMWmBdYMr2xU.EA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/insider_articles_922/72719c463f6ed70b7cb446e0bd1461a9.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

8a128348b11b44b62a0ac044780b00fb6257645f02448b2e402353bb9faedf86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 14:05:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 4993
edge-cache-tag: 502023927246912841063323102709243760368,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 502023927246912841063323102709243760368,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Thu, 11 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
content-length: 24974
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100138-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 14:02:35 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=24974,owidth=2707,oheight=2030,obytes=423905,ef=(1,13,17,23,30)
x-timer: S1705068304.431557,VS0,VE1
etag: "66abff7a4dca3b2121f63d1493b846a7"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 4d81887eda832a74ef4542b7ad1a1b36.cf.jpg
s.yimg.com/uu/api/res/1.2/2Peo4iYQbX2MO5cKtrhb0w--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/motherly_353/ 24 KB
24 KB 52ms
48ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/2Peo4iYQbX2MO5cKtrhb0w--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/motherly_353/4d81887eda832a74ef4542b7ad1a1b36.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

78a1f9d8fd52b7ff5b712a20c6b297c3d7cb0be9fcb873c5449716e632bec36e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 13294
cld_latency: 1
edge-cache-tag: 218567430138434072357776561428478463358,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: dbbc4f3965f76e4694e03dc449902618
cld_by: cache-iad-kjyo7100105-IAD
x-served-by: cache-iad-kjyo7100105-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705060003.083383,VS0,VE1
etag: "82e521ccc16b7c3e8b1660245f9c707c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 11:46:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 218567430138434072357776561428478463358,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 24248
x-xss-protection: 1; mode=block
x-request-id: dbbc4f3965f76e4694e03dc449902618
last-modified: Fri, 12 Jan 2024 11:33:15 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=24248,owidth=1340,oheight=670,obytes=93406,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b1a93e51f5b86a3cb4a1965644b2fa9b.cf.jpg
s.yimg.com/uu/api/res/1.2/rjSZmzC.TOiYoi_DDp1hyA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cnn_articles_875/ 20 KB
21 KB 53ms
49ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/rjSZmzC.TOiYoi_DDp1hyA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/cnn_articles_875/b1a93e51f5b86a3cb4a1965644b2fa9b.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0ebe86a81967f62f7e2720e0282b2aa826bc6ac307995c633e9687b054b10768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 87806
cld_latency: 1
edge-cache-tag: 340175603490640620223150675682625682550,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 25a60ab33064aa55c6d0afdf64847464
cld_by: cache-iad-kiad7000028-IAD
x-served-by: cache-iad-kiad7000028-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1704985492.680349,VS0,VE1
etag: "b630bb991c499232e4ff7cbb0681f527"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Thu, 11 Jan 2024 15:04:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 340175603490640620223150675682625682550,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 20954
x-xss-protection: 1; mode=block
x-request-id: 25a60ab33064aa55c6d0afdf64847464
last-modified: Thu, 11 Jan 2024 15:02:38 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=20954,owidth=960,oheight=540,obytes=48846,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 76cd77efd9549f69c6111c53a8a48029.cf.jpg
s.yimg.com/uu/api/res/1.2/HGOEMNZh6uNTc08EgxWGDg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/buzzfeed_articles_778/ 28 KB
29 KB 54ms
50ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/HGOEMNZh6uNTc08EgxWGDg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/buzzfeed_articles_778/76cd77efd9549f69c6111c53a8a48029.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

70f9852c77cf4fd86deeda8b875157eeb324a3951a759f6e07775986b42a7cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 14:50:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 2249
cld_latency: 1
edge-cache-tag: 225446516418358510203884226775182681685,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 225446516418358510203884226775182681685,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Thu, 11 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 28762
x-xss-protection: 1; mode=block
cld_by: cache-lga21952-LGA
x-served-by: cache-lga21952-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 14:31:24 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=28762,owidth=1250,oheight=830,obytes=637423,ef=(1,13,17,23,30)
x-timer: S1705071048.280085,VS0,VE1
etag: "5cbe88ad27b0011aeb6b6fd67f456049"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 da5244c5bf49b5f1aeb2d779c99c1b40.cf.jpg
s.yimg.com/uu/api/res/1.2/EwN2FC2EYOR8vngjZ7jWdw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/in_touch_weekly_336/ 26 KB
26 KB 55ms
51ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/EwN2FC2EYOR8vngjZ7jWdw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/in_touch_weekly_336/da5244c5bf49b5f1aeb2d779c99c1b40.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

8e988e5817d9b91c0c080bfc6541fd46a55a587a0eff29e0b667b519c50bd046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 22:37:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 60670
edge-cache-tag: 343164710738306572230915827225988188354,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 343164710738306572230915827225988188354,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Wed, 10 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
content-length: 26189
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000044-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Jan 2024 22:26:00 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=26189,owidth=3058,oheight=3966,obytes=7837478,ef=(1,13,17,23,30)
x-timer: S1705012627.356713,VS0,VE1
etag: "99b1154c609b39dba5ea74f3d0516802"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 06f3a34845bdbbc3b9e331cc0c9e8e6a.cf.jpg
s.yimg.com/uu/api/res/1.2/R44XMBrX.xV3pMIY8APeZg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/sports_illustrated_swimsuit_841/ 19 KB
19 KB 57ms
53ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/R44XMBrX.xV3pMIY8APeZg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/sports_illustrated_swimsuit_841/06f3a34845bdbbc3b9e331cc0c9e8e6a.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d436e95611ee934483a02006c6c51b6602f1f69324de97034afffad8ef0f91b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 03:45:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 42153
edge-cache-tag: 450867425459954834589315398737942771385,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 450867425459954834589315398737942771385,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Thu, 11 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
content-length: 19175
x-xss-protection: 1; mode=block
x-served-by: cache-lga21960-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 03:36:39 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=19175,owidth=1200,oheight=675,obytes=124846,ef=(1,13,17,23,30)
x-timer: S1705031146.553114,VS0,VE1
etag: "864922e5fb87a1eb0c93cb5e3e4961f4"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 6c9969f1-b144-11ee-bb97-76f76d46eb14.cf.jpg
s.yimg.com/uu/api/res/1.2/w_P5wcpX7zxQWQvR.xEIlA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/ 22 KB
23 KB 57ms
54ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/w_P5wcpX7zxQWQvR.xEIlA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://s.yimg.com/os/creatr-uploaded-images/2024-01/6c9969f1-b144-11ee-bb97-76f76d46eb14.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

5a62a154265ceec7cc05527261d14f0fe97e61a8d40ceddc2158e29613992deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 6378
cld_latency: 1
edge-cache-tag: 417697994906862534002544618177507654165,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 1b665c2570537a739f9a0af81d3f58e9
cld_by: cache-iad-kjyo7100166-IAD
x-served-by: cache-iad-kjyo7100166-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705066920.598144,VS0,VE1
etag: "4afb6b70ac09c24327f14b7b6d5ce546"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 13:41:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 417697994906862534002544618177507654165,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 22552
x-xss-protection: 1; mode=block
x-request-id: 1b665c2570537a739f9a0af81d3f58e9
last-modified: Fri, 12 Jan 2024 12:18:16 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=22552,owidth=2800,oheight=1575,obytes=5970899,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 549173d264b9b3d1447888edf169eb83.cf.jpg
s.yimg.com/uu/api/res/1.2/fRTj6.F5KMhizP2hi0VbeA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/fox_news_text_979/ 23 KB
24 KB 59ms
56ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/fRTj6.F5KMhizP2hi0VbeA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/fox_news_text_979/549173d264b9b3d1447888edf169eb83.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ab6531364fe9673e8043d58d965d6207de47971dbc78675f8f1e2e6a3ca42842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 11:09:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 15522
edge-cache-tag: 359144648107012282359695824614804298781,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 359144648107012282359695824614804298781,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 23652
x-xss-protection: 1; mode=block
x-request-id: 0d29309ebbcf99a3e8f20dad490ecd21
x-served-by: cache-iad-kiad7000155-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 11:06:55 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=23652,owidth=1280,oheight=720,obytes=185967,ef=(1,13,17,23,30)
x-timer: S1705057776.783371,VS0,VE1
etag: "8cc34ba648f274292a528e3920dba053"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 8cec1b0331423e160b24f0359c5895ff.cf.jpg
s.yimg.com/uu/api/res/1.2/knC2i4b6tVJk5Fgvol499A--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/sports_illustrated_swimsuit_841/ 23 KB
23 KB 60ms
56ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/knC2i4b6tVJk5Fgvol499A--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/sports_illustrated_swimsuit_841/8cec1b0331423e160b24f0359c5895ff.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c9a99fe813a45146726ec3465d0dd5d2fea8ae5a6fb417e40a76faaa677c8ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 11 Jan 2024 20:41:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 67622
cld_latency: 2
edge-cache-tag: 479693493673841333027371577549289520476,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 479693493673841333027371577549289520476,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
x-cache: Miss from cloudfront, HIT
expiration: expiry-date="Wed, 10 Jul 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits: 1
content-length: 23524
x-xss-protection: 1; mode=block
cld_by: cache-lga21934-LGA
x-served-by: cache-lga21934-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Jan 2024 20:32:45 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=23524,owidth=1200,oheight=675,obytes=80922,ef=(1,13,17,23,30)
x-timer: S1705005675.203169,VS0,VE2
etag: "ec09b3adf27883cd1ff6cd1969e8f894"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 fb291bc4077b35f55c2a144828ed92d6.cf.jpg
s.yimg.com/uu/api/res/1.2/xS9bRzETkYflAuaUokLfxg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/theblast_73/ 19 KB
20 KB 61ms
58ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/xS9bRzETkYflAuaUokLfxg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/theblast_73/fb291bc4077b35f55c2a144828ed92d6.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0b64ef239bce8b83679dccc7fe5bfed8ba22f2b6cd8b2b15bbc145df21992103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 71769
cld_latency: 7
edge-cache-tag: 310501237475204796965268431146595610100,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: c18966d93ba4bd4fa0a3ef32856da9e9
cld_by: cache-iad-kjyo7100034-IAD
x-served-by: cache-iad-kjyo7100034-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705001528.089151,VS0,VE7
etag: "4941eb9032449ad228e194937f84b661"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Thu, 11 Jan 2024 19:32:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 310501237475204796965268431146595610100,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 19404
x-xss-protection: 1; mode=block
x-request-id: c18966d93ba4bd4fa0a3ef32856da9e9
last-modified: Thu, 11 Jan 2024 19:29:20 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=19404,owidth=2560,oheight=1184,obytes=197946,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9b7d4ca16dd48fcec4231d96de7e6e7a.cf.jpg
s.yimg.com/uu/api/res/1.2/y9Bv5TPsmz6wsIbo2r80WA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/buzzfeed_news_articles_572/ 46 KB
47 KB 70ms
67ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/y9Bv5TPsmz6wsIbo2r80WA--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/buzzfeed_news_articles_572/9b7d4ca16dd48fcec4231d96de7e6e7a.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b6ed330c928c37a797890179b4d748d07e650955ef512fd03ea552f4b05481d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 3609
cld_latency: 2
edge-cache-tag: 283818240306252045042239480597620586759,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: b8133eeb810ae7337cb2b1dd2ad285e3
cld_by: cache-iad-kiad7000077-IAD
x-served-by: cache-iad-kiad7000077-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705069689.793109,VS0,VE2
etag: "877bd5d6b35f604c2e65f8965c68d7ce"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 14:28:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 283818240306252045042239480597620586759,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 47523
x-xss-protection: 1; mode=block
x-request-id: b8133eeb810ae7337cb2b1dd2ad285e3
last-modified: Fri, 12 Jan 2024 14:27:51 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=47523,owidth=625,oheight=417,obytes=97912,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 587ad28c39885411ff0ef068c8f95a39.cf.jpg
s.yimg.com/uu/api/res/1.2/zuEM_JEC5Kieh3J_MNt3vg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/ 24 KB
24 KB 71ms
68ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/zuEM_JEC5Kieh3J_MNt3vg--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/the_huffington_post_584/587ad28c39885411ff0ef068c8f95a39.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d28b9ecc5c4d8d812a36f111a07f6d31516c1eb2fa89045be9da02aa4c73bcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 14417
cld_latency: 1
edge-cache-tag: 213101884976557867806999790208232899690,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 5a0f1ed6c15cc303a42fd264a64bc2bb
cld_by: cache-lga21950-LGA
x-served-by: cache-lga21950-LGA
referrer-policy: no-referrer-when-downgrade
x-timer: S1705058884.986579,VS0,VE1
etag: "993fe2db284145f7bfde8408330ee772"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 11:28:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 213101884976557867806999790208232899690,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 24184
x-xss-protection: 1; mode=block
x-request-id: 5a0f1ed6c15cc303a42fd264a64bc2bb
last-modified: Fri, 12 Jan 2024 11:27:51 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=24184,owidth=959,oheight=600,obytes=73348,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dae4d01d520acd8fce83b68ca6b4a6d2.cf.jpg
s.yimg.com/uu/api/res/1.2/NXSgsNEvteOfUdQmz965BQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/rollingstone.com/ 35 KB
36 KB 74ms
71ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/NXSgsNEvteOfUdQmz965BQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/rollingstone.com/dae4d01d520acd8fce83b68ca6b4a6d2.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

8219c20c8deccb08fed718fe1d28a7c3e0c2a3714e50f0444831f3cb727f843c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
age: 21987
cld_latency: 3
edge-cache-tag: 346532403799426758111567016246414097238,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: Miss from cloudfront, HIT
status: 200 OK
cld_id: 232237d89982bc3a03f3c4d81363bb25
cld_by: cache-iad-kjyo7100069-IAD
x-served-by: cache-iad-kjyo7100069-IAD
referrer-policy: no-referrer-when-downgrade
x-timer: S1705051311.663181,VS0,VE3
etag: "0a330ef2496169392625eb397305c62e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
access-control-allow-headers: X-Requested-With
x-cache-hits: 1
date: Fri, 12 Jan 2024 09:21:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT
cache-tag: 346532403799426758111567016246414097238,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cld_hits: 1
content-length: 36045
x-xss-protection: 1; mode=block
x-request-id: 232237d89982bc3a03f3c4d81363bb25
last-modified: Fri, 12 Jan 2024 09:21:26 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=36045,owidth=3000,oheight=2000,obytes=4339500,ef=(1,13,17,23,30)
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b9f274b0391553e5497566fe7664af1d.cf.jpg
s.yimg.com/uu/api/res/1.2/9B9LJ6uBzcStRCXzTH0MVw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/miami_herald_mcclatchy_975/ 22 KB
23 KB 77ms
74ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/9B9LJ6uBzcStRCXzTH0MVw--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/miami_herald_mcclatchy_975/b9f274b0391553e5497566fe7664af1d.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3b3ccb2c3cca4d74f4a4e40215359a1573877b6eeac7035f279cc4aa353df8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 19:58:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 70208
edge-cache-tag: 347715048700613089289756587368394597825,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 347715048700613089289756587368394597825,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 22863
x-xss-protection: 1; mode=block
x-request-id: 08bcdc76ee117b041811e73162898d00
x-served-by: cache-iad-kiad7000148-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Jan 2024 19:49:19 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=22863,owidth=1140,oheight=711,obytes=72671,ef=(1,13,17,23,30)
x-timer: S1705003089.255596,VS0,VE1
etag: "850d89b508965affe6090f122898a383"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 629641a99b8b3750374bf3e34487c1a6.cf.jpg
s.yimg.com/uu/api/res/1.2/zasWRVfXkaUCan_9TcJcoQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/salon_articles_879/ 24 KB
24 KB 84ms
82ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/zasWRVfXkaUCan_9TcJcoQ--~B/Zmk9c3RyaW07aD0yODQ7cT04MDt3PTUzNjthcHBpZD15dGFjaHlvbg--/https://media.zenfs.com/en/salon_articles_879/629641a99b8b3750374bf3e34487c1a6.cf.jpg

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

6c37378afaf5fbe133642f8f335f50b3924fbaac4599815cc3f7a7dc561be606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 11:38:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 13811
edge-cache-tag: 205498215277840435385985315495313041510,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
cache-tag: 205498215277840435385985315495313041510,245625588389719429561783682242221370435,ae7a14591aaf8d474cdb3f92111c923e
status: 200 OK
x-cache: Miss from cloudfront, HIT
content-length: 24407
x-xss-protection: 1; mode=block
x-request-id: 23bc65d09af74a45d906a13adf96251f
x-served-by: cache-lga21972-LGA
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 11:37:55 GMT
server: ATS
surrogate-reporting: width=536,height=284,bytes=24407,owidth=1692,oheight=1128,obytes=246826,ef=(1,13,17,23,30)
x-timer: S1705059486.239499,VS0,VE1
etag: "8a0bcfcea647d0046a0396bdab980491"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 rapid-3.53.38.js Show response
s.yimg.com/ss/ 50 KB
18 KB 80ms
79ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ss/rapid-3.53.38.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 05:03:59 GMT
x-amz-version-id: KmTm9VD7TIhhmyhjuol1GLEcLGSKZuTd
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AEVV3XH7M6ZTZ8H4
age: 37460
x-amz-server-side-encryption: AES256
content-length: 18290
x-amz-id-2: BIhWU24qEFqHOk/IcraIpiv3UGXLr55WNnCo8vZsCFq4EG/sO8t/cdJA09SeEqgeYtxZWzSTIOg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 May 2022 17:12:37 GMT
server: ATS
etag: "b3e320952536a9e017d8fde91f2c4968-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 p.gif
yahoo.com/info/ 35 KB
35 KB 184ms
179ms Image
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/info/p.gif?apptype=default&beaconType=pageRenderStart&code=pageRender&bucket=900%2Cseamless&device=desktop&intl=us&rid=fssMH6Pv&site=fp&t=1705073082441

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: 2OeyOrKCodWFhr-TpY2ptZf23Wr1WDM2Ouhvy4ZJEb_1P15mj7KwyQ==
expires: -1

GET
H2 200 yaft-0.3.28.min.js Show response
s.yimg.com/os/yaft/ 17 KB
6 KB 81ms
76ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/os/yaft/yaft-0.3.28.min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 08 Jan 2024 06:45:19 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: FXWG98B0Q9GKHWT8
age: 376979
x-amz-server-side-encryption: AES256
content-length: 5786
x-amz-id-2: IJVHwEl2A2+0YBhLkKV2AE28dBb9AdIykhW1d0vf+qGjt4uD9HRVS9L7Qce9PrlINXdvQdUIl/RLr+5IzCz1eg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Sep 2019 04:05:39 GMT
server: ATS
etag: "0731da3e399a4565e47c36702ffa9ba6-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=315360000
accept-ranges: bytes

GET
H2 200 wf-core-1.65.0-modern.js Show response
s.yimg.com/aaq/wf/ 59 KB
16 KB 77ms
73ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b3f5f787daf156fa19c2916470f4ea8bdbf9e5828b3990c33c04810fa74ed084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 11:48:23 GMT
x-amz-version-id: 20SJDrjaD349v_TEBoaGm7JknCokjFV_
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: Q3TNWK6H4XN9K5NG
age: 185995
x-amz-server-side-encryption: AES256
content-length: 16109
x-amz-id-2: cvj3MtbMhFSfhAELIs052PtADQmD57gQQJAJ0OCqN3+Bu9dMibOjg1woxZVvN9tnQqVGuqdBHd8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 18:45:04 GMT
server: ATS
etag: "ef13714e251549821d2930d0d99d6b70-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 sh-5.17.22.js Show response
s.yimg.com/aaq/notifications/js/ 23 KB
7 KB 82ms
78ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/notifications/js/sh-5.17.22.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

671672d5fb51ada783e99b16b5b961f30ca3bd1b7e4d0ec1723c7a680b0d6394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 17 Dec 2023 03:56:12 GMT
x-amz-version-id: z7DM9UzujGJgb9sjP6qPJCWgNM7tjNra
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: N8003Q6NR9MHQV2X
age: 2287926
x-amz-server-side-encryption: AES256
content-length: 7247
x-amz-id-2: GnyljnwlEknL7WQBp7n6ZMdLdmHpaKI+/myZPZd+EefVPrp13Bx4be1Rx+nX8wJe3vTPyJge7wI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Apr 2023 17:42:09 GMT
server: ATS
etag: "b6a0718189771e63d6886f3189569ad4-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 homepage-pwa-defer-1.1.6.js Show response
s.yimg.com/aaq/hc/ 66 KB
18 KB 82ms
79ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/hc/homepage-pwa-defer-1.1.6.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

cbeee7da6cc21d0d3394c55fab07c9005d10405a505117cb41c2a1b013773b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 05 Jan 2024 19:00:19 GMT
x-amz-version-id: 62z3e394BVX5YApOMJTuFHiUFyy3mHgC
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QC6CDCJXZP8STRYT
age: 592080
x-amz-server-side-encryption: AES256
content-length: 18232
x-amz-id-2: ccyeYrgGJeRGjaAx6GOi8zD1pbVIlU8y/odj/0WKj6kMHqbMJmRwoEfJGLOVVEuhNRH4Z6TSQDk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 May 2023 21:04:06 GMT
server: ATS
etag: "6ea12fccbed15820786c87f0b9b67d61-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 safe.min.js Show response
s.yimg.com/uc/sf/0.1.360/js/ 70 KB
25 KB 77ms
74ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uc/sf/0.1.360/js/safe.min.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

2ca181f5f8781eaca01c4e8a41d1334700378302662f1bd7fe31ef9ee4c1bfde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 03 Jan 2024 21:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DPHPZRA0NBN9ZC44
age: 754520
x-amz-server-side-encryption: AES256
content-length: 25865
x-amz-id-2: cufdmvHNrSN450e3vYQIkRpCTQ89n5ftessEViDRrQQMU9qBgPKUfMo/+31x5OsEzUwHIt28bvk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 17:34:40 GMT
server: ATS
etag: "ca6c03a0104a0556de35624aa3065b70-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 advertisement_0.0.19.js Show response
s.yimg.com/nn/lib/metro/g/myy/ 158 B
459 B 79ms
75ms Script
application/x-javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/nn/lib/metro/g/myy/advertisement_0.0.19.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 12:06:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 6WRJ684T48BSB9TN
age: 0
x-amz-server-side-encryption: AES256
content-length: 158
x-amz-id-2: 4ljrk1C6O95OKhAgeqrQgHn4LGFJJjcFfBg4TjtVnjujBRsQmj+GOFYwIhw93XRmErHp2vSp6D5kSqG24gC0XxIMdT6cbJh4
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 May 2020 03:33:21 GMT
server: ATS
etag: "ca243b22264dca7a4a899c51cc2dc963"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: application/x-javascript
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes

GET
H2 200 p.gif
yahoo.com/info/ 138 KB
138 KB 182ms
179ms Image
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/info/p.gif?apptype=default&beaconType=pageRenderEnd&code=pageRender&bucket=900%2Cseamless&device=desktop&intl=us&rid=fssMH6Pv&site=fp&t=1705073082446

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: BUXVSnRRRR3AKE5sgPkkoUeWizSOszLvyV-S1H2s_e3WiY3fwljNOg==
expires: -1

GET
H2 200 __rapid-worker-1.2.js
yahoo.com/ 1 MB
224 KB 426ms
426ms Other
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/__rapid-worker-1.2.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

48723c58d2524d7d5c47c2ddcab4a44ca757a689c5faaf90d37dfbbdfc808b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: 6pa3y33ojhMTux59xdjB0Lz27Jd8kEvWUxQ3k9Wuf7h5mJG-LsHYFw==
expires: -1

GET
H2 200 cs_1.5.1.js Show response
s.yimg.com/aaq/vzm/ 1 KB
1 KB 16ms
16ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/vzm/cs_1.5.1.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1ae0492d9fbac257db08c85f493a6f37f7a1b432315b2850e8682e41fe3fd833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 11 Jan 2024 12:00:52 GMT
x-amz-version-id: kNkmKOe52Bavmn2ePx9bBmv8ukXmrtvT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: T94Y2HXTMYCSHEKC
age: 98846
x-amz-server-side-encryption: AES256
content-length: 745
x-amz-id-2: JjqAIDPFgMSm0/FNmS8bWktWCgz8fAa/dG7dgGXT3Ct/ETqJu2Iwfx3vlVM8HAYYOB66I4AYqiP9qtbJSq7yYiJYblYmur5wHLRFcj+MAXE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Sep 2023 22:24:21 GMT
server: ATS
etag: "79a0874b52c0c38add16385eb1a694e7-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 b
geo.yahoo.com/ 43 B
366 B 185ms
43ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?s=1197757129&t=1705073297136&err_url=https%3A%2F%2Fyahoo.com%2F%3F&err=&test=fsb

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 p
fsbcn.fp.yahoo.com/ 4 B
205 B 155ms
46ms Image
application/json 52.212.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsbcn.fp.yahoo.com/p?s=1197757129&t=1705073297136&err_url=https%3A%2F%2Fyahoo.com%2F%3F&err=&test=fsb
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.205.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-205-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
x-amzn-trace-id: Root=1-65a15a91-1f71f1ff117bd56e3e59fe98;Sampled=0;lineage=63d44699:0
x-amzn-requestid: 4166a338-49c0-4392-a976-4b7a9b98031e
content-length: 4
x-amz-apigw-id: RbsWvFN5joEEKpQ=
content-type: application/json

GET
H2 200 d1ccw66oyq8ex2.js Show response
s.yimg.com/aaq/f10d509c/ 151 KB
54 KB 17ms
14ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

09e3b1cdb4a13769033e6545b5ce33bbbe4a1c56eedc6aff38b6d2e790e8b729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Fri, 12 Jan 2024 15:22:55 GMT
x-amz-version-id: fNtZCEL_e2S_fFkIP9H0YS6o1W_SAzPh
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: FZA7FWYZ3V5B0B75
age: 323
x-amz-server-side-encryption: AES256
content-length: 54731
x-amz-id-2: zaYyH2lcBBE0owacCfEVvrL8x2ZZQEqeidLM2eaNTPH4/j4CqROT+Sa3vpDbqC3xv3keBM94G2NsgN9e99JHHA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 12 Jan 2024 13:52:31 GMT
server: ATS
etag: "3b690cea8842640686109cf22407efbf-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600
accept-ranges: bytes

GET
H2 200 bidexchange.js Show response
hb.yahoo.net/ 488 KB
129 KB 160ms
97ms Script
text/javascript 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/bidexchange.js?cid=8YHBJ3BJ0&version=12.1&dn=yahoo.com&ysection=main&yregion=US&ylang=en-US&ysite=fp&ydevice=desktop

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9db46f19ad4dcb500e6f64d48871b1bde4cf41bdda18b3e36346041699d14caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Fri, 12 Jan 2024 15:28:17 GMT
server: Apache
etag: 17665538435596789623
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
link: <https://c2shb-oao.ssp.yahoo.com>;rel="preconnect",<https://m.hb.yahoo.net>;rel="preconnect",<https://hb.yahoo.net/ucreative.php?cv=1>;rel="prefetch";as=script,<https://rtb-cache.hb.yahoo.net>;rel="preconnect",<https://hb.yahoo.net/ss/nes/player.js>;rel="prefetch";as="script"
expires: Fri, 12 Jan 2024 15:58:17 GMT

GET
H2 200 opus.js Show response
opus.analytics.yahoo.com/tag/ 13 KB
4 KB 100ms
16ms Script
application/javascript 152.199.23.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/tag/opus.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/488A) /

Resource Hash

7c5bf1c17637f87d3c94a2fd2d57e9e5903cefb4fc696fcd2cf4bb0087754b76

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-encoding: gzip
date: Fri, 12 Jan 2024 15:28:17 GMT
last-modified: Mon, 11 Dec 2023 14:45:38 GMT
server: ECAcc (ama/488A)
age: 348071
x-amz-request-id: J5HYQ63YB4DK5FNB
etag: "5769a8d5d32fd009934f5b7b74bffa2e+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-length: 3937
x-amz-id-2: UjjTAByfQCSE0d8jYL0TyY7Mjwcyv/f7z/cMYIQJ5IGtQT5Wmbp3SIvFnajAxCXpF2W8dRZh2Ws=

GET
H2 200 evplayer.js Show response
s.yimg.com/rx/ev/builds/1.2.13/ 296 KB
77 KB 16ms
16ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

12234fed1c7552acbc8b14665fbf0b73c805001b0b6887d8a03b2982364ec957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Tue, 09 Jan 2024 12:22:25 GMT
x-amz-version-id: QZ__AHItRcNIRvvC42.veyVUX.ASFTV.
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: C6CD60Y1935JES4D
age: 270354
x-amz-server-side-encryption: AES256
content-length: 78461
x-amz-id-2: 43cie7XNkTRWJbr7VHdtzQT5Qri/L4ZjaFYHFYr8NMF7/uFjn/KL0TWLtVmEanY4FTrrqnNMAiE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jan 2024 01:39:10 GMT
server: ATS
etag: "680a1d84e4ae706011252d131d47a4d6-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=536112000
accept-ranges: bytes

POST
H2 999 remote
yahoo.com/fp_ms/_rcv/ 16 B
0 556ms
553ms Fetch
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/fp_ms/_rcv/remote?ctrl=WeatherPreviewRefresh&lang=en-US&m_id=react-wafer-weather&m_mode=json&region=US&rid=fssMH6Pv&site=fp&apptype=default&instance_id=weather&_evtSrc=deferLoad

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

POST
H2 999 remote
yahoo.com/fp_ms/_rcv/ 16 B
0 557ms
554ms Fetch
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/fp_ms/_rcv/remote?ctrl=ScoresRefresh&lang=en-US&m_id=react-wafer-scores&m_mode=json&region=US&rid=fssMH6Pv&site=fp&apptype=default&instance_id=scores&_evtSrc=deferLoad

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

POST
H2 999 remote
yahoo.com/fp_ms/_rcv/ 16 B
0 555ms
555ms Fetch
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/fp_ms/_rcv/remote?ctrl=HoroscopeGridRefresh&lang=en-US&m_id=react-wafer-horoscope&m_mode=json&region=US&rid=fssMH6Pv&site=fp&apptype=default&instance_id=horoscope&_evtSrc=deferLoad

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

GET
H2 200 exp.json Show response
edge-mcdn.secure.yahoo.com/ybar/ 2 KB
2 KB 24ms
23ms Fetch
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://edge-mcdn.secure.yahoo.com/ybar/exp.json

Requested by

Host: edge-mcdn.secure.yahoo.com
URL: https://edge-mcdn.secure.yahoo.com/ybar/cerebro_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:39:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 31SP3T5QYDZY7JAT
age: 20953
x-amz-server-side-encryption: AES256
content-length: 1784
x-amz-id-2: 4WNtVGUcw9z/6JSFBrx4gYOtRZG+nPxFOdI4z7NQ0Kw2r/itW+1rCAR9CpUri9Aw1FST+7mpNn4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Dec 2022 17:20:56 GMT
server: ATS
etag: "877792d86d801176269a36ac7b4e6e02"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 perf-vitals_3.2.0.js Show response
s.yimg.com/cx/pv/ 8 KB
3 KB 18ms
18ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cx/pv/perf-vitals_3.2.0.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 14:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: CA4SX8XSX2A9JFQN
age: 176510
x-amz-server-side-encryption: AES256
content-length: 3046
x-amz-id-2: rfyVwXvibwqkwj7331z6Ts2ihx8zxX8jqJvCqO5OPm0fLPwDVqPIKaFL9ZCqq9u52XQYwHmbR9c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 19:35:40 GMT
server: ATS
etag: "26831b6bd9ea430823f593b6a70c7375-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes

GET
H2 200 / Show response
yahoo.com/caas/content/article/ 1 MB
224 KB 521ms
518ms Fetch
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/caas/content/article/?uuid=dd87f1a5-e45c-3d23-9cae-9422fff77108,b28fab9a-4f68-39c9-a102-c3aa1f28245b,1e570215-5ca3-385c-a81a-c36cd1283dec,a2c3870f-f891-36bf-b4ec-dc4db68b7be2,42822858-f7e3-3385-9cba-6ba6663c2be2,2060cc76-ab4e-3dc1-b91a-ecd8d3db5f76&appid=news_web&device=desktop&lang=en-US&region=US&site=fp&partner=none&bucket=900,seamless&features=enableEVPlayer,enableOverrideSpaceId,contentFeedbackEnabled,enableAdFeedbackV2,enableInArticleAd,enableOpinionLabel,enableSingleSlotting,enableVideoDocking,outStream,showCommentsIconWithDynamicCount,enableCommentsCountInViewCommentsCta,enableRRAdsSlots,enableRRAdsSlotsWithJAC,newsModal,enableViewCommentsCTA,enableXrayInline,enableXrayMovieEntities,enableXrayNcp,enableXrayPeopleEntities,enableXrayTopicEntities,showCommentsIconInShareSec,enableAdSlotsNewMap,enableGAMAds,enableGAMAdsOnLoad,enableFinancePremiumTicker,enableAdLiteUpSellFeedback&rid=fssMH6Pv

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

48723c58d2524d7d5c47c2ddcab4a44ca757a689c5faaf90d37dfbbdfc808b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: PerDi_Wsb92imKGhuj8UBCA1ktUfOJ5Uwyn9CIWMBwnbsOiFfLHUOg==
expires: -1

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
300 B 54ms
10ms Image
image/gif 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=7241469&c5=2023538075&c7=https%3A%2F%2Fwww.yahoo.com%2F&c14=-1&c8=Yahoo%20%7C%20Mail%2C%20Weather%2C%20Search%2C%20Politics%2C%20News%2C%20Finance%2C%20Sports%20%26%20Videos&c9=&gdpr=0&gdpr_consent=&cs_ucfr=0&ns_c=UTF-8&ns__t=1705073297206
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
via: 1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: WuZ-lurO9W8rMozFIDUrpyfdK4PEHgKaBpzU1i6zfIBOIipw1N95jQ==

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 105ms
104ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 153ms
103ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://yahoo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 12 Jan 2024 15:28:17 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 reporting-observer
yahoo.com/_td_api/beacon/ 596 KB
596 KB 667ms
666ms Image
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/_td_api/beacon/reporting-observer?meta=%7B%22sourceFile%22%3Anull%2C%22lineNumber%22%3Anull%2C%22columnNumber%22%3Anull%2C%22id%22%3A%22ExpectCTHeader%22%2C%22message%22%3A%22The%20%60Expect-CT%60%20header%20is%20deprecated%20and%20will%20be%20removed.%20Chrome%20requires%20Certificate%20Transparency%20for%20all%20publicly%20trusted%20certificates%20issued%20after%20April%2030%2C%202018.%22%2C%22anticipatedRemoval%22%3Anull%7D&src=deprecation&_rdn=297230&apptype=default&rid=fssMH6Pv&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0&site=fp&connection=%7B%22downlink%22%3A9.6%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&hasWf=true&hasWfR=true

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: BCpDklTTR7XdhYtYae_k4egVJjvgIP2cYju1DP17wyGLlybU0dSEfg==
expires: -1

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 69ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=fkfmSIxFYtKlhnaW,0.9676599381415276&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%03sB0GvLfgRqZ57mUE%04_w%03yahoo.com%2F%3F%04_rid%03fssMH6Pv%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_utm%03%7B%22vp_fetch_duration%22%3A19.400001525878906%2C%22vp_fetch_end_time%22%3A4286.900001525879%2C%22vp_fetch_start%22%3A4267.5%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705073297%04_ms%03250%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 evplayer.css
s.yimg.com/rx/ev/builds/1.2.13/ 3 KB
2 KB 17ms
17ms Stylesheet
text/css 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.css

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

623e67256353332b24a2074d8816abd4362594a04aa07cfebfc346a190bc710d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 12:23:43 GMT
x-amz-version-id: eycvYh3Dhm2XCHk7EjGA61SoEfHxuEVg
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BZT069S20MV25PCD
age: 183875
x-amz-server-side-encryption: AES256
content-length: 1571
x-amz-id-2: oIpdoc+FIi3ngXrmjEs6I94VkWfQoRqoX7vSIgUDOJ37wIdd+ob/5EIEf4VncPU8xRPtAR+9oGU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jan 2024 01:39:09 GMT
server: ATS
etag: "b6ecf40386a94dcf6f104b00d7c7f814-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=536112000
accept-ranges: bytes

GET
H2 200 comscore-6.3.5-min.js Show response
s.yimg.com/rx/ev/lib/ 156 KB
43 KB 15ms
15ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/lib/comscore-6.3.5-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

4fa81a2babd7ac6c723e36071474fdd0f043616d012053410a6afaec2d96513b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 31 Dec 2023 21:56:03 GMT
x-amz-version-id: .TVKYLW2EUyd_rP7dLtapLjw7X6rARlN
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9HETR87Q8V9XZGN4
age: 1013535
x-amz-server-side-encryption: AES256
content-length: 43408
x-amz-id-2: Fi5qCif2Cgthbe6g5b5EYZIuE3ek9OOBVdLZmTWnP/ywH9YVwC/XDClBEMZ1ZuaeUtd7yJ+Emj4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Oct 2023 19:33:03 GMT
server: ATS
etag: "d4437107af61d80fd90f57a0808fa483-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=536112000
accept-ranges: bytes

GET
H2 204 i.gif
v-aygcg5qee5.wc.yahoodns.net/ 0
212 B 141ms
38ms Image
text/plain 2a00:1288:f032:1fa::1000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v-aygcg5qee5.wc.yahoodns.net/i.gif

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f032:1fa::1000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 i.gif
v-bul65jas6h.wc.yahoodns.net/ 0
212 B 752ms
234ms Image
text/plain 200.152.165.201
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v-bul65jas6h.wc.yahoodns.net/i.gif

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

200.152.165.201 Rio de Janeiro, Brazil, ASN10310 (YAHOO-1, US),

Reverse DNS

e2.ycpi.brd.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
v-c9n6fcob9a.wc.yahoodns.net/ 42 B
503 B 131ms
40ms Image
image/gif 2a00:1288:f037:1fa::1001
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v-c9n6fcob9a.wc.yahoodns.net/pixel.gif

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f037:1fa::1001 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:08:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 7AFS2H3KF814H3J5
age: 58760
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: 40PBzK2bfTJFgtkKDydYVS6kabJs7ALtQEbnWRJla9MiJQQLPXKEIqfIK4ysWIKWEeVge0Jn9suTdrbFP/vUJw==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2019 22:49:30 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pixel.gif
dns-2mx9qn46p.sombrero.yahoo.net/ 42 B
277 B 22ms
14ms Image
image/gif 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dns-2mx9qn46p.sombrero.yahoo.net/pixel.gif

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 05:49:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4A0AED68TAS14ZBR
age: 34722
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: 0IT8srJV25iLp3tPAbbYgrVnF1F3IOoPHkB5Ap3Qj+f/rsbTMAM/eb56lKMhLoOzqM4P4u6M5xA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2019 22:49:30 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pixel.gif
cerebro.edna.yahoo.net/noquery/ 42 B
551 B 256ms
15ms Image
image/gif 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cerebro.edna.yahoo.net/noquery/pixel.gif?rand=ym32czdh

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:24:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: GA6HEXHRS6JK8R0H
age: 72227
x-amz-server-side-encryption: AES256
content-length: 42
x-amz-id-2: lq8C3gqJ2L4Qec15Ren1lyPmFbPJXuKm2HGqCRKmenPL5CTVXdOIXBeUsnU5W4kYRiAEypP6zj/qZUlcdnJ0wA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Apr 2019 22:55:47 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 45ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=Od9vC3NBizh1vI5j,0.5387073930204946&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%03sB0GvLfgRqZ57mUE%04_w%03yahoo.com%2F%3F%04_rid%03fssMH6Pv%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_utm%03%7B%22perf_ttfb%22%3A3329%2C%22perf_ttfb_rating%22%3A%22poor%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705073297%04_ms%03284%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
bats.video.yahoo.com/ 0
0 462ms
245ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=p_init&t=0.6522298801770938&_sqno=0&ts=0&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=0&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=0x0&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=&view=&continuousPlay=0&loop=0&videoRecommendations=0&ff_ad=1&percentViewable=NaN
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 p
geo.yahoo.com/ 43 B
96 B 46ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=4AxzeC0WIYGCLWmG,0.16900785294022946&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%03sB0GvLfgRqZ57mUE%04_w%03yahoo.com%2F%3F%04_rid%03fssMH6Pv%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_utm%03%7B%22perf_fcp%22%3A3940%2C%22perf_fcp_rating%22%3A%22poor%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705073297%04_ms%03294%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 pframe.html Show response
s.yimg.com/rx/ev/builds/1.2.13/ Frame C7D1 539 B
805 B 15ms
15ms Document
text/html 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9ca89731319743aabedc04e5fd134edb79ef0b3e761587958acbd9ba21d0093b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 339012
ats-carp-promotion: 1 1
cache-control: public,max-age=536112000
content-length: 539
content-type: text/html
date: Mon, 08 Jan 2024 17:18:06 GMT
etag: "2aa7ef0b22f0b66cafbdaacff599771d"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Fri, 05 Jan 2024 01:39:09 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=31536000
vary: Origin
x-amz-id-2: s60rjutyfdO91oBbj75EVI3119l3LXfOyxvusgpbgNsKcFt8YVratlt8VVm7+vt1rrtkm9mtvh8=
x-amz-request-id: RB67FMB7DDHSTVR3
x-amz-server-side-encryption: AES256
x-amz-version-id: saY4PkX_G9cceFA6cvelIqF_ZLwewVRV
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ucreative.php
hb.yahoo.net/ 0
2 KB 22ms
21ms Other
application/javascript 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ucreative.php?cv=1

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Fri, 12 Jan 2024 15:28:17 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
content-length: 2184
x-mnet-hl2: E
expires: Wed, 17 Jan 2024 15:28:17 GMT

GET
H2 200 player.js
hb.yahoo.net/ss/nes/ 0
73 KB 49ms
48ms Other
text/javascript 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ss/nes/player.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: max-age=604800
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Fri, 12 Jan 2024 15:28:17 GMT
etag: 11467617463532958274
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Fri, 12 Jan 2024 15:58:17 GMT

GET
H2 200 pframe.js Show response
s.yimg.com/rx/ev/builds/1.2.13/ Frame C7D1 147 KB
38 KB 14ms
14ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a8cfff8b46b24821491229f762c3c57f19868b2eb2835f385a0823cb721c9a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 08 Jan 2024 17:18:07 GMT
x-amz-version-id: 36PyvdRSP6W0sG3v2UAvTAm0pLbDoGR1
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QQCF0RXY5JQ9HFXZ
age: 339011
x-amz-server-side-encryption: AES256
content-length: 39073
x-amz-id-2: wA4nKoDTczal1d7zc7F8uiY4q0zgm5PsaQYRN5eUOfuoWIAEJJLDwDOIYEv+E5Dgwd6m9Aw+GAt2iof1UKTJHw==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jan 2024 01:39:09 GMT
server: ATS
etag: "be815fa2679ead4584c12f36f1295532-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=536112000
accept-ranges: bytes

GET
H2 200 dfs Show response
hb.yahoo.net/ss/nes/ 8 KB
2 KB 35ms
33ms Script
text/javascript 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ss/nes/dfs?itype=YHB&type=1&cid=8YHBJ3BJ0&dn=yahoo.com&cc=DE&ugd=desktop&callback=window.advBidxc.pf_rtd&algo=exploitation

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

0a7ed97355cd7c9cfe72e0a72814e50496d62c17ea5ae605bce42f6804850623

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800, max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
content-encoding: gzip
strict-transport-security: max-age=604800, max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 2040
expires: Fri, 12 Jan 2024 15:28:17 GMT

GET
H2 200 tcb.js Show response
hb.yahoo.net/ 50 B
237 B 18ms
18ms Script
text/javascript 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/tcb.js?&cb=window.advBidxc.multiBidTemplatefetch&v=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5448674d9c501af62f8516de42d5efff4b6f25b02f7e081c924dc290efdc7d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 12 Jan 2024 15:28:17 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
content-length: 50
expires: Sun, 14 Jan 2024 15:28:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 118ms
73ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e73abb199873f4a0ab0e9283d242341880f772323014f024b2383d33bae70881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29325
x-xss-protection: 0
server: cafe
etag: 384 / 19734 / 31080239 / config-hash: 9168911636527851926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:17 GMT

GET
H2 200 voiceSearch1x-1620383531565.min.png
s.yimg.com/pv/static/img/ 3 KB
3 KB 15ms
15ms Image
image/png 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/voiceSearch1x-1620383531565.min.png

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1a166ebd6c8872d71efcefb4765db513014b732e1886525c5f2d5ded87071451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 27 Dec 2023 00:03:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9ZSY8VMWDEM2BGTD
age: 1437899
x-amz-server-side-encryption: AES256
content-length: 2986
x-amz-id-2: SsLri/azHePo6xONU9gAIZI0VTKZ5d8uXMwe0RJCsvsjngpwWJyTfRjdKhAUWuOsyZ2BYdj4B/OxmhFHXad3k6ARcrpiML1sEAyVHf4w9cM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 May 2021 10:32:24 GMT
server: ATS
etag: "c2396079060a7028fa898a73b72aa592"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: public,max-age=315360000
accept-ranges: bytes

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
276 B 66ms
46ms XHR
text/plain 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=2023538075&yhlCT=2&yhlBTMS=1705073297550&yhlClientVer=3.53.38&yhlRnd=xv1djlm4SMdm9kJI&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
expires: -1

GET
H2 200 __rapid-worker-1.2.js
yahoo.com/ 1 MB
224 KB 689ms
688ms Other
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/__rapid-worker-1.2.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

48723c58d2524d7d5c47c2ddcab4a44ca757a689c5faaf90d37dfbbdfc808b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: qy_oCp_HaU_EYAqMAanTllVxhwTyRmEmiU1SsyFDJnIH4SVpw0_LGQ==
expires: -1

GET
H2 206 voice-start-202105050733.wav
s.yimg.com/pv/static/misc/ 185 KB
185 KB 26ms
24ms Media
binary/octet-stream 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-start-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

75799b61c8d93b46365ae3a603ef508acee921adbf2abf4ada583fc4e0e4bb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1, 1
date: Mon, 13 Nov 2023 16:02:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 262A3E76ABM614K8
age: 5181969
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-189159/189160
Content-Length: 189160
x-amz-id-2: IFqDCNkXzQVeyA/8IHOXrgztm2/KqATc3+HW7y0eXZKPIJHCFls4Zeic9DuOwe8qXonBmZ7v1Ok=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:16 GMT
server: ATS
etag: "8abfe6dfa7b0d9a5a4b7268155054740"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:14 GMT

GET
H2 206 voice-result-202105050733.wav
s.yimg.com/pv/static/misc/ 78 KB
79 KB 28ms
26ms Media
binary/octet-stream 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-result-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63678162cb830afba8013a29be9148c72c3dd90561f1b0e7a3cdfbfd883912d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1, 1
date: Sun, 12 Nov 2023 20:23:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ANFCCAS204DPJGXG
age: 5252701
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-80335/80336
Content-Length: 80336
x-amz-id-2: IHfx7K8kU0k/8RgBdzkPOYfnwryTiDWA2peWN5uDjz5ce9bgt54ZOj1ngyyKC9tdHZWvvB4NJ8c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:25 GMT
server: ATS
etag: "f536e8f265fbbd76a5f7b9fc0ea0ad69"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:23 GMT

GET
H2 206 voice-error-202105050733.wav
s.yimg.com/pv/static/misc/ 83 KB
84 KB 29ms
28ms Media
binary/octet-stream 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-error-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

86145e56e9b4bd3a42e3ddf6b7cb6bc8e9372891aa5bae35ea0f3facda3c99aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 16:40:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: DM6RK09DK0EVSJPS
age: 168475
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-85335/85336
Content-Length: 85336
x-amz-id-2: Xj+6w4pe/+wKR15B/CuwSKBv3AoQN6uZfezsikEtjY4N8iAvpzN8G+Rh9iW0wBvrp11BeecJNUU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:41 GMT
server: ATS
etag: "f35ad0c20d2f7e02b99e4866a98989d1"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:40 GMT

GET
H2 206 voice-close-202105050733.wav
s.yimg.com/pv/static/misc/ 146 KB
146 KB 45ms
44ms Media
binary/octet-stream 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/pv/static/misc/voice-close-202105050733.wav

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0598e13041b04bd01dc5e5849abebac0e253bbac3ec6bdc71ca62b84100717f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1, 1
date: Sat, 11 Nov 2023 10:01:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 0TZKZ0FGTJ3EP01M
age: 5376399
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-149335/149336
Content-Length: 149336
x-amz-id-2: UonmJSzJ5W+wO5CVO6ShDW2iSm+I0UJKnlYf2zIYpU8IXJiep7eejLbvXkqPtQKbE8gj+stJ4zpDVWEiLI3GRA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 May 2021 07:33:34 GMT
server: ATS
etag: "8f1c7f5187e8e78fdb31a5e6c688e803"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: binary/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
expires: Mon, 05 May 2031 07:33:32 GMT

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
46 B 86ms
85ms XHR
text/plain 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=2023538075&yhlCT=2&yhlBTMS=1705073297574&yhlClientVer=3.53.38&yhlRnd=hO5MWjRbVFGvzwpN&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
expires: -1

GET
H2 404 px.gif
www.yahoo.com/ 0
0 78ms
48ms Image
text/html 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=1&rn=8.39333285063016
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 404 px.gif
www.yahoo.com/ 0
0 79ms
49ms Image
text/html 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yahoo.com/px.gif?ch=2&rn=8.39333285063016
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 p
bats.video.yahoo.com/ 0
0 147ms
146ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=v_request&t=0.22019693401882035&_sqno=0&ts=0&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=&view=
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 243b335e-ef0e-3809-aa36-040a2eb6f03b Show response
video-api.yql.yahoo.com/v1/video/sapi/streams/ 271 B
690 B 253ms
222ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://video-api.yql.yahoo.com/v1/video/sapi/streams/243b335e-ef0e-3809-aa36-040a2eb6f03b?srid=2500100827&protocol=http&format=m3u8%2Cmp4%2Cwebm&rt=html&devtype=desktop&offnetwork=false&plid=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&region=US&site=frontpage&expb=900%2Cseamless&expn=advstrmvideo&bckt=Treatment_Oath_Player&lang=en-US&width=401&height=226&resize=true&ps=yvsiflja&autoplay=false&image_sizes=&excludePS=true&isDockable=0&acctid=&synd=&pspid=2023538075&plidl=&topic=&pver=1.2.13&try=1&failover_count=0&ads=ima&nad=0&aver=5.1.1&ad.pl=up&ad.pd=&ad.pt=home&ad.pct=&evp=bcp&hlspre=false&ad.plseq=1&pblob=lu%3A0%3Bpt%3Ahome%3Bver%3Amegastrm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

d4c7500eba2238f458a2197893270214cb2b9582edcad28d84fb711a95d24ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 0
x-envoy-upstream-service-time: 174
content-length: 271
x-yahoo-request-id: 3b1n8v1iq2mkh
x-request-id: a21f674c-5868-46eb-a33e-9304c6cad0e7
x-xss-protection: 1; mode=block
ps: yvsiflja
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://yahoo.com
access-control-expose-headers: Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Content-Length, SKT
cache-control: private
access-control-allow-credentials: true
y-rid: 3b1n8v1iq2mkh
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 436 KB
137 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 09:31:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21425
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140053
x-xss-protection: 0
server: cafe
etag: 1469350900164882112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 11 Jan 2025 09:31:12 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 56ms
56ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705073297711&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fssMH6Pv&pd=unknown&pt=home&A_utm=%7B%22GAM_READY_TIME%22%3A4825%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 hbc Show response
hb.yahoo.net/ss/nes/ 67 B
295 B 15ms
13ms Script
text/javascript 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/ss/nes/hbc?callback=window.advBidxc.cobrandConfig&cobrand=none

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

36eeae28af31fe42af6c3c03695665d8b0415a3d9f460c40c06bfa01d2c9ff60

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800, max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: max-age=604800
date: Fri, 12 Jan 2024 15:28:17 GMT
content-encoding: gzip
strict-transport-security: max-age=604800, max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800, post-check=1800
content-length: 91
expires: Fri, 12 Jan 2024 15:58:17 GMT

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 60ms
20ms Image
image/gif 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=belog&itype=YHB&tElp=351&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yin-67fb494447-cshcc&svr=264_93_103_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705073297422029970147846099&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&name=ADS_DISABLED&stack=1&lvl=3&crid=&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 12 Jan 2024 15:28:17 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 136 KB
40 KB 361ms
361ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=416983908018843&correlator=3236223981218670&eid=31080239%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=22888152279%2Cus%2Cyhp%2Cmain%2Cdt%2Cus_yhp_main_dt_top_right%2Cus_yhp_main_dt_as_mid_right_a%2Cus_yhp_main_dt_top_center%2Cus_yhp_main_dt_as_mid_right_b%2Cus_yhp_main_dt_as_mid_right_c&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8%2C%2F0%2F1%2F2%2F3%2F4%2F9&prev_iu_szs=300x250%7C300x600%2C300x250%2C970x250%7C3x1%7C728x90%2C300x250%2C300x600%7C300x250&ifi=1&sfv=1-0-40&fsfs=1%2C1%2C1%2C1%2C1&fsbs=1%2C1%2C1%2C1%2C1&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1705073297794&adxs=1132%2C1132%2C315%2C1132%2C-9&adys=1012%2C2037%2C129%2C2057%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&tos=~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fyahoo.com%2F%3F&vis=1&psz=300x2323%7C300x600%7C1600x110%7C300x600%7C0x-1&msz=300x600%7C300x250%7C1600x110%7C300x0%7C0x-1&fws=4%2C4%2C4%2C4%2C2&ohw=1600%2C300%2C1600%2C300%2C0&ga_vid=192911338.1705073298&ga_sid=1705073298&ga_hid=1020561707&ga_fc=false&dlt=1705073296218&idt=1482&prev_scp=loc%3Dtop_right%7Cloc%3Dmid_right_a%7Cloc%3Dtop_center%7Cloc%3Dmid_right_b%7Cloc%3Dmid_right_c%26noads%3D1&cust_params=bucket%3D900%252Cseamless%26cobrand%3Dnone%26colo%3Dgq1%26device%3Ddesktop%26lang%3Den-US%26lu%3D0%26region%3DUS%26site%3Dfp%26ver%3Dmegastrm%26pt%3Dhome%26spaceid%3D2023538075%26yrid%3DfssMH6Pv%26y_bx%3D1%26y_ldp%3D1&adks=1481106528%2C3064630007%2C3690920304%2C3845938001%2C1006816889&frm=20

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53e53aced35cbf18496eb17194bcad9689d54f514d0f5d106142f40b6f42c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40900
x-xss-protection: 0
google-lineitem-id: 6273031801,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460815924,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://yahoo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB8D 6 KB
3 KB 73ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 44ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=pE8VZg1SiyTluZWG,0.7842161720086394&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBJFaoWUCEOezRvDK7fhTsc_ggEHPncYFEgABAf-eomWqZeANyiMAAAAAgA%26S%3DAQAAAq2V-wF2I4JKQ4KaZmMgKlw%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%03sB0GvLfgRqZ57mUE%04_w%03yahoo.com%2F%3F%04_rid%03fssMH6Pv%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04ns_ready%03%04dcl_ready%03%04_E%03saready%04_ts%031705073297%04_ms%03830%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 p.gif
yahoo.com/ 144 KB
144 KB 422ms
422ms Image
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/p.gif?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A1%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fctrl%3DWeatherPreviewRefresh%26lang%3Den-US%26m_id%3Dreact-wafer-weather%26m_mode%3Djson%26region%3DUS%26rid%3DfssMH6Pv%26site%3Dfp%26apptype%3Ddefault%26instance_id%3Dweather%26_evtSrc%3DdeferLoad%22%7D&stack=Error:%20Malformed%20response%20%20%20%20at%20https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js:1:9897&connection=%7B%22downlink%22%3A9.6%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&apptype=default&rid=fssMH6Pv&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: 6Iz8zMfceCpe2avr7_n8Qtes2W8BxSQy_evbee-dT8EjMxJ08bJOVQ==
expires: -1

GET
H2 200 p.gif
yahoo.com/ 203 KB
203 KB 420ms
419ms Image
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/p.gif?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A1%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fctrl%3DScoresRefresh%26lang%3Den-US%26m_id%3Dreact-wafer-scores%26m_mode%3Djson%26region%3DUS%26rid%3DfssMH6Pv%26site%3Dfp%26apptype%3Ddefault%26instance_id%3Dscores%26_evtSrc%3DdeferLoad%22%7D&stack=Error:%20Malformed%20response%20%20%20%20at%20https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js:1:9897&connection=%7B%22downlink%22%3A9.6%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&apptype=default&rid=fssMH6Pv&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: BUXVSnRRRR3AKE5sgPkkoUeWizSOszLvyV-S1H2s_e3WiY3fwljNOg==
expires: -1

GET
H2 200 p.gif
yahoo.com/ 796 KB
796 KB 419ms
418ms Image
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yahoo.com/p.gif?err=WaferFetch&beaconType=wafer_err&info=%7B%22message%22%3A%22Malformed%20response%22%2C%22retryCount%22%3A1%2C%22targetElem%22%3A%7B%7D%2C%22url%22%3A%22/fp_ms/_rcv/remote%3Fctrl%3DHoroscopeGridRefresh%26lang%3Den-US%26m_id%3Dreact-wafer-horoscope%26m_mode%3Djson%26region%3DUS%26rid%3DfssMH6Pv%26site%3Dfp%26apptype%3Ddefault%26instance_id%3Dhoroscope%26_evtSrc%3DdeferLoad%22%7D&stack=Error:%20Malformed%20response%20%20%20%20at%20https://s.yimg.com/aaq/wf/wf-core-1.65.0-modern.js:1:9897&connection=%7B%22downlink%22%3A9.6%2C%22downlinkMax%22%3A%22%22%2C%22effectiveType%22%3A%224g%22%2C%22rtt%22%3A%22%22%2C%22saveData%22%3A%22%22%2C%22type%22%3A%22%22%7D&apptype=default&rid=fssMH6Pv&bucket=900%2Cseamless&device=desktop&osName=mac%20os%20x&browserName=chrome&browserVersion=104.0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: SEA73-P2
age: 82
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 229322
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, max-age=0, private
x-amz-cf-id: 6pa3y33ojhMTux59xdjB0Lz27Jd8kEvWUxQ3k9Wuf7h5mJG-LsHYFw==
expires: -1

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/6415665815001/8tDK7OitG_default/ Frame C7D1 1 MB
303 KB 65ms
10ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/6415665815001/8tDK7OitG_default/index.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1b69126902be4d29d6506312471c95a2ce1a7fe10d409b5b90ac913e6e1d73a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: P9i.IE63EnENK2WRr9nBqmhI4U_gxlid
Content-Encoding: gzip
Date: Fri, 12 Jan 2024 15:28:17 GMT
x-amz-request-id: DDX245WHCF71232F
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 309433
x-amz-id-2: sTiO6pQz7kw0C3Wr6rD/T+bwMLyVSob0O735M920znGC8qag91bSDh1v00rtKbWf4au1dgmHy0Q=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-eddf8230088-FRA
Last-Modified: Tue, 05 Dec 2023 21:45:04 GMT
Server: AmazonS3
X-Timer: S1701969482.728949,VS0,VE904
ETag: "f52cf74df8aed9a1fdea56eb493f4f06"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=55
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 bcplayer.css
s.yimg.com/rx/ev/builds/1.2.13/ Frame C7D1 18 KB
6 KB 19ms
17ms Stylesheet
text/css 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rx/ev/builds/1.2.13/bcplayer.css

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

7593240bc1e57ebc09a1a550d91c67481784b8de8e9208ba96a6b38a0251a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 08 Jan 2024 17:18:09 GMT
x-amz-version-id: .ZT.lmwJNruFK1KeSEBUuCore3_KiGig
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 4S9ZNV527H1MT6PE
age: 339010
x-amz-server-side-encryption: AES256
content-length: 6285
x-amz-id-2: TOAhw0bWe9kriVmZaL6B/yrDPdvEhYSdyY7cFH4LO5NlW0dYz5Q4cvBulG2rhqXxTu3X2GO7zGs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jan 2024 01:39:09 GMT
server: ATS
etag: "b28b3924c41f1841c568a81dedc9c0d5-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public,max-age=536112000
accept-ranges: bytes

GET
H/1.1 200
OK videojs-bc-playlist-ui.css
players.brightcove.net/videojs-bc-playlist-ui/5.1.1/ Frame C7D1 8 KB
3 KB 64ms
9ms Stylesheet
text/css 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-bc-playlist-ui/5.1.1/videojs-bc-playlist-ui.css
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3475e4684f17b66b538a727fcc9a92a40eaa4b23a314aed8093752dce944a41c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: IMrwufBK2uLPc2XlF_9cd2uqaBzgQ8ej
Content-Encoding: gzip
Date: Fri, 12 Jan 2024 15:28:17 GMT
x-amz-request-id: 4B1Z7FA0WJWTM5MV
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1895
x-amz-id-2: cgeJ6751lmxaF7GaTOSeWfAHCh+9RQzMsa8Wy9KwldG/7wV3cpM7NaxQnCWHMBoIuimsZ298tsg=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220094-FRA
Last-Modified: Tue, 14 Nov 2023 21:11:44 GMT
Server: AmazonS3
X-Timer: S1701278361.777648,VS0,VE422
ETag: "72532ae716008fcd89700b170128d1b7"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=34
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK videojs-bc-playlist-ui.min.js Show response
players.brightcove.net/videojs-bc-playlist-ui/5.1.1/ Frame C7D1 25 KB
8 KB 74ms
19ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-bc-playlist-ui/5.1.1/videojs-bc-playlist-ui.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a11ea647f95a0f0afed52714b759929c5c8cbfd789a4f1b6b55d7d75a46433e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: TWTaGVoMkeKvwlZj_SUH5GItBEJKD4_C
Content-Encoding: gzip
Date: Fri, 12 Jan 2024 15:28:17 GMT
x-amz-request-id: 50C8W0G6ZFF4GHD2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 7387
x-amz-id-2: qHXVLc/cygcmuYCVabQiCKBMol7DImwpBs+J9CM0RJXxW+pamffi11phr6UhRdyDExL9NaU+oCR1o53iwaJGhEZTwKqN52OphBnaGHFvCAU=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-eddf8230090-FRA
Last-Modified: Tue, 14 Nov 2023 21:11:44 GMT
Server: AmazonS3
X-Timer: S1701278349.377555,VS0,VE494
ETag: "c167cc2c7c7ec850a0a7092688ff129d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=42
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK videojs-overlay.css
players.brightcove.net/videojs-overlay/3.0.0/ Frame C7D1 993 B
1023 B 61ms
7ms Stylesheet
text/css 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-overlay/3.0.0/videojs-overlay.css
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b3395510d2bef53e87b963da4321117796e85faefd7edc25b9eecbe203248177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: Vnz.rHwG9UspmRWPV3EwO_Xfxi3T65DZ
Content-Encoding: gzip
Date: Fri, 12 Jan 2024 15:28:17 GMT
x-amz-request-id: S27QGTMAFYDTVD73
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 316
x-amz-id-2: ZYNrLH3kT7rNXBuPKRiw8ZzQ8OHZQei+LDeWRN00Ed+0T2R6sgKteT3n+mQIXloCWraSPIrJs20=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220039-FRA
Last-Modified: Fri, 16 Dec 2022 19:15:31 GMT
Server: AmazonS3
X-Timer: S1692202803.958312,VS0,VE1
ETag: "b45bc946a2261e63dcdfc3faca752ff3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=83
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK videojs-overlay.min.js Show response
players.brightcove.net/videojs-overlay/3.0.0/ Frame C7D1 4 KB
2 KB 74ms
19ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-overlay/3.0.0/videojs-overlay.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e1897197c32be441c5c75426c1df80241eafceb7b8a3027cd40a148a809870ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: mqhErnWRj12JjZ2wiGk38OF9o59uFZ.i
Content-Encoding: gzip
Date: Fri, 12 Jan 2024 15:28:17 GMT
x-amz-request-id: RAQ82FYQ1GMXJ8FT
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1682
x-amz-id-2: ysJpHjSKMWjur0w1NcHOxhgfeFQqPqnARnHCO5TLnwbw3HVIeVpdQco0647VjfJJoWbsGyqtsTE=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220068-FRA
Last-Modified: Fri, 16 Dec 2022 19:15:31 GMT
Server: AmazonS3
X-Timer: S1687941255.392074,VS0,VE1
ETag: "cd0ad2d50a7e4a574b8d749f22e2ffb1"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=39
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK videojs-ima3.css
players.brightcove.net/videojs-ima3/5.1.1/ Frame C7D1 4 KB
2 KB 61ms
7ms Stylesheet
text/css 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-ima3/5.1.1/videojs-ima3.css
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5ec914f3ecabd8480fed9df3ea1b4a3b4c06b9cab1a86c9dc0e82e5b1d3e1d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: Zg.2vajbVTIvi6.F6nGiD1c7RIgflPlZ
Content-Encoding: gzip
Date: Fri, 12 Jan 2024 15:28:17 GMT
x-amz-request-id: 7Q46QY3RQX4B0PRF
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 934
x-amz-id-2: AQb8FabC3afgNQL4kv94n8HI/X0vAcqhUoy79d1hsKe6hKmhoqe2iUUZsQx4poM/ix2TtkR1its=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220115-FRA
Last-Modified: Thu, 20 Jul 2023 13:40:45 GMT
Server: AmazonS3
X-Timer: S1690305496.315688,VS0,VE1
ETag: "adb4f1aa4ce48dda9b9d5a73be75bdb6"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=57
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK videojs-ima3.min.js Show response
players.brightcove.net/videojs-ima3/5.1.1/ Frame C7D1 72 KB
21 KB 13ms
13ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/videojs-ima3/5.1.1/videojs-ima3.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b39773b31bd6055e7913146773b90be87f11b993b51f86ad5c408df4d79d1ed4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: HIHVvovF0OzA1H_JkXYASiGeft_YhO9k
Content-Encoding: gzip
Date: Fri, 12 Jan 2024 15:28:17 GMT
x-amz-request-id: 7Q4E5PE98WRTQNGD
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 20450
x-amz-id-2: nDRTNWJhZW8oAv4IzW8zwF5C6BuefH2iKPIL+rGq0YU1qTvtHdligzxZsmZ9oAbf8tYMHUqLMCo=
X-BCOV-Response-Mode: 1
X-Served-By: cache-fra-etou8220084-FRA
Last-Modified: Thu, 20 Jul 2023 13:40:45 GMT
Server: AmazonS3
X-Timer: S1690305496.349568,VS0,VE5
ETag: "e5e3368fd59e7d68f90ae518254e630d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33
Accept-Ranges: bytes
X-Cache-Hits: 1

POST
H2 999 error
yahoo.com/_td_api/beacon/ 16 B
46 B 1950ms
1949ms Ping
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

https://yahoo.com/_td_api/beacon/error?beaconSrc=HomepagePWA&bucket=900,seamless&eventName=svcWkrRegError&message=SecurityError:%20Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https://yahoo.com/%27)%20with%20script%20(%27https://yahoo.com/service-worker.js%27):%20The%20script%20has%20an%20unsupported%20MIME%20type%20(%27text/html%27).&rid=fssMH6Pv

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/hc/homepage-pwa-defer-1.1.6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

805a6388e192758244bc457af625d56ad46bdf224e4886502fce4cb169b6c941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

POST
H2 999 error
yahoo.com/_td_api/beacon/ 16 B
46 B 1951ms
1951ms Ping
text/html 2001:4998:24:120d::1:0
YAHOO-GQ1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/hc/homepage-pwa-defer-1.1.6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:24:120d::1:0 Quincy, United States, ASN36647 (YAHOO-GQ1, US),

Reverse DNS

Software

ATS /

Resource Hash

805a6388e192758244bc457af625d56ad46bdf224e4886502fce4cb169b6c941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/html
cache-control: no-store
content-length: 16
x-xss-protection: 1; mode=block

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 43ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=CTbKlfLviSHNkpUP,0.4066057798324245&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBJFaoWUCEOezRvDK7fhTsc_ggEHPncYFEgABAf-eomWqZeANyiMAAAAAgA%26S%3DAQAAAq2V-wF2I4JKQ4KaZmMgKlw%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%03sB0GvLfgRqZ57mUE%04_w%03yahoo.com%2F%3F%04_rid%03fssMH6Pv%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_pfb%033329%04A_pbp%03700%04A_psr%03877%04A_pdi%034250%04A_psh%03176%04A_psc%03349%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705073297%04_ms%03958%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:17 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
DATA 200
OK truncated
/ Frame C7D1 5 KB
5 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e

Request headers

Referer
Origin: https://s.yimg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 tracker
metrics.brightcove.com/v2/ Frame C7D1 35 B
295 B 78ms
24ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 12 Jan 2024 15:28:18 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C7D1 375 KB
129 KB 68ms
29ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/videojs-ima3/5.1.1/videojs-ima3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efaf4ad41f657cd1dc07408a59160cafa496db36c8ed259bff15ab87d80643d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131541
x-xss-protection: 0
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ Frame C7D1 35 B
88 B 22ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=3d301221d9c0d666a27a368c&account=6415665815001&destination=https%3A%2F%2Fyahoo.com%2F%3F&platform_version=7.14.0&player=players.brightcove.com%2F6415665815001%2F8tDK7OitG_default&player_name=EVPlayer%3A1.2&autoplay=false&ads_enabled=true&usage=thumbnails!2.0.0&usage=qualityLevels!3.0.0&usage=qualityMenu!3.0.0&usage=bc-used-as-getter&usage=bcPlaylistUi!5.1.1&usage=ads!7.3.2&usage=contribAds6Shim!&usage=ima3!5.1.1&usage=inpage-embed&event=player_load&time=1705073298301&qos.events.content.volumechange=1705073298245&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=19300000&qos.performance.memory.totalJSHeapSize=29400000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1705073297578&qos.performance.timing.loadEventStart=1705073297578&qos.performance.timing.domComplete=1705073297578&qos.performance.timing.domContentLoadedEventEnd=1705073297578&qos.performance.timing.domContentLoadedEventStart=1705073297578&qos.performance.timing.domInteractive=1705073297578&qos.performance.timing.domLoading=1705073297342&qos.performance.timing.responseEnd=1705073297325&qos.performance.timing.responseStart=1705073297325&qos.performance.timing.requestStart=1705073297310&qos.performance.timing.secureConnectionStart=0&qos.performance.timing.connectEnd=1705073297309&qos.performance.timing.connectStart=1705073297309&qos.performance.timing.domainLookupEnd=1705073297309&qos.performance.timing.domainLookupStart=1705073297309&qos.performance.timing.fetchStart=1705073297309&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1705073297309&qos.player.dimensions=%5B%5B1705073298301%2C%220x0%22%2C%22401x226%22%5D%5D&qos.player.pixelratio=%5B%5B1705073298301%2C1%5D%5D&qos.player.screendimensions=%5B%5B1705073298301%2C%221600x1200%22%5D%5D&seq=1

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 12 Jan 2024 15:28:18 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 W3sibiI6ImNvcmVkbnMiLCJtIjpbNDM5NSwwLDAsNDM5NSw0Mzk1LDQzOTUsNDM5NSw0Mzk1LDQzOTUsNDQwMy4wOTk5OTg0NzQxMjEsNDQxNy4xOTk5OTY5NDgyNDIsNDQxNy41OTk5OTg0NzQxMjFdLCJyIjowLCJzIjoxNzA1MDczMjk3MjgxLCJlIjoxNzA1M...
ybar-mcdn-report.wc.yahoodns.net/cs/ 0
212 B 250ms
64ms Image
text/plain 212.82.116.201
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-mcdn-report.wc.yahoodns.net/cs/W3sibiI6ImNvcmVkbnMiLCJtIjpbNDM5NSwwLDAsNDM5NSw0Mzk1LDQzOTUsNDM5NSw0Mzk1LDQzOTUsNDQwMy4wOTk5OTg0NzQxMjEsNDQxNy4xOTk5OTY5NDgyNDIsNDQxNy41OTk5OTg0NzQxMjFdLCJyIjowLCJzIjoxNzA1MDczMjk3MjgxLCJlIjoxNzA1MDczMjk3MzMxLCJxIjoiaW1hZ2UiLCJiIjoiMm14OXFuNDZwIn0seyJuIjoieWNzIiwibSI6WzQzOTUuMDk5OTk4NDc0MTIxLDAsMCw0Mzk1LjA5OTk5ODQ3NDEyMSw0NjA0LjUsNDYwNC41LDQ2MDQuNSw0NjE5LDQ2MzUuNDAwMDAxNTI1ODc5LDQ2MzYuNjk5OTk2OTQ4MjQyLDQ2NTEuNDAwMDAxNTI1ODc5LDQ2NTIuMTk5OTk2OTQ4MjQyXSwiciI6MCwicyI6MTcwNTA3MzI5NzI4MSwiZSI6MTcwNTA3MzI5NzU3OCwicSI6ImltYWdlIiwicCI6ImhvbWVwYWdlIiwiZCI6ImRlc2t0b3AiLCJsIjoiZW4tVVMiLCJiIjoieW0zMmN6ZGgifV0=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.116.201 Sofia, Bulgaria, ASN10310 (YAHOO-1, US),

Reverse DNS

e2.ycpi.bga.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 W3sibiI6InZwaXhpZWMiLCJtIjpbNDM5NC43OTk5OTU0MjIzNjMsMCwwLDQzOTQuNzk5OTk1NDIyMzYzLDQ0MDQuOTAwMDAxNTI1ODc5LDQ0MDQuOTAwMDAxNTI1ODc5LDQ0MDQuOTAwMDAxNTI1ODc5LDQ0NDMuNTk5OTk4NDc0MTIxLDQ0ODYuMTk5OTk2OTQ4M...
ybar-c9n6fcob9areport.wc.yahoodns.net/cs/ 0
212 B 334ms
108ms Image
text/plain 2001:4998:1c:805::2001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-c9n6fcob9areport.wc.yahoodns.net/cs/W3sibiI6InZwaXhpZWMiLCJtIjpbNDM5NC43OTk5OTU0MjIzNjMsMCwwLDQzOTQuNzk5OTk1NDIyMzYzLDQ0MDQuOTAwMDAxNTI1ODc5LDQ0MDQuOTAwMDAxNTI1ODc5LDQ0MDQuOTAwMDAxNTI1ODc5LDQ0NDMuNTk5OTk4NDc0MTIxLDQ0ODYuMTk5OTk2OTQ4MjQyLDQ0ODYuMjk5OTk1NDIyMzYzLDQ1MjYuNTk5OTk4NDc0MTIxLDQ1MjcuMDk5OTk4NDc0MTIxXSwiciI6MCwicyI6MTcwNTA3MzI5NzI4MSwiZSI6MTcwNTA3MzI5NzQ1OCwicSI6ImltYWdlIiwiYiI6ImM5bjZmY29iOWEifV0=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:805::2001 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 W3sibiI6InZwaXhpZWEiLCJtIjpbNDM5NC41OTk5OTg0NzQxMjEsMCwwLDQzOTQuNTk5OTk4NDc0MTIxLDQ0MTEuMjk5OTk1NDIyMzYzLDQ0MTEuMjk5OTk1NDIyMzYzLDQ0MTEuMjk5OTk1NDIyMzYzLDQ0NDguNjk5OTk2OTQ4MjQyLDQ0OTIuNSw0NDk2LjE5O...
ybar-aygcg5qee5report.wc.yahoodns.net/cs/ 0
212 B 131ms
41ms Image
text/plain 2a00:1288:f037:1fa::1000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-aygcg5qee5report.wc.yahoodns.net/cs/W3sibiI6InZwaXhpZWEiLCJtIjpbNDM5NC41OTk5OTg0NzQxMjEsMCwwLDQzOTQuNTk5OTk4NDc0MTIxLDQ0MTEuMjk5OTk1NDIyMzYzLDQ0MTEuMjk5OTk1NDIyMzYzLDQ0MTEuMjk5OTk1NDIyMzYzLDQ0NDguNjk5OTk2OTQ4MjQyLDQ0OTIuNSw0NDk2LjE5OTk5Njk0ODI0Miw0NTM1LjU5OTk5ODQ3NDEyMSw0NTM2LjA5OTk5ODQ3NDEyMV0sInIiOjAsInMiOjE3MDUwNzMyOTcyODEsImUiOjE3MDUwNzMyOTc0NTgsInEiOiJpbWFnZSIsImIiOiJheWdjZzVxZWU1In1d

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f037:1fa::1000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 204 W3sibiI6InZwaXhpZWIiLCJtIjpbNDM5NC42OTk5OTY5NDgyNDIsMCwwLDQzOTQuNjk5OTk2OTQ4MjQyLDQ0MDMuNzk5OTk1NDIyMzYzLDQ0MDMuNzk5OTk1NDIyMzYzLDQ0MDMuNzk5OTk1NDIyMzYzLDQ2NDIuOTAwMDAxNTI1ODc5LDQ4ODYuNTk5OTk4NDc0M...
ybar-bul65jas6hreport.wc.yahoodns.net/cs/ 0
212 B 417ms
133ms Image
text/plain 2406:8600:f03f:1fa::1001
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ybar-bul65jas6hreport.wc.yahoodns.net/cs/W3sibiI6InZwaXhpZWIiLCJtIjpbNDM5NC42OTk5OTY5NDgyNDIsMCwwLDQzOTQuNjk5OTk2OTQ4MjQyLDQ0MDMuNzk5OTk1NDIyMzYzLDQ0MDMuNzk5OTk1NDIyMzYzLDQ0MDMuNzk5OTk1NDIyMzYzLDQ2NDIuOTAwMDAxNTI1ODc5LDQ4ODYuNTk5OTk4NDc0MTIxLDQ4OTcuMTk5OTk2OTQ4MjQyLDUxNDYuNTk5OTk4NDc0MTIxLDUxNDcuMDk5OTk4NDc0MTIxXSwiciI6MCwicyI6MTcwNTA3MzI5NzI4MSwiZSI6MTcwNTA3MzI5ODMwMiwicSI6ImltYWdlIiwicCI6ImhvbWVwYWdlIiwiZCI6ImRlc2t0b3AiLCJsIjoiZW4tVVMiLCJiIjoiYnVsNjVqYXM2aCJ9XQ==

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:8600:f03f:1fa::1001 , India, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
cache-control: no-store
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
69 B 47ms
45ms XHR
text/plain 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=2023538075&yhlCT=2&yhlBTMS=1705073298304&yhlClientVer=3.53.38&yhlRnd=8YWMn3tBrK2XcbRq&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yahoo.com/?
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
expires: -1

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 70ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298346&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-MON2-iframe&isRefresh=false&loc=mid_right_c&renderCount=0&status=failed

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 72ms
48ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298346&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&errorMessage=Failed%20ad%20with%20no%20fallback&id=sda-MON2-iframe&loc=mid_right_c&renderCount=0&sourceType=native&status=failed

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 21BC 6 KB
3 KB 17ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 93D1 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50CE 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F52 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 185ms
180ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298545&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=1&ads_refresh_total=0&ads_slot_right_failure=0&ads_slot_right_total=1&ads_slot_top_failure=0&ads_slot_top_total=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 184ms
179ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298546&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC-iframe&isRefresh=false&loc=top_right&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 183ms
180ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298547&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC3-iframe&isRefresh=false&loc=mid_right_a&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 181ms
178ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298548&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=1&ads_refresh_total=0&ads_slot_right_failure=0&ads_slot_right_total=0&ads_slot_top_failure=0&ads_slot_top_total=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 184ms
181ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298548&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-MAST-iframe&isRefresh=false&loc=top_center&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 183ms
181ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073298548&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC4-iframe&isRefresh=false&loc=mid_right_b&renderCount=1&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 21BC 0
0 57ms
52ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1z1qqjYzVpucBI8j4_7GcRLhetnNCir_753MsTbhhdx19I0Zb4uEZcgU4U_bd7d3L32wmfmdHQ8phqW9ccIxV0EXcDk4Q_VnQ2ojvYAyAw_WLMDKbsx3hKt3lA3vZYDypKklLP39am0hj2SIgXuglWqhlhGhwYr-UjL1cDBOkxNprG64ZYSslC_LiR7Hl9Tjo2ZzboZ3nF0NaYeaXyjdlrLp89_pkTuL05a5hscK6zXKhsl5Almivv6j88cBJGZ6mYoG477w0KVsW7XoOl9nssvAkoWnVTKcb4vW5shu2uR0w3hpwo9gadmqs9TgxeJuMO9axzTtZblhvyvAlEqBQk0OG1_HE621pn-rO7hYXuvBQjwq8D-2o0_Ed73eKlXQjfKyRSwa0p-M0VldP&sai=AMfl-YRXybxYa5rIQjvMRX3rTH4-tTE1ImEKKbdPwX5tORyfLPevSHzbpDfzDCMMt3wOOohbGTR86gsU_wTtDCCBI0ySFUoBar7NKGe1someaKZbgqlvDokggfHOvEzOB9qoHhIxUib9S0gsl4YPqIlAmcY&sig=Cg0ArKJSzOEXxIsADA9BEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 21BC 23 KB
9 KB 64ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 15:38:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 21BC 3 KB
1 KB 72ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21BC 205 KB
65 KB 138ms
55ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 1492775076432722859
tpc.googlesyndication.com/simgad/ Frame 21BC 103 KB
103 KB 70ms
27ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1492775076432722859

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

287bdc817c33cf97b8e598ef498365986e2fff53eb7a08efe403f489305c74ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:55:20 GMT
date: Tue, 09 Jan 2024 08:55:20 GMT
x-content-type-options: nosniff
age: 282778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104986
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 12:17:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF9C 499 B
496 B 157ms
68ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNVAnSoiVyY1z-4oqwJ62FFTttkBngf0nHLE2ciJ_6JhiKEGxk8TmUUw9T2RpL9Lh-H3MOFhDfDojknDhoPxLgDJufrA4n5aC5GoovTNUTo0XPFYkjA

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:18 GMT
expires: Fri, 12 Jan 2024 15:28:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 93D1 89 KB
31 KB 188ms
136ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93D1 42 B
401 B 103ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCXP_Si_ivebWOJFF1aMjWwA8-5QwVclxGozlfiZOfuIKwN__7Rx3dRdNP42sp2lxjdHFkKmLgWsPF2MH8M53r0H66O7osoYTv8Zt-HPxn8_CkHcI

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 93D1 24 KB
9 KB 121ms
31ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 292042
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfC19GQMD6x35Y28iHcjCMRhdvgMmB9ozuldZArUtQtPtacUAcVsTGU8IJygDWZADeTDY%2Brj9Z%2BNyfNJyLa2d7%2BoT0oVzj2fAV2VTGIiiKC%2FfLF%2BH8CN5pXEPC5Eqf5KmUV3enE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84466db589ab9951-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 06:20:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 93D1 3 KB
1 KB 37ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 93D1 20 KB
9 KB 26ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93D1 205 KB
65 KB 186ms
137ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ADD0 499 B
246 B 124ms
67ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNXMtxVewz43V2cGcOIJSMTFlBUneXVZxPiLdqk0-RDax84qgH72KL8OTmAlAZlJHD9gb8fXQzlFwjJmTiP7d_zYCH43rLJB9sz5KUbjksMJlMG1u7o

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 50CE 89 KB
31 KB 233ms
212ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50CE 42 B
107 B 74ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ck9-zfwMbwtVE02mrHrzfrKdDam_NlMsRDRSlfoxTxKFn_XkEMyIkmZ15VudxKEiwJswyis7c5dHcc4kJquOptdKjeC40c8f76N4psw40hrOjLfvg

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 50CE
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77329995/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015240955&ias_pubId=pub-2305304999188653&ias_chanId=1&ias_plac...
https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
482 B

75ms
19ms

Image
image/gif

2600:9000:223f:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2757516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: mR0aRBSYgAKns2GUTkgS7hKl64wdTiQBk9vLSy6LjWglidgbUqPJtw==

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 50CE 3 KB
1 KB 45ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 50CE 20 KB
8 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50CE 205 KB
65 KB 200ms
183ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
DATA 200
OK truncated
/ Frame 21BC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8d4b084a69057610b44e2d3cb98a0876c070f96f3ef2cf5977d173d3dd3adcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CE0E 499 B
539 B 89ms
67ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNX86L6MZHyBz9m8i3rapL-1-WJyHfzTHucNSJeYU0uSVdkkZ3E7qkkiOeeZeOqd4-KLm4GLe9MKwWy6IVxpsMS5PKBqWI5i5WxZjwI3U5Hb_hD_hY4

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8F52 89 KB
31 KB 203ms
182ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F52 42 B
107 B 66ms
47ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1bfgWVpeBzYmroSOhsQIRyCjS-I1zKeFcAJcuet7JS1CqP9S4SckB-GK9A0QGP2PA-sMVzxCosBx-m-cVUW3QvcrqR4z1IL7JC_GBMFOuiGhocU4

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 8F52 24 KB
10 KB 53ms
30ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 292042
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAzt9RJLnJp%2Fit2Sh%2F4hZz2X8pS5ZuebfaRcW%2FdlIq%2Bh9a%2FgyGOdWX3uA1m8kCcfWzCFkMkGQeJAouMvEo%2B3HQIDWgiLfdg3p84jkscWiUdttGmI%2BTKf1398HOVZl1b9TcvM348%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84466db589ac9951-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 06:20:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8F52 3 KB
1 KB 33ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8F52 20 KB
8 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F52 205 KB
65 KB 153ms
134ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:18 GMT

GET
H2 200 bridge3.612.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 35BB 752 KB
241 KB 47ms
46ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b64c80b04cff2dc73a2bd8e0eae63e60e4c0168cb01f431f5031edeec71a2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 322324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246171
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 21:56:14 GMT
expires: Tue, 07 Jan 2025 21:56:14 GMT
last-modified: Mon, 08 Jan 2024 21:53:53 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C7D1 44 KB
17 KB 382ms
25ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:28:19 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0475 40 KB
14 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 12 Jan 2024 16:02:41 GMT

GET
H2 416 error.m3u8
s.yimg.com/cv/apiv2/default/ Frame C7D1 347 B
516 B 188ms
187ms Media
application/xml 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/cv/apiv2/default/error.m3u8

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

99b85a68a8877bb1bb0d093d56dbd5863f69c659f4c25e7a69acce4c0df6189f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

ats-carp-promotion: 1
date: Fri, 12 Jan 2024 15:28:18 GMT
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
server: ATS
x-amz-request-id: KVPN675XJ33TCGVS
age: 2
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: application/xml
access-control-allow-origin: *
x-amz-id-2: J3+vVIR+N7IDHi9Q3DwDC0/aAllNV4OAIpiMXzgtfYKISSgwhPYYZOohIwBr5WsQBFYYXQajIMA=
x-xss-protection: 1; mode=block

POST
H2 200 p
bats.video.yahoo.com/ 0
0 156ms
155ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_event&t=0.6474303367625227&_sqno=1&ts=1313&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=&client=&crid=&ad_evt=ima3-ready&adblocker=false
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CE0E 170 B
232 B 99ms
28ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNX86L6MZHyBz9m8i3rapL-1-WJyHfzTHucNSJeYU0uSVdkkZ3E7qkkiOeeZeOqd4-KLm4GLe9MKwWy6IVxpsMS5PKBqWI5i5WxZjwI3U5Hb_hD_hY4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame CE0E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
431 B

26ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNX86L6MZHyBz9m8i3rapL-1-WJyHfzTHucNSJeYU0uSVdkkZ3E7qkkiOeeZeOqd4-KLm4GLe9MKwWy6IVxpsMS5PKBqWI5i5WxZjwI3U5Hb_hD_hY4
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2B%2FMl4fSo6KO8K7Oy6mktcJYm1S8MWEtwO7LisUbsvRM1JF%2FN5eip0PmOR6AgntuoVTMJ4FrpbKuyVf%2Fa9yVZZYG%2BNAR6oweKC35sRh2YvW3x%2BetAtP%2FHzlzqO%2BqMwGMFy62pbDYw60hfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466db6cecc2c7e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CE0E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFaksOAlyC6p6W0YECEuwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
734 B

32ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNX86L6MZHyBz9m8i3rapL-1-WJyHfzTHucNSJeYU0uSVdkkZ3E7qkkiOeeZeOqd4-KLm4GLe9MKwWy6IVxpsMS5PKBqWI5i5WxZjwI3U5Hb_hD_hY4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cvi10P5BCyrQ1ChKOK71Sbn%2BHikzeNWaBzyNX%2FqicDF91UOW1zYGZCgoCND2Ypcja63NO4SyMJpZN4%2BuQE9CbrUwctfA2wFExeyXFUPZbSIj5op7XTboDZka63bourEJ3n%2FLiAoLYHv3ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466db788d31e5a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame ADD0 170 B
232 B 95ms
27ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNXMtxVewz43V2cGcOIJSMTFlBUneXVZxPiLdqk0-RDax84qgH72KL8OTmAlAZlJHD9gb8fXQzlFwjJmTiP7d_zYCH43rLJB9sz5KUbjksMJlMG1u7o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame ADD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
332 B

27ms
26ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNXMtxVewz43V2cGcOIJSMTFlBUneXVZxPiLdqk0-RDax84qgH72KL8OTmAlAZlJHD9gb8fXQzlFwjJmTiP7d_zYCH43rLJB9sz5KUbjksMJlMG1u7o
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJbVvNc41lHdgIDNV%2BBGkPLMMgvFOvyF5YKRZ25RfDfDHu7mDH%2BlKQeohQOL2%2FzTqTMhkjbAZqsIwDNh8Ct1n4J4EGZ0%2FOq8bCnehO8vFSsT%2FcjQV5iv77xvXmS8amjbSnoMINKxIgRl%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466db6cecf2c7e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ADD0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFakngeaQzMdCR5goDCdgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
734 B

32ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNXMtxVewz43V2cGcOIJSMTFlBUneXVZxPiLdqk0-RDax84qgH72KL8OTmAlAZlJHD9gb8fXQzlFwjJmTiP7d_zYCH43rLJB9sz5KUbjksMJlMG1u7o
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRiUgw5Kmuq7xC7BEXpHPzV2ETk%2BrAFiMghcXFM9g4lUjBXbRDKK6%2BbB1X2EKti4GlH%2B83DaFRoN8viRHx2uzkG%2BkkCRsOck7pcSl4PE6KmWhioFWj59ye01wOtI5NxyFPS17vwS8fWeAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466db7c91c1e5a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame DF9C 170 B
243 B 89ms
27ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNVAnSoiVyY1z-4oqwJ62FFTttkBngf0nHLE2ciJ_6JhiKEGxk8TmUUw9T2RpL9Lh-H3MOFhDfDojknDhoPxLgDJufrA4n5aC5GoovTNUTo0XPFYkjA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DF9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
640 B

25ms
23ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNVAnSoiVyY1z-4oqwJ62FFTttkBngf0nHLE2ciJ_6JhiKEGxk8TmUUw9T2RpL9Lh-H3MOFhDfDojknDhoPxLgDJufrA4n5aC5GoovTNUTo0XPFYkjA
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFM8v5K%2BUl40Wtv3MyXv1dqz4pEd%2FnzzC7LWaycVFxgFsWTq8hiMFGCAwxipKs%2FPnKJUBDu79gKE2foa%2FFN0oC6L7gFbQ%2FwQ3e%2FzS4Hu60P9X4Fs0FbYsf%2F%2BldUBwYuVP3Ormds3TGbdyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466db6ceca2c7e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DF9C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFakngeaQzMdCR5goDCdgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
738 B

27ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNry5AEQn6bJ3gMY8Y2y0AEwAQ&v=APEucNVAnSoiVyY1z-4oqwJ62FFTttkBngf0nHLE2ciJ_6JhiKEGxk8TmUUw9T2RpL9Lh-H3MOFhDfDojknDhoPxLgDJufrA4n5aC5GoovTNUTo0XPFYkjA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W98Sp9MqAzJyKafPH6pqPOqFhMhNYUfBgcV%2BsFVCb3Ocwfz8YCQFNAUl0zR96%2B%2FiykVf8PGspIWu4w%2BkrRQ%2BywdPLd15k1cme5lnAEB0IaiksXRKAq0XjIPtwawUuh1%2B%2BQ9HfRlGJUeJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466db788d61e5a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 21BC 0
0 92ms
56ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulovMl05Qriojai5Ar2iIf80hpAxJOlYQ2LlbRHxZS4DQCHH0mngartfvzSYM3PaZK6wPAWa1zK_Hz11HUmsPUI_ZubYnvAUi-13NQViCy-cCDXsj3ujByGeVUg4KDaq7717pm4k-1vR5ZY3mvEzpvVGu_G-AwfKXr4xt89PcoU-7u9VattvtfJGOsUd_GacHojUNqRd7HLd5WnwOc01Y8G3f09VXbatKw482TGQ914jcOYYyuBtal9stoFDjnEWj0tqLazySb5r-9VpDx2xM08s3riN0E1LjQRaFOALinZRbSO-1e3bbyQCXI4k0HJ3McsNymp_qCugRPwgTWieP7oWcBOk9w8_Ac1skTZjA_MR7-WJcEMMy2WdD2QNvq5L6VbB7H2DZ1ukaqQaaQ8-Y&sai=AMfl-YSa6uNrIWQIjCvviMyHFsV5TYMecuxPz-PANAGg0YOdb90rmpj4pvzqQJ29ni6I4htnnl10AG2-a3sv6b2r9hZ6srCaSIEI6ndsXcFehXTu9rGGxLf3whIz5ZMpVbsrxLraufFpdqRwpggIxcNOr6c&sig=Cg0ArKJSzIgquk8LiDcTEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Jan 2024 15:28:19 GMT

POST
H2 200 p
bats.video.yahoo.com/ 0
0 148ms
148ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=ad_tag_passed&t=0.9623425932536138&_sqno=2&ts=1421&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=&client=&crid=&adTag=undefined
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93D1 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7995716433630&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93D1 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7995716433630&version=m202309260101&ct=77&x=1&cor=16625307565109463000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 93D1 20 KB
13 KB 58ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcrrvuSjDGrydKAS42gYIYHMxf0Cl5lgL44v7F8nIfpshlztUzk5X0gWbb4WENWlxZYdDIaNCAJNSZMDjElbSEbb9XD_TyY7ps6s1OxwVCqUB5Q3cv8Gw-SJg4irBTApRJ5OfFQbVLJxKay8nK1le42WpLe9ZW5Slx4cFoJH9xU6aC4BU&cry=1&dbm_d=AKAmf-Di-OA0zG05gk8o-tpLaFSmspZK5ojdlgseVEuGm9EPEh9eZaoiDE5xTNW6YtwSx9SK2rP4dMDZ4fFbPApPL-r3ef6EqqON0aBI-WHL1RQ3vY7kW-jSbsdhrepnIdG61QStExhCiceidFVc9XLI2OImxAtOm9YGvUWtY3hGEwu_N65vKCH545QDAk3SRbUSZKVl9ljR_4Z09xVwrFwov4TtHl_a_SATSEXCNfCXmngJsS-0eC8yIi1MQK9wLFhJGWWMqoNOebu3QjADdV_UXWSIjhWmM3EL1wbxGwE9NLaDHT2JHp9b5csOlHjtkMYm_TGoK148SQPYIro0nDdMwKV6ygPwpGhlw9vz0Wv9UEZboy4Lysxjfu3rBkwnLnQSkeI5eGLiM3fiyjcJSnwJGfES-SLZBZBiJKJasnZTWBeYxvmlm2Zit1VRd9qVT3Vz5zHzWyMHzbIq05DKt0n1PmO3HaLObKYfQuaJ06M2EPTpBg1FzfVLNNXrdbui0enu8QxSTudeM_8rkggnRfw0yGL2NyhG_ODMeg9NN79DYw92TRQWe0oXA-hzTqvNlGUmU_MkrbvA4PxTWV5RdqWwXOAvW1SPz9EOfjTZE3xzBds4bcV6qr1ORH4PPPF3RPW531cBjjcs45qMevXYtA2G5D-6h7Y6KWKR8YjBcu84xYybsq3V914w6UsYynbh5aUpbJVteJ2zOLr5OHFRltAhiZVfMkKLX2FFtbkhO6IdB0Pb08hnd_iph_Pbz5AEtagxTxrFsdxeeFwCXVuqtHsbdr8Jpu1af4iv0OPar5gsLTIowUCtUdtBBKoG4MqfClDWAp6senKWmxKO3xc4fFt-JUHXI2CFrYwF_lQWc2R0F2JeTYzlFyjEMl1wcUMpzhtyBmisQ5hbT2j6JXedW_hyPLWJPbQ4Vyov1uZCrChW9cX_-z-KVX93kmO150YiaGElv8w4b4bIkpcrwYhtG4E2M4yTg-fjORqsQrLo5PC9ioFWrKXSgfDXMxt-6-MGEM3yuZlmJmG0Af_hcqbX8q8KXgeV0DkX1opHXqkcqkl16apBTHhyUiLb9HaLMOv_9Jh4zizY-qk8dpTDp48TNrkq_37Ehzdi4_GN-aU1SkbHhcE8p90iEXe4UfMsGtJzBt27S_Uti90KhJ_qOOtjvV2ir9Vo5jLyniAtAtUrrC7UilHXNx1GFu81hlE-f8fuYYs0KJqHstcGygs2leATXDuJBftwcK9zUpkSbJMXoLL5axuEnZu5tvMLbFq580NH5DvhsD8sal2urjp9Yl-Q_68770fd6bvMKh1H7NrTmAsv8jZvOwD3M-RW-YYgNJKdBFChuwdZE_trsPZM07-eCD2YKJp-b0or0HG-zuyVmNZFX9HQXGf4eKE5eqs2fsMN_LvByGIlyD_k75GgOkizE0dGulC0M5o6eKKodWivDV_fMZrXmauwP34gd0_l0WQzw8RkIuxD6ZMSAgUwqYOfqw5Qb1nihhDHMygmKlmbRi5k2bULaYNbUcUqDm82DtNDcvxT2J50L3nv910jUs5mZvlIFdqjO16XE0wwBK2d89bnMCrUuy6qyab5cq4FVfjdRIHeIpunnzKOMLpcT6oKkaOnW9LbHLLe4PYEz2ntMZgjNjLP8e-YVGximL96g7oUd9PnwrKHeKW-6iOxwM21heBRgMMpRklTosPVwHPUo2cqkrwqc1Ow9cyS6K5UIizz2bdVn7lWYbVlMV-qrFEhfuwi7saGwMP6SOsp1CNehLsLVFyznQ8LDRvXxAPAtfYlsqvfcWwJfueF-P0-Z4rWFrGG0QMQoOckxrhPA0BKm5VA7RPqJ3WHm4nYOtfIheapT_PxiSN_WSJjmInImQKyDObbQ1VwGRGHDnH7w3KVt6-PTEbb1HOWZsmkyK1dBuOB0MfxbGM6eTwlQ1AXSjf3Gri3p9nhNvyarYNVZBNOER454uLWDqq8GGNqeRA8T14moK3HHS3n5AdTmhaPxJAnT7qBw11N3oI87ztARdB9a7n7QoYWt27C2l6Jkl8_7El2KweqRrXTYk0kIGOXUpaKzvN8t53xsH5RSjh5xU6Ao1fIaQv0P9b795NxC1PL1rjTXOQbX2YhaBAd4eq-tZ0egVVeZfnf5YBMUhYsCVWl4xP-ftXBDnQ7pB1SFMnEvbEDdTceGg4ZyRhUzUfZV5F8Y45uYC0CkpUkaz0WkAIW7QiSWTQjVzX1z-3QWqin5M7A70xYjvgcvkJDMfzU6hTLdvBHueAQO9SHdsFuWd97vKWpF-rEQRtmydGsiRu9EkSMs90tNp_Dx3o00PDibFtnqGSrr-Db1C9pPqxnDV7TwaWDxIB9sHGU6S0-PKEXgsJEtdBJJ4UIB-DPtDJ98K1b80gI4MNjDuM3nTCWdo0DNjGV99r0TK5BKQTn3jFdZAK6jCqrPB4wA2J98ayVclvh4XncQaowzcQIYsJ93bdEp_v41xuudbP5bSJomL7X8WFK7NFE7mmp31P6N66PJBpZBjCK6xuyYwLqTLcIZYtCHwDXMls0osm_UIpORaPO0MmRAU3XKf7gJYfeHZJuZxgA8jcvSKQVdyI8VdvKvkXbi_hX8VlGxAehTEjq_2w4MwPO4ib6sLE2Yav7yvlMvWn9hD_wrotNeMDDqPmLJkGX4ECA2G2YMgfp56Egt2Xenl86v8qe4peLIk_ByU0rXM3_SpTL_qrGrEYBLiia7Vv563Pr3dSuclv1wI_wDRSjfdr5hxhZsc9G2oA-Oc_tgB5ZiQW7o8N5zUpxPhJJ7Z81L1ftT_ZGo4ItMvAtJM4zhtu7YKDDYm08kFK4TtI8CUfNUOkmWn2w5eeXJzAk7bBlMHZY_5RwemY_XODcUIMQQuRV_tR9YTYwoRyPMxDvtFIbA_5nTs2W2dydgU2eJJQiJgebJEXpGe2nXJF4cSy-M-xKpGViasRH7I_2gUMWbKQfuNH6A4CN4zeXFqWXTIfREHuQLTPn5whN3_PhjFBsEWC2xaK801H3TVMxxH0InwPW0euhH0qf1SqS1fo8G5fv17z0pdeRqS1N8TXKFOFTrHNW8xBpqEPAMFMq8pEXGCGgZBxpg5Tqx2LltIaUCmp2y-Lw2myQZdpsjCua2Yh2JcRrHRl1ziTS-ZvKJ5oaa_0GAvVdyLcdMHnEwv-TLaxMajbsOlUSGUDNx13K2J4EljKbgntnnCwI1cj3NIl2VM0ZM7ruPWD4VpxIPcVqxnn3pcn5A057OGxhkMPWHetZrf5NzGKAJ3uvYlttTtoWleeNDEvXfLQM1Fx2YpXrwsQk0gcyWdsElksXSP3BCxMXgFqagXSpoc7WPYDxWv_vzk6qfVpGTaVTyOF4guAFrrCRV34LSODB9ab5grI_YLyI7f066b07_I30Fui4lyzB90pUA0B-u8I8d4jsswkm5frxkBfNGqLvsUln-mEx1c9SxukyLHn6m6KibFP_VxehSYbdb3ShYA3k_HU0lJduRXL5a7uez7fnsagV7HfD9JS7NYPq4-9qrB2YIQ9ufg-whYGb_IPS2BlJHtEohnX7Pkimv9HrE28XNNkrT2UhIqvkFv3T0qqVFhJ5KN6Oxvo0HN9aVCLcBF26tU5QmNoi-Gcb2GFNH_V3LLwjmo82fJiNgLy8PJ9JIC6AmisQnCtF8G1W7TvnHl-ZyFGgt3endksDECv3NLl1hhucHKQKGlCZodoXOCIMai9SI7MEmbgcmjDHrrR3gf8Bi_UsYcRvCSaDWck8beogtYfstcR5K3ZnJyIle7K8HseJWYfb&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=16625307565109463000&adk=2857193499&idt=206&cac=0&dtd=52

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9cdbf8b12197789d4470435cd71c56ed718507a566c17a2d46bc8397e0e2810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ Frame C7D1 35 B
88 B 33ms
28ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 12 Jan 2024 15:28:19 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 p
geo.yahoo.com/ 43 B
95 B 53ms
48ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705073299092&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fssMH6Pv&pd=unknown&pt=home&A_utm=%7B%22GAM_TOP_RIGHT_BRSTIME%22%3A4300%2C%22GAM_TOP_RIGHT_FTIME%22%3A4924%2C%22GAM_TOP_RIGHT_RTIME%22%3A6205%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50CE 0
20 B 107ms
106ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3125109816481&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50CE 0
20 B 106ms
105ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3125109816481&version=m202309260101&ct=76&x=1&cor=16359581207861500000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 50CE 101 KB
39 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CT88VvvfJwELyhPgu4AQGiPt2olmMqgJ8rFZB9lcCb6WMU3qN08-ms0rIWwvKgW_FA71RcnX4Qwfx5gUId-BW3lh0lV5QJkIEtZsAQwagPpAg-Jc5trajP4wpnRSyLQbWOPZxjcV-Sod8-UdXXBxPhWe7rhqhKjLxGnLN6kciZ8KZNxhg&dbm_d=AKAmf-AJg6LZMHHqbVYfXTnrhYmHq7nqcO_IbH-K2wWBugfFLBDMswSc19yWsexGGhXh1KDef41jmtjNB1oMoxo9PxFm6FoU-spR4lZTBLevWz3n0XLBwHlfuY-SnQlkB8CMyZYXuWYIJEHGsbU3JT5f-350TlWq4FegPAlHcAdzhuSZxdrOMvS1TuNI13NUsk7EupZCHK38upMclPljcpejC5YtzXx-PMKxSu9OSTSFofBStuoVdW8Hae7dJ48C18DuRl77l8pKRIH1rm5zb2BqDkxFJ-sl_FA0DLvumAPOx9epXF7uCkLHK18WYHpNsWtSGN8S1_Pw-4lGyOrTsx2Z6nLprGqJ12Q0akWvCedf6HLiljz_GDGm0kXg7bau-cs5wIuLNF7HvJv74CFHAXbOTmiSXniS13h10KF46gmxs9VR4r8lHiApojTG75EvvTBstjrNRJkqWt2ZMbMQMJXYxLpLyOCOwzPH-pOl_pSF6CPTU5AEqw2zwpEm5e8lh-jhUVZQ52ojkjyj-6vmzNQ1GFBcBsn34z8PRbBVgGgrrSFinM3xEtS2k0Z9Z35cPWlNxwgZRRBuiGdTmFvSB02g4ALAfghxaPzFU1zlyvI5h5jHStAJnrgINMiEAW3KfD9JyPLn3Mp2LTopgQwghxBKJHYrfmGgaq66gsLY-QacAkPsprBsDq83MUT7aUnL54Bw7EvktnzBHiPZYZnQQIDl6YJwMJbbU_k3wEXZ3KeCN0FVYoVGsCWcrpG_MIBbSIpqxv9wBzbk6oa2LtZDlAmCkpkntLg8M4BX84NtXk4UcnUgrGgFRKEuYDq_OYSU5zsRzyCMad2cbrsA6hQigOE5iBRa-hcvPeTwL4TGbpD4vCePK9LuaD7t1k4GwS-AG7FuEroQauH3Sn0cnngFLpIlqy3XeOz5YACF1cbQspiVQZESfKFWC3PAXuaiPMrsaWck2QRP0vIgAZZOJHEVXx3bk5jhYFymuTD4Kf7ZIaSdvnLzE_ti9KmBZSYJZHW8IRc22NSGJ4viL-lVgTqZWJSJxQ3KydXNMpa8FiT5w03Nk8n-FI8aE1T3OZ41N0zA1oej7vqbEWxjUObDnbaD0eZHHCeGylk80emc6sQm7b26roPyJIxkKMyEfaP_XpoWCA2ZQJPmb7qs412nHjUrVNqXSzfGLeDxmxs_tf1fwpxt39wdqrYzchwvui1jGBvKofulkreTiOvKTwpXvB3ag3Y_ZkJ298Z9QzEcajduWH3RK5t59O_39uxsjQbZtOJ4Nsp4woo2kB6hPMlkv4PsnvD444zUZZ-6XlI5BCAMNn9iENfI-a3nbrWlRuFGipcPglPRIcx3ry7V1zj0iq-pjnEPFKXbGDhHqHzR-EFGSd0SZPkcl8TRvf4VUC1xdjoIY1vBF5Ww5dcipqQWL_nExBqmD6DVuiVYiqsmwG6AaKSAN-5iZjd38LbG4oZm1KC6bhL1en0jh7_TOtQ5RCEC4B6rhsVrtipG0QEIjVRDVG1h2KFQII5GXWgUO9Y96s1_JNmOx-pJ1r93kRr5BmgCaSdfa0VJ02CWsHIQQfu5aSeLYLa_0PgZj9Za2PyVZ1S1Lq4ciJFISuuc_Fas0xwqJCC2eYf4LzWMu2kG6_l88jQdIhfgRSmjwYosgLaedkCnVopE8i2gCYlUtJTcaRBRth45MdGgaP9e6Y1jD6a-CwS-M4t6Pi51OEqi-THH4jtU1xhdDte12KzEoYJqiba3Ev3TdXD0A1yUPDn4u5jZvmNKCCSjtRrrcejSjvDPXR0Xb7KeeTxuLpnKbNaWS2fvYf-0sVUKYaf4U997TY837ASC3u9bs7glselkQ_r-BsJmYGnCs5ves9SYZd9QFRGo3UytW2z6NlxV-M6V93k-VsXBzP00VbNW4FzM-DeFUOqj7TE7OyfXFdSlS4AfGLVvcEAp76JdQd0FUVFxPnhGy0cLInGTxr9dPuMiKJPrjoS--s_IgPQKKV_LTobTukof_1FCf7mSDMjIGWQdET3Ow4ku7vjuj82NBhbcUHzwObUdUYG4VDl3TDkQNgGhkAj09LwXMTguOD5n_ajnYtAC2hd0pBYwclETzkJP99AZPVx6mZGqr0bnwlwqnKSBEARSV7gtzghVPvjiLd-9CA3xMrK1j52QxsnkKCJ6B2ou67brIxxNodv7jTL-gwbLS7QDRyKFaa634DjKcj--lnXXnX9LXqwvhU-UQlcTFNELyBrsH-DdbGjs3_lBez6SxfYZ2ZLOYL5lNKlJsuSjEVuRWMj7AVlht4Adr_Vb9kpPDtbYAselC1RC1XSMJmwFtdtrRiiaRIeJuKsptrcl5Ei8WBenxLFfIhu_ixvQZlmu0QKH0FlBpjTEL-M1oXx6kSIqPux-RN3TsnEOexZ-GnBWHeJzWy21imMF80qQqFenRNH_crWEu2X60G9vCvYpd6fT8hicHGFU8JSgLqHY5VTc7Y-1sl6gu2ex7yn40sLgZu8O0SyUR1vIu-CZFpOuucZ-Zq0PTblLZ9wh988R2fLUisT57qJY_QZeaouHS5AGpp88oIyD5JHzQtSzCynP2_4_RyNcVseyh3wmDK_SbQ3fXvp9SR3x7Lr0OhvTcZHs1JIM2_awMU9usg1wdGFq3g6JEMVkimpaLNB2iQFO8p5b_7FCoedHwOVMjVMyr8NjaTTXd_AS0R8NxJFfZmNlw20a_YrGf39gsKpE-g7IeNiSdGmPLZwLV6T24ULFaHba1f0vo2rg-HWGFjQQcPPppZInkYVcWGI-Ng3AxrbhawBmGSPAbq1o1DhuWmODUr-R5pDQrjjKmaCjyAmRFwnDd1mrgjTF8RRTS0bhF3kSO71ClxxZ5SXNo9tsVHOoQz33QM3gom0VEIq3wZQEIVjUrilYtz-QFvOZHbUIAoe3R0vZgoLS1EPauFaqpO1iIcJGrSpwYzwY9ftCbNET5ZEZkAuh3QZy1VgHdYiPsBtH6hNJRBEKYzqAnuVzKqhtIx0tyg4DhGgxRZcOqOc5guPRApWrV4BH5EnAnPvOGxWoAD3Jk9TPa1S9O9lVeHGemd4sVetdHwjZVJZOYWLcZsvktq6hamNdfdmLCotZaJGEswFk9dffPsgiDga-OG43EmYnnwokT5mX59oC750LBYqN2oIqDZefycCYqW2ItRsOlwhO1qSvImV0EOQBX5NtPjKWObYTV-eoBu6hpEgPnzl0O_wVkEtZFiHmLhr2h-4Mbc7Vn4nY5RoLoOPqKTXe0n24Cb2sR9QAbrN64k3MLId1f17taaoJHNgOqgjNNNiKxQzfeeUsTT73XvPe23426snm4QYE2JSLUqJH2hmgKjJwJxWrbdApkfh3ZEO9MgCv8QXPx67HovBIjsRZYBEfuAKKgwEcIp8mul3MgGMBMEITByIGAt4EDNEalh43tqkOxten8p0-hcwSNhXo8ocXzCCUcWqdcp8DpIq0jiD8JGqPZd3Pzj7FfzSSWOhRnmCMq9B8afkG7_QT4QzBkPf9tWc9DVKJ7tNlkHwGsXQ5VL2-jFjrP23vZobRKK-3Cyz5Ia21HjiuXJnTrpc6yOunDd2YX_ZzAZngClo1yXcQ15_b9YKlMv--2ZaP34ap-0zH2wRYywyHuIz8klynwJdyGFiLllNo63MEcnmIuXZqdJEZU4DEvaOyC7IpPJFWOd_UH4nnQ6ErG2G-NmKeVtt-weESxCLV20UuQxRxOW0U&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=16359581207861500000&adk=2086295848&idt=237&cac=0&dtd=5

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46c02423e821a94a7baa11da62a973d2f9f0390916965af874a2e28747b57e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39878
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F52 0
20 B 61ms
60ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1674414618581&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F52 0
20 B 57ms
55ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1674414618581&version=m202309260101&ct=77&x=1&cor=4165376548654971000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8F52 20 KB
13 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AompiVywNEhwTassBU_HxR3z9wgsMIRNWOIvKGxEgVqx-GHi9-N2z0DHOLArggySfgvQSgnS9dusu99a8Zq43v_CQ4xj5fs4Qzv_HEj5e42Ue3MpKkuyCTKRFQNMfZmrNmQKjjRPY73QJFiXrrMnt2I8Qle_DlYkrp4w-Pmka0VeTKHJE&cry=1&dbm_d=AKAmf-A0dnrkJLE3U_P_LoDfckwG92xSGJrOdEdjXatstYrk97uDqtGU7XtrgwUI_5xvpwsk9oK1CDJlRYypjgYYn68WF3nDHkvdPFHCvTwismjXjEaIoAeXQkkgDuYFAQaGrZXT5PE-7y8J6_23JIsyUxZQwx2lMehOXLrxBIWyKz3hip96PiEzuUEZH49-o5w5f2zouRKkN7XFSZAJRP3_BusCLWl1uCMs55gVb4_9D0VfPZH2ln_-LM5P2-lXJPXZm_q0GkIw7cHZNuNp-E1YmHTtDBvcntJYKxu43OdhgEemjV0kIoNHqnl7RRjmMqRLJyu3Q-tC2a5S1ZJqpLTgs_bLsUKMxveNdSBZkgD5yKX1bUclQlY_Ut8SUumu0ua3RqLmk_sh9KlSN-2vTDtCpaKtksfsevDk2OLnzLUdFRBi1owCQWct8WEjcieHiqkF4iDjxoAUdWDayALFa1e4wFyTEc9jMuhYjM0DZuMXVGfXT2BDwHRbwJ3N6H7aOJIy3Egx5ZiblCND0PwD7UiuKI7oQSmLOxujE4U7bAi4iVSlXSrcU8z-PLVXr1AsqOzl40iEJgmCd5FKdkQZTvG06nF3UorPPonc_hcVYBG9m2yA3PacvfqC4kgodTXkN2Htsq85EJKpQJeEqFku_a78_gmSbjgXvoJzOAvovc1MsIg_jhGfvzFssOJKMB58iL3gjCP38gU96KEJXm4ALPVvU1Lnao2Wf-jVYHE6MhMpoHbp3Q3KdLyNcLWenv6O_XfRudzG40qgCe5vaIcH6319K0L9CiLdaZJc6d0kz9wpRI3Mh36NSE_wmp_7rNrQeVjKt8LhMia_mY3ElB_FqzgCd-fDJnAH0Cfm7pdfQzzEr-A2Prf41DJYsmA4a_Hmd8UwCkfXJ2laOlHV9_7nemmAthFxFPfr76_ZttOC2vnf1vBCwdUJ3OmjbJuV2cI2SDxtdWfI2TNggtRusbg74pt4EMLTtBK8tkNILjvQm29j6AH2vmjucFzLXykoZwoUAnHPt_n4Gf3deQhxEVmbPPpGtw-gxiOKfqiyDwQy8R8SxKAtgfgp_WvMUoZdnZuPrURDCNVErh77bYPjv-QpQU2jLNiKWRBOkFC5vph4k5U1cgF60dyBoFfOJ5vsE6xlW42fjoDs6sNEepbdnNuS6Hlr1iAB1uxpyt6Fwy04XGXnZAR6LpIYFXwTYdf4mmXkQdTU5LEzbtbyDSKJbCTFadUG6PSqLfHRUCrdAYGBQdTgE7FqQ5ZFrgzq6R_8rl6DggzYzNGktodxjs7mRsZvTEP0H2PNll61qW6XR9ER9Fer1YhfVu_MI8RB1bvsGeooonwfQ0H2reanLzQheOav5jH4HcyJ86r8zxEDt4Vp5d91Qf1B2cFcgKhnKE_Yf1ib78OYfYAx28K01_bPnh_Xz8NyZWJFYltagVaM8xM8PstOuBn8ODTUblEh2b9aLJu562syawQezP-itXI77_nRrARuO2S8TCwZgl-rZ2Z6pU5Emrfwy3S4HV82sFoUKrWi218VFxd3SClxhs4LDXLEHqXoPy-5BfhaAZpVieyJyEP5C2qBS68Vr_Y77I4JvQrmqrr2nSgqlZJuWsBRowby1y1PK_H1qBhBiNi1Qu8LleD3suTeU25t_438Z5L9-ZgH440U39nT54xCDqniW-wyqvLNCjZXSaT7bsDUv7FRfkEz4EmvZpvk5tytF8pNGqDBbhTyrpgtWY3aivmLnQcoyIc_IzFFwVLh_raxQ2O1TNalvbeegD9mV2F4y-KagSC2RoaLunN3pyRKT1-bAi0_DTl5kqjp2aRifJwB76PIu64AFbkrhe5ZmSrBhlFcK70QoFDCccRDY1jGKdD6sy5S81s_nvRyIx9HrB7St-Q0TEkTzrHlTVJQPbdeurJk5ELGy4Ri4oL8GNn4YG82JDNz0Bknf7WR5kWV2FecYO0UuHvYFW2gu_KPl-eyuPpo4vk8jT3SMFpHMAt1B3F-Vrieop5zKOgRSIgQf94yxe8DauqcKj7rv9QeQHaaSehQ1iQMEDDDAn8fhQrxNEH-2ljVdaTozMs1WGy7WtZOnxGDdV7lwq-56zWddyuHJTnc6-b1wTbm_4Ewb8dqhe5bvRB4caVtBZUSVmOck2ftfbH6hpizomCzcvCLBQmcex5XxX9bXhWyFbda10SIglSceTdOT2szD8Hd5IONi4rJLXII2FSa9kSU_0D_oPKc5Q7-uS3tgCTIddTcw-J1uYTV2D8EPiT-L3Gm6yZlo9vEPKgekKAm9Co9_W80HVtGf3lnlszYJR20u5_dGKqpMkBbFD9m6-cm5CXonHNkFwqo6kKc0K7_5tEPiExJ11ET34NBh4F2OjxGK3FMreE53N9U8ZY0vulwfHDRXckvEb42F9TqxouzOASAjmFW6ZyK6L0ogWCs9elUClvO3_BeHdEST4VI-kBsZWF51eArZMkCqVTL9Nx61aRMGATo8zye7jtRXcj7MLAQWJYDiXY78NncHzycLxyzc8GVYe43Fea1Au1ZOn1LbRNcljnU5uVD2tbTmOPIeaBJyxr6jDSE_d0eB6jk9fQdnowH1C9xTbTp798RuxlJLFETJXWterfOqLHwCZN4mfT4M-nBeFQKiRDY74iS5EQ9pgMwMvoXsGsuJZ-rUcEd5zfp1U3LB9dSVm2h_DfaHH3vk7nC25qZ5jJloGNGmT1hfbzE3HyY32TjV51TgRchcH0Ry0fnawZVI6SDv33eddmy116AOMdubtbQXURKPHKHWxpsUruBcMEY-V0HYzk87nTgELkH9tRXJz5pEBn8PoGoJuRQIcK-0s0JPLHe7oF8jVF8nkcPvCvzoVk-BemeuJhdxXoDwFiWOYtxMed5nqXPA1Oo20evMqW-pPsG02-Qk6i4c3Pg37BUGoz9f83NJJgU9Sl47LECitKKUv9_hgRRHr3DuEDa-_zOUFc73P4duja97xqaO6FaCp0KAbd455iDdqdMd-is9FT3HcTNDqFAez3SuM-Zy2ddATd_zF8g0G7gcMMqoZfY59y2CW25AXXMFLy2Veck7PvgWUvF8SchV59Wqexe1r9yJlHAwCuB7SQrxCD6BpKGJAP62qMJV6mSkezgWXG_djwMPSimvLendMoJahluHdy8U5N_lo6owRxC1ujXlVoiOfnkUYYZ9fSoIRdZi-lt0_-Q5NeuGUA1N19cb9DLOidQDdYlWJ9NwRfVhWX8b5R67KR7k3zezLnkto3Ih-fz5cNQ7-XI7cawtZzBdmW_XWTHKs_Q6u9AUCJcBHENi81hiqEBmXYe21jcbB8W3b5PuQj8cfc_bbd2vz0xpkgPN75UQvL42RCW9K1ezAQaMw7Sc7GIUXEFX6YwdNwhPUXWNj1ED2GBbsUOM7zNexnFfBcBjcO1cEr3dwxi6yZ7-AZU7Vsu1ilL0YRa3CKBctPabnQNUcwjStrQWbYcB2wRf9S50ooXvE1z3Zv7O9UAHzoMC6frdxuRcuQB8PCKy2SWYHmDv4KFHfEjZSCJM5ssTsy4M_zWYLgKv9Ost2nnk7xaPLYionWj9PITfISTqWdkAEMFy4Va80_vmpvbdt8ZjKWvQ67p_oi9y6rug26hbvARGYRyEhUD1izxd6TaiC62cXgbVitSLR2I06gl4cruB9fXTIeBLoDFSyYIxEF5kT0MCJ9289BhFXxnze5Wnlj2ShgoRfvTMBVYu8n5ZMmWKX-hSkqEO3slj9unwk7jlWN3e4lfN0vywM2llmB76w7yF-g4Gv9XFhMKeglMJ752&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=4165376548654971000&adk=3944675603&idt=217&cac=0&dtd=17

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9918b112c822f1b87c4dcd544b693ad69d466fcb97333a46552bdc409bb944db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13685
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
bats.video.yahoo.com/ 0
0 193ms
193ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_event&t=0.6393111871005261&_sqno=3&ts=1586&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=init&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=&tag=&client=&crid=&ad_evt=ads-request&adblocker=false
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 93D1 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:20:11 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzI5OTA5ODc4OAogIHNlcnZlcl9pcDogMTM0MDU1MDg5CiAgcHJvY2Vzc19pZDogMTA1NzAzNDE4OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQz...
ad.doubleclick.net/ddm/activity/ Frame 93D1 0
868 B 105ms
51ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzI5OTA5ODc4OAogIHNlcnZlcl9pcDogMTM0MDU1MDg5CiAgcHJvY2Vzc19pZDogMTA1NzAzNDE4OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQzOAphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vZnJlZW5ldC1tb2JpbGZ1bmsuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMzQ0MjE4ODU5NTY4MTkxOTM2NApkZWJ1Z19rZXk6IDQzMzQwNDU2MjQ0MTE4OTQzNjMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTEyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTIyODE0MzgKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNDIzMjQxNzkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEwMDM2Mzk1ODMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTc4NjU5MDA5NDcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MzcwMjg1OTMKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZnJlZW5ldC1tb2JpbGZ1bmsuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2c1f5ee3965d2c100000000000000000","13":"0xf41546966d7a50f80000000000000000","14":"0x8f45e91aec7fa54d0000000000000000","15":"0x929ad06d3577f51b0000000000000000"},"debug_key":"4334045624411894363","debug_reporting":true,"destination":"https://freenet-mobilfunk.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["12281438"]},"priority":"0","source_event_id":"3442188595681919364"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js
ad4m.at/ Frame 93D1 24 KB
9 KB 33ms
32ms Other
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 292043
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JefeyLcFWFvhPaEsi%2FCsNNfGjAYCh%2BYL8U7leLbVaWY1dIG51QnJVXtrxWBf2DNAA%2FMFQvjFZze2TWY%2FsYJ8EQCFhojNCAKkXag5s%2BNWBi6fNuKkR0AGZJ1FgdJ0Wyjd4hl7BY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84466db7fbfe9951-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 06:20:55 GMT

GET
DATA 200
OK truncated
/ Frame 93D1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89facefb7a1029d9990ff5f8aac3ea72dbc48b8c7e6615d1b727c1fa8169cfe3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tracker
metrics.brightcove.com/v2/ Frame C7D1 35 B
52 B 23ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 12 Jan 2024 15:28:19 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 50CE 172 KB
60 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 11:58:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 50CE 11 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 50CE 31 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:52:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 50CE 41 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:20:11 GMT

POST
H2 200 p
bats.video.yahoo.com/ 0
0 196ms
195ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=v_ncomp&t=0.48055770198708725&_sqno=4&ts=1788&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=end&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=&view=0%25&buf_dur=0&dur=0&dur_d=0&buff_info=%7B%22seg%22%3A%5B%7B%22buf_dur%22%3A%220%22%7D%5D%7D&ext_resn=error
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 p
bats.video.yahoo.com/ 0
0 232ms
232ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=info&t=0.22027896381119794&_sqno=5&ts=1789&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=end&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=&view=0%25&ecode=100-202&estring=Unfortunately%2C+this+video+is+not+available+in+your+region.&vendorCode=202
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 50CE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8314c13a4169e9da8d1f45b768b65a08f029094c4cae63a7ac685861a4509a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F52 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:20:11 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzI5OTE5NDQ4OQogIHNlcnZlcl9pcDogMTM5NzkzNTM5CiAgcHJvY2Vzc19pZDogMzA1MzYyMTQwOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQz...
ad.doubleclick.net/ddm/activity/ Frame 8F52 0
508 B 52ms
51ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzI5OTE5NDQ4OQogIHNlcnZlcl9pcDogMTM5NzkzNTM5CiAgcHJvY2Vzc19pZDogMzA1MzYyMTQwOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjI4MTQzOAphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vZnJlZW5ldC1tb2JpbGZ1bmsuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTMxOTQyMjgyNTYxOTMxMTU0OTAKZGVidWdfa2V5OiAzNjA1NjE4MTczNTA4NjU3OTk2CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEyMjgxNDM4CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzQyMzI0MTc5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMDAzNjM5NTgzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE3ODY1OTAwOTQ3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDM3MDI4NTkzCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZyZWVuZXQtbW9iaWxmdW5rLmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2c1f5ee3965d2c100000000000000000","13":"0xf41546966d7a50f80000000000000000","14":"0x8f45e91aec7fa54d0000000000000000","15":"0x929ad06d3577f51b0000000000000000"},"debug_key":"3605618173508657996","debug_reporting":true,"destination":"https://freenet-mobilfunk.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["12281438"]},"priority":"0","source_event_id":"13194228256193115490"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F507 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8F52 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02562dda3d6ab7045858f1a3260f0d9705c0195eb14d7735dd2d22b34d93d17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame EEBC 2 KB
2 KB 23ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1165487
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84466db9bd575c74-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 12 Jan 2024 15:28:19 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX1T1yR6y098D%2FkJLIE%2Bv60phHcVp0gUInobZgktKtF1n2V%2FC%2FJ4NrZDZ8di3PVD5bOGiP13bho%2BPCsl2P5XJdeLmOdkGCi42Z5xrUvpfgJ3RxkT99HJdFn9l7yrn%2B%2FmZH8XuBM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 35ms
34ms Image
image/gif 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=gptslog&itype=YHB&tElp=2093&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yin-67fb494447-cshcc&svr=264_93_103_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705073297422029970147846099&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&sid=sda-LREC-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_right_0&szs=300x250%7C300x600&tp=loc%3Dtop_right&late=0&srt=-1&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_right&istgt=1&tref=0&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=412&btm=1012&lft=1132&rght=1432&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-LREC3-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_a_0&szs=300x250&tp=loc%3Dmid_right_a&late=0&srt=-1&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_a&istgt=1&tref=0&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=1787&btm=2037&lft=1132&rght=1432&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-MAST-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_center_0&szs=970x250%7C3x1%7C728x90&tp=loc%3Dtop_center&late=0&srt=-1&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_center&istgt=1&tref=0&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=84&btm=194&lft=0&rght=1600&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-LREC4-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_b_0&szs=300x250&tp=loc%3Dmid_right_b&late=0&srt=-1&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_b&istgt=1&tref=0&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=2057&btm=2057&lft=1132&rght=1432&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-MON2-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_c_0&szs=300x600%7C300x250&tp=loc%3Dmid_right_c%7Cnoads%3D1&late=0&srt=-1&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_c&istgt=1&tref=0&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=&btm=&lft=&rght=&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 12 Jan 2024 15:28:19 GMT

POST
H2 200 p
bats.video.yahoo.com/ 0
0 270ms
269ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=info&t=0.32841731209724423&_sqno=6&ts=1900&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=end&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&adUrl=&view=0%25&ecode=100-202&estring=Unfortunately%2C+this+video+is+not+available+in+your+region.&vendorCode=202
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 r62eglto.js
ad4m.at/ Frame 8F52 24 KB
10 KB 32ms
31ms Other
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 292043
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPpr76JTf09mSRhGpLS40C9zAl2O5%2B4k44jAMuZaUZA6jbdnjbh98eVOcY%2FyEYZN1UrJ3hHB3BFhVqXRH8t0yjndxXr9v3chE%2F8fxbbFtb%2BfTdt2EIjqwb%2FdyJQ66AxmTrtgiHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84466db9dd9a5c74-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 06:20:55 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/13605343744850012072/ Frame 93E0 30 KB
6 KB 23ms
21ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d64f8363e9fe274098d3a8744fc70607e0482d5cb955b65a4753d04673bef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:19 GMT
expires: Sat, 11 Jan 2025 15:28:19 GMT
last-modified: Wed, 27 Sep 2023 08:55:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50CE 0
0 112ms
62ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGS6y0gv9JrpYN9kt5BGeeWjCxMbVxKYXxQ_VmI2DWA3wuXyEor23grBa55wsiihhyUZLLQmOZ8Ocl8NT8He59FvtvS5PH1kUm1O0cPtWg0p56XAFv1aojFadtKcDdPCF7-eb8YGnlfXJktp5XLXBfcaENkhfEloiC_d9lFD9bTnH1yCYf3sEdfrYFcararJwPz5s4HCfVVr2sSH_VVWAl8liQtHTwQjJlrUKL6aAjIKx41rNx1NQT38QMe97YmBnxmy2exPufUPEhVEpt30gBeoGStJW1P7IzqSbe934lm9_S5dobB8SHwtIcC4g7jBv8V5SuS1NESkhfOw5uR6v-NqtQzPSUYSaqoRA0LgR_NYJVSXVtOE3smuTHudSPoXM9p3lSLXqO_YLMdvtj-4dNAb6fiLMfNIQaWGzjvj-08Jzdipc6vXUTZ4s8Xhbnlz_Vo7_HAjC96TrmxHhhgHfZguNrRHbUIG1U6Bc-MALIYtRjJTHXlHPAsQGsQ4xkofc8NSQBHwWktwgaDdQo6yiltqPtJYSo2RyQ1d1Lm3yLyvLMqwq6pUFjhInXxb5ySshfrU3ueNPUjhf8UWSF89Rsl3ZPysbezY-zT6MfqIK5WW3LDaERxuqkOqaurI8vnj1pNT5ZrZw9o_gq8qvnwPjf5J-fMhwLSl4kTWfw6dbBw1fPaZ6YsQ92kwEXruRJf48E1BCycQdMmPa44gYg9vo5jOmVPLHkrIqzeeGgZXWdZpDXB4yRUk7NOrLjixUUsa_mFrUU3IK3GMZJzNQol7GoApUzIhKcGdfzt-ApKktEsewozU2n6U_cX6lS0dmAsBQEz-gOYfhY_xtnLcs-r-iKjBVMuUif7oBVwfchGBlKJecckq4F8Rs0Ljq9-TkESx_ZM5LC89ewxZGNUv8zSLxHclr3r_jpmofTzRKLV_p5wULEvKUusb9af8sglCE1GVtfOIKvlqmTWySYoDQ67HF3h1ewlyRCQWv9VmOgT_A6k2tpOME9-e80wVANjuYWPlFpJ72We1WUFatvUbeJPyYLN4jIQXL8YfHNS1Sg3fcltcFky_7-5IjZK7v_cVvnjwv1zavSzgOcAc3qLXJ75Vx7aOoalcz1LT3t4UIZIhBULrrangSg-xlhmOMy1vNc54t6u2fn1zd0Mkac1b8QhC9y8jGl4K89dkVm6b2fJF5pfWuDERseAWDAJpPacRh74dbR1PGpPpY5Okr5aEKl0GjVTaPxYKo1JM48_W7CqzGciFIf79ue-5MiJSNiy587ypmcM9kKCoP6ym2XURMBs1mYhW2t4CecTpw8zWbYIYeriadU1H0oUwjjtDFCVlX7sergBgBtuHaYE3BUhageeum1fIEEt-DZpztAgBzL61oeeZB-SdYmhCGfgR2mjw&sai=AMfl-YT2BPmrCRUITWKwOAW8g5cjgbn5LyhR0w2yMWE-yBAdBQNwxAfLRIvwHuuObdzRfE4zF20P3oHmyiKjr2IlzT3wFro8kXAUa6CaM8kZDkFJGiFR2RFry7vW1_6AVT_rEajzIfZyCpK4XVn_qYAjQA2Rpgll7dzK4WJlZWLGhsHL_8O0bHFcaBWtne1PYb2rG8orQu4dxKMrwojnNFjK1b6yOZ3407zXrIDsl83Qe8uFZExKGNrUh_ZsclxVtgmjYttmPaGSt9PZvD85CSC3uFCPe6Nzb9verGFLaw&sig=Cg0ArKJSzCpvSHLLVdcUEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=263&cbvp=1&cstd=224&cisv=r20240108.92771&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 50CE
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=602750680&gdpr=0&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=602750680&gdpr=0&gdp...

42 B
732 B

39ms
38ms

Image
image/gif

54.246.204.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=602750680&gdpr=0&gdpr_consent=

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

54.246.204.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-204-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0dcc54b67.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: sIpate4sRbc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-01a4861f9.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: HBStcHSXRyI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=602750680&gdpr=0&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 tracker
metrics.brightcove.com/v2/ Frame C7D1 35 B
52 B 24ms
23ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.yimg.com/rx/ev/builds/1.2.13/pframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
date: Fri, 12 Jan 2024 15:28:19 GMT
via: 1.1 google
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: must-revalidate,no-cache,no-store
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C929 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13605343744850012072/ Frame 93E0 5 KB
2 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46072ff450e58861395db6f972ea897ef9e4869c2779aed03527b5b0f994bbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:58:39 GMT
date: Tue, 09 Jan 2024 08:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282580
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1757
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 08:55:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 93E0 120 KB
41 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 07:58:53 GMT

GET
H3 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 93E0 69 KB
27 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:28:19 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DBBF 38 KB
13 KB 16ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 2D07 2 KB
1 KB 29ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1165487
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84466dbabebc5c74-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 12 Jan 2024 15:28:19 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FWvpUHkkJHMcyMbSb3OKfiSIWoP7FtIDyH3Gkd1E1BZIcZgh1Odi9lqURxnAMY%2FPyT7aUpo1fXnLuG9fnv9bdBkA29Bdck2WQdE%2FpR8GLXGPZe3MDGkf5b%2Fw9%2BNiGcPDlRoMac%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame F507 39 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 43ms
42ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705073299664&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fssMH6Pv&pd=unknown&pt=home&A_utm=%7B%22GAM_MID_RIGHT_A_BRSTIME%22%3A4300%2C%22GAM_MID_RIGHT_A_FTIME%22%3A4924%2C%22GAM_MID_RIGHT_A_RTIME%22%3A6777%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame C929 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

GET
DATA 200
OK truncated Show response
/ Frame 35BB 154 B
154 B XHR
text/xml

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f51bdb3c07882411734303b817d888776f3a6ad58d50c923a147f8c2d65ff53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: text/xml

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 43ms
43ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705073299762&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fssMH6Pv&pd=unknown&pt=home&A_utm=%7B%22GAM_MID_RIGHT_B_BRSTIME%22%3A4300%2C%22GAM_MID_RIGHT_B_FTIME%22%3A4925%2C%22GAM_MID_RIGHT_B_RTIME%22%3A6875%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame DBBF 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 35BB 0
234 B 73ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrasm9wh&c=4139264209984&slotId=2069632104992&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CTA_FX.png
s0.2mdn.net/creatives/assets/4736540/ Frame 93E0 519 B
545 B 15ms
15ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4736540/CTA_FX.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8e59c22f784ae124e2e4ea700d0361f147c5e67417abb1f845f49082190111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:24:22 GMT
x-content-type-options: nosniff
age: 237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 519
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 12:50:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:39:22 GMT

GET
H3 200 sky_bold.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 93E0 28 KB
28 KB 17ms
16ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcda08a8d45d378df4fdeafd2529f3c7521d3e9c3a4b12daf2fe2c919940e57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:15:07 GMT
x-content-type-options: nosniff
age: 792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28672
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:30:07 GMT

GET
H3 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 93E0 33 KB
33 KB 24ms
24ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:14:03 GMT
x-content-type-options: nosniff
age: 856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:29:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 93E0 7 KB
6 KB 93ms
60ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

247ce7902264dae452c29cc24deeb845c80e662b2cf961856534ddf33b572123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5803
x-xss-protection: 0

POST
H2 200 p
bats.video.yahoo.com/ 0
0 242ms
241ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=V&V_sec=pb&evt=ad_err&t=0.1826129270640795&_sqno=7&ts=2289&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=end&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=&view=0%25&mtype=&ad_sys=&ad_lng=&pos=&taken=&r_code=1&tag=&client=ima3&crid=&estring=No+Ads+VAST+response+after+one+or+more+Wrappers&a_dlv_err=303&r_type=303
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 p
bats.video.yahoo.com/ 0
0 151ms
150ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_event&t=0.4844300778044184&_sqno=8&ts=2291&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=end&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=1&tag=&client=&crid=&ad_evt=ima3-ad-error&adblocker=false
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 p
bats.video.yahoo.com/ 0
0 185ms
183ms Ping
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://bats.video.yahoo.com/p?_V=test&V_sec=pb&evt=ad_event&t=0.06431439648967285&_sqno=9&ts=2293&auto=false&bckt=none&ccode=mdsfb&cdn=&cont=1&cpos=11&expb=900%2Cseamless&expn=advstrmvideo&expt=strm-inline&expm=na&focus=1&intl=us&lang=en-US&layout=&lms_id=&loc=onProp&msz=&p_sec=&p_subsec=&pbst=end&pct=&pd=&pg_name=&pkgt=orphan_img&pls=8e66b737-4621-4ab3-81f4-f7b5e9590c4e&pltype=ev-desktop&pstaid=243b335e-ef0e-3809-aa36-040a2eb6f03b&pstaid_p=&pstcat=&psz=401x226&pt=home&pver=1.2.13&_rid=fssMH6Pv&region=US&replay=0&rlvtscr=&s=2023538075&sec=strm&site=frontpage&snd=m&subsec=&test=900%2Cseamless&type=vod+short&ver=&vid=243b335e-ef0e-3809-aa36-040a2eb6f03b&vidPos=&vlng=0&vs=yvsiflja&tmout=10&vptm=10&preload=true&_w=https%3A%2F%2Fyahoo.com%2F%3F&_R=&ucl=NaN&adUrl=&view=0%25&mtype=na&ad_sys=&ad_lng=&pos=&taken=&r_code=1&tag=&client=&crid=&ad_evt=adserror&adblocker=false
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rx/ev/builds/1.2.13/evplayer.js?lang=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 93E0 45 KB
45 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db8feafd6af3d4d57cf32077151974db17993016ec90953d027f08ca0a8198e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:01 GMT
x-content-type-options: nosniff
age: 282678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46432
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 09:40:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:01 GMT

GET
H3 200 DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 93E0 64 KB
64 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80819880082b2da6970a20108373fbeb7a2eeded83bf90a7c95d6f3d2346443d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:26 GMT
x-content-type-options: nosniff
age: 283193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65487
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 09:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:48:26 GMT

GET
H3 200 blank.png_1672924800548_blank.png
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 93E0 95 B
121 B 27ms
26ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/blank.png_1672924800548_blank.png

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=nx0tcqNlPA&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:43:59 GMT
x-content-type-options: nosniff
age: 6260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 13:20:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 13:43:59 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50CE 0
0 53ms
52ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGS6y0gv9JrpYN9kt5BGeeWjCxMbVxKYXxQ_VmI2DWA3wuXyEor23grBa55wsiihhyUZLLQmOZ8Ocl8NT8He59FvtvS5PH1kUm1O0cPtWg0p56XAFv1aojFadtKcDdPCF7-eb8YGnlfXJktp5XLXBfcaENkhfEloiC_d9lFD9bTnH1yCYf3sEdfrYFcararJwPz5s4HCfVVr2sSH_VVWAl8liQtHTwQjJlrUKL6aAjIKx41rNx1NQT38QMe97YmBnxmy2exPufUPEhVEpt30gBeoGStJW1P7IzqSbe934lm9_S5dobB8SHwtIcC4g7jBv8V5SuS1NESkhfOw5uR6v-NqtQzPSUYSaqoRA0LgR_NYJVSXVtOE3smuTHudSPoXM9p3lSLXqO_YLMdvtj-4dNAb6fiLMfNIQaWGzjvj-08Jzdipc6vXUTZ4s8Xhbnlz_Vo7_HAjC96TrmxHhhgHfZguNrRHbUIG1U6Bc-MALIYtRjJTHXlHPAsQGsQ4xkofc8NSQBHwWktwgaDdQo6yiltqPtJYSo2RyQ1d1Lm3yLyvLMqwq6pUFjhInXxb5ySshfrU3ueNPUjhf8UWSF89Rsl3ZPysbezY-zT6MfqIK5WW3LDaERxuqkOqaurI8vnj1pNT5ZrZw9o_gq8qvnwPjf5J-fMhwLSl4kTWfw6dbBw1fPaZ6YsQ92kwEXruRJf48E1BCycQdMmPa44gYg9vo5jOmVPLHkrIqzeeGgZXWdZpDXB4yRUk7NOrLjixUUsa_mFrUU3IK3GMZJzNQol7GoApUzIhKcGdfzt-ApKktEsewozU2n6U_cX6lS0dmAsBQEz-gOYfhY_xtnLcs-r-iKjBVMuUif7oBVwfchGBlKJecckq4F8Rs0Ljq9-TkESx_ZM5LC89ewxZGNUv8zSLxHclr3r_jpmofTzRKLV_p5wULEvKUusb9af8sglCE1GVtfOIKvlqmTWySYoDQ67HF3h1ewlyRCQWv9VmOgT_A6k2tpOME9-e80wVANjuYWPlFpJ72We1WUFatvUbeJPyYLN4jIQXL8YfHNS1Sg3fcltcFky_7-5IjZK7v_cVvnjwv1zavSzgOcAc3qLXJ75Vx7aOoalcz1LT3t4UIZIhBULrrangSg-xlhmOMy1vNc54t6u2fn1zd0Mkac1b8QhC9y8jGl4K89dkVm6b2fJF5pfWuDERseAWDAJpPacRh74dbR1PGpPpY5Okr5aEKl0GjVTaPxYKo1JM48_W7CqzGciFIf79ue-5MiJSNiy587ypmcM9kKCoP6ym2XURMBs1mYhW2t4CecTpw8zWbYIYeriadU1H0oUwjjtDFCVlX7sergBgBtuHaYE3BUhageeum1fIEEt-DZpztAgBzL61oeeZB-SdYmhCGfgR2mjw&sai=AMfl-YT2BPmrCRUITWKwOAW8g5cjgbn5LyhR0w2yMWE-yBAdBQNwxAfLRIvwHuuObdzRfE4zF20P3oHmyiKjr2IlzT3wFro8kXAUa6CaM8kZDkFJGiFR2RFry7vW1_6AVT_rEajzIfZyCpK4XVn_qYAjQA2Rpgll7dzK4WJlZWLGhsHL_8O0bHFcaBWtne1PYb2rG8orQu4dxKMrwojnNFjK1b6yOZ3407zXrIDsl83Qe8uFZExKGNrUh_ZsclxVtgmjYttmPaGSt9PZvD85CSC3uFCPe6Nzb9verGFLaw&sig=Cg0ArKJSzCpvSHLLVdcUEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=606&vt=11&dtpt=343&dett=3&cstd=224&cisv=r20240108.92771&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 93E0 27 KB
27 KB 17ms
16ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:20:30 GMT
x-content-type-options: nosniff
age: 469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:35:30 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 42ms
42ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705073299893&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fssMH6Pv&pd=unknown&pt=home&A_utm=%7B%22GAM_TOP_CENTER_BRSTIME%22%3A4300%2C%22GAM_TOP_CENTER_FTIME%22%3A4925%2C%22GAM_TOP_CENTER_RTIME%22%3A7006%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:19 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 checksync.php Show response
hb.yahoo.net/ Frame 9F32 22 KB
8 KB 51ms
51ms Document
text/html 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/checksync.php?cid=8YHBJ3BJ0&cs=1&cv=37&hb=1&vsSync=1&prvid=25014&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

05ebf094b2c700f7191cf374957ba37d140012025088816c959553dd0cfba801

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-length: 8253
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 15:28:19 GMT
expires: Fri, 12 Jan 2024 15:28:19 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 61ms
61ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js?cb=31080239

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2ee7c6b9e231911da42091ee22f509e805dea9424af2652d91505ca1db0332c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12343
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 93D1 2 KB
2 KB 41ms
36ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d19f181f824e4c9908464ff2dd83d9579e2a917177c5008c63194fbb1112c1

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5WbqtBparOPwad59PUm3aWyFHR3evsMnOd1Chs4VJXochyD%2FIcBZY%2Fx1LqGmpnTEMd0Bxaq8nrjuIf7U7S%2FMxZrBrAChz1n0ugEsB9zBLnlWAixXR3bM%2BfPOD%2BLCPkVb2twWgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
access-control-allow-credentials: true
cf-ray: 84466dbd5fd82c4e-FRA
x-backend-server: aa-reachservice-group-europe-west1-qpfr
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 97ms
83ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84466dbccf532c4e-FRA
content-length: 24
content-type: text/plain
date: Fri, 12 Jan 2024 15:28:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qkz73oNA%2Bxo3oK3%2F4HJLoEWXl9MzDnk6dDGOSRIeQbdTKj8VqrHOjaJZyB6jl6U6lUxz8jmZQ9ueImJH5roZemMjNjvrGMwd4dYArpRcFDvxipZICdCoUuCxz1asumpINexRVbE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-qpfr

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 93E0 17 KB
6 KB 149ms
149ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:28:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 134ms
133ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:28:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 21BC 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnKhT0gIaOqF9V-3ox_jIAnI3omSV318s4sbWfj3SeayO5BpB3DluIAI5dim1bFQof_r7KUuggVT0A06CuC8D_VbAcDQnYvYZoI62dIu9vB7FukClsK08xj7GdTIvYgJSSZ9k0X_acfWFCTk9nzICKq4ZT&sig=Cg0ArKJSzHAUcFmOXnJ3EAE&id=lidar2&mcvt=1026&p=572,1132,822,1432&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=3&adk=1481106528&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705073298450&rpt=513&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 8F52 2 KB
2 KB 41ms
40ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be671385d8f14d0361021e284605f515c7c049cf9953d0d8b50cfcd2ab62ab9b

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccwqER3pRTrsKiijUZ88X3vw8S80yg%2FwRsxSPncusBB2qBft31RcZdb00cKxx0PAC%2BIpARFDtPp%2FW0I30Bea%2FErFYUK41PXxC69uTY4kFcnLu59hwIZhxD9ZilWO7RJCtPtyY98%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
access-control-allow-credentials: true
cf-ray: 84466dbd6fe52c4e-FRA
x-backend-server: aa-reachservice-group-europe-west1-qpfr
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
35ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84466dbd2fa92c4e-FRA
content-length: 24
content-type: text/plain
date: Fri, 12 Jan 2024 15:28:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Fpzdz8IzJC1028mHUlM%2F3FoP1Xh3X1TkAziP9YR4B0K8g3SY4iQ%2Bf7CDuyoYJyCtY8d2A43NVQDKEzaUFipS%2B7aBfuv6HuK%2BOLSh9VB8hbaz8jONwAn9Ea7GLsBPygo5r6wuCE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-qpfr

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame A3C9 3 KB
3 KB 46ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=db2a964b51ea00e0bdf7d2643501cf82%2F149638236992245927&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300056&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC_mJ8kVqhZdf_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9BBHfQZ9_HW25X-Xi6z81qVFNspAHEIOWbCurApWOdciOm7p4M323gXSY0fnrgLVbNoPKsfG-L3gSylWzopZblxtFGxwB_1SZR9DCNicscxxVnYHg3pGW_Zp26y3wqA1Urx2MYiZWzsLOWi_xWlhbkK6djpZgOeHAkrdIxq_xG-QM801fDlt17UAwECebRNQBtdgJRaOWCAjWa8bVZJlqwsfKgzX_wwO5TP-hchzgtNlObxps8gQSxCj0E02FNEZBwFo4S6RVoBI4-sIQ1XXFU8V9RowCme5V60ySYXzPBK6LBTz2dGOB3UlPVT3DwhFC2Ufc7QK565JPQOPovEEYuho2FXg4sMrx1ZOuWXKy_ABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNjZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_2_nZ1SyvL0bU-rL9evZNormMWdAA%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DUdcrpKI6IhoLtH7Zpv4-ETaWeLGSa81i_hRo773Sn0POBAUhsbcIiJdlR_ELvpfcf2fnQtQsWRFd1URh8XfhTjlp6hlL4FCqCaNHAMD0xxsmPeFvk9xxLIkzzMLqt1s_wDA2u4CmZYVwBM05nopAOgVPieEFBtKvmDS-JY04S2yciOOk%2526cry%253D1%2526dbm_d%253DAKAmf-ArGky7ywQ5rEwCING_FifRz9EPVKi2d3uF-Fbcba7bmdrKrizVSTesQ7DiCT8CAVwpNbeG-Rxotur8IbEhC26LUM1oHv4BYGFB_HdwMZWijeMrXhU_x4XBG5kSscZqXIABs_pWRoDyv2X-HhT9kQeO7BT8R2vikVozVZO-ZEDOhVzHjpwv4xdtFtWhhhAu8bj5MMzJvk5uZIEijiEZxxDCyLwOqa_jhzIzXEtZL75eOAR2KS7qR8BG22IbBnmfVFdKN0Qxbng153gTSvSYtBj77tjNgU9FHmP9jd4o4_SKWeoqb2N9BSntOrBJm79ALRMJsHpUHkVk7SKmG0q9ejTTj1HKmOikvGnz0fhRXqYl-ngkejfLB0wnutHfFrLY6DOQ-E2WCSuUI00wz72k_Z4BftmciOly7OlaE4E-vTviUNMViAQdPc7meKco7Ra5FncgRsKeziWZ3VooqDHA8sxLarRroWR1L4XhHSymYEU7ju9X0iFkPCMgSSx00fVg4juthsNEmDmMje4Ab9CpPTORL3vslp5DbRud_9EbkYk7x7IRfBhJtEZtT6kxcpXj2fwAQacX%2526adurl%253D&y=1&s=&z=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f8f7e55983ea912cfa3e701aad7b9c48042a40625c42d11d25a804781df413

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84466dbdcb289951-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:20 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 366B 3 KB
2 KB 45ms
42ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=fea52d219cee1503f79bf1716dbc5996%2F10430786718170859726&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300069&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DChLtGkVqhZdn_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9Dsl8vCHy4GdQRMO_CQq9E9gBk4nN0dYkEecML3UpQFmKkso16qmMOduENRBGhjHj0tPza0wZMwL_ks9Vd5bRkKW8WeuE4eH2ndumedi3LYjT2BFrrja9UbUZo_Z06M4iFU4LljgjM2kWzByarYqyCkA4yDosY9qfq1A7VHnZF7z2hza1X2b-slL2i4tjzdIf4DSVH4tbZvKOifwBj1xOC8pUKrKHqAYe70RffYK6tlElz0EXEJRvKk2-qI2t8g2jbiJ-u5VPyUR0bKeneZ6OUk58RoU_REPw_AkgXrp2dN_UAkSM9m7HzfLjOE9z-d3ruNKJXtqh5j3fAFj7Z_-N3rw-pJ4Rijc8Wa8tV6z2TABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNrZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_3OaKHVAhQ1ga1ASKPV50dinAxHkw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-Adr0or5_wpsU-T-hWvUQWFBeI5TWJZicSTy6czLs49iPT2NkXJJwvPNGV8R8FQpFzM_QJzYt8a3zBiMojXn5Cvz20Dtwi44jc7prykGJzg9l3NIC741Tt2cSG-CHo4DBL3FubOnL00eEZ90BeWOY2zgr3Sp3AxRRO3Q9U8XWMWya_ZiUU%2526cry%253D1%2526dbm_d%253DAKAmf-BT5VcTK1d_TJfV7ehqz3VNCUsenITqD9BmWW2h5YYo3E4F85UZcomUkAFIo48myqbcGCbstiOObIFx8041K4aUe5jCKK8Iu5xmPqrSwDqZ7hvtFbGfKy71vi7s_WZL5sFO3OpRFCFp4rA8zQKm4YGxUrgYT6uA8F3VqWvMpAD2hx177l33VlNMI7AmbWWH07o398mN5CS84GMqmIwxdvmigoPm19OLEELhGk5p0rP-krf00TzwvB5qlFTIgCO0E3ly9Y_7qc-J1OGoS5IT6rZfxU3rxptQPcl9XkbmzowL19Y27x-_EmVxJgSYYMXLsSyrtyWeePHl5tj7CGnFWD612uUrmYj_yK3ITDJxXycYzE7cTG0H2_tm9zLYN0UEGw29yKFnebvg0bfj_FG9-CVs5EUXMKUxxkTKeYTNKkdEopKQQRssqbazJOWiloLPcLb04w1fzEJmJM6sCrD9sIrRlaROCXA_HOHb5aM-FY7zjJA_kVqeSQbn3mEnEHuRwKNouSpXg2KeZwVW9o-RTBGrWo4euvBNctgrqUihlqJp0FWilL8EYbePm3yCJzsM8lNrOKdA%2526adurl%253D&y=1&s=&z=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6dcb58b9670c33c9e65c44ada35f2fc731ece720104cc003459cc4256b65869

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84466dbdeb429951-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:20 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A3C9 115 KB
14 KB 37ms
34ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=db2a964b51ea00e0bdf7d2643501cf82%2F149638236992245927&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300056&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC_mJ8kVqhZdf_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9BBHfQZ9_HW25X-Xi6z81qVFNspAHEIOWbCurApWOdciOm7p4M323gXSY0fnrgLVbNoPKsfG-L3gSylWzopZblxtFGxwB_1SZR9DCNicscxxVnYHg3pGW_Zp26y3wqA1Urx2MYiZWzsLOWi_xWlhbkK6djpZgOeHAkrdIxq_xG-QM801fDlt17UAwECebRNQBtdgJRaOWCAjWa8bVZJlqwsfKgzX_wwO5TP-hchzgtNlObxps8gQSxCj0E02FNEZBwFo4S6RVoBI4-sIQ1XXFU8V9RowCme5V60ySYXzPBK6LBTz2dGOB3UlPVT3DwhFC2Ufc7QK565JPQOPovEEYuho2FXg4sMrx1ZOuWXKy_ABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNjZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_2_nZ1SyvL0bU-rL9evZNormMWdAA%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DUdcrpKI6IhoLtH7Zpv4-ETaWeLGSa81i_hRo773Sn0POBAUhsbcIiJdlR_ELvpfcf2fnQtQsWRFd1URh8XfhTjlp6hlL4FCqCaNHAMD0xxsmPeFvk9xxLIkzzMLqt1s_wDA2u4CmZYVwBM05nopAOgVPieEFBtKvmDS-JY04S2yciOOk%2526cry%253D1%2526dbm_d%253DAKAmf-ArGky7ywQ5rEwCING_FifRz9EPVKi2d3uF-Fbcba7bmdrKrizVSTesQ7DiCT8CAVwpNbeG-Rxotur8IbEhC26LUM1oHv4BYGFB_HdwMZWijeMrXhU_x4XBG5kSscZqXIABs_pWRoDyv2X-HhT9kQeO7BT8R2vikVozVZO-ZEDOhVzHjpwv4xdtFtWhhhAu8bj5MMzJvk5uZIEijiEZxxDCyLwOqa_jhzIzXEtZL75eOAR2KS7qR8BG22IbBnmfVFdKN0Qxbng153gTSvSYtBj77tjNgU9FHmP9jd4o4_SKWeoqb2N9BSntOrBJm79ALRMJsHpUHkVk7SKmG0q9ejTTj1HKmOikvGnz0fhRXqYl-ngkejfLB0wnutHfFrLY6DOQ-E2WCSuUI00wz72k_Z4BftmciOly7OlaE4E-vTviUNMViAQdPc7meKco7Ra5FncgRsKeziWZ3VooqDHA8sxLarRroWR1L4XhHSymYEU7ju9X0iFkPCMgSSx00fVg4juthsNEmDmMje4Ab9CpPTORL3vslp5DbRud_9EbkYk7x7IRfBhJtEZtT6kxcpXj2fwAQacX%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=db2a964b51ea00e0bdf7d2643501cf82%2F149638236992245927&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300056&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC_mJ8kVqhZdf_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9BBHfQZ9_HW25X-Xi6z81qVFNspAHEIOWbCurApWOdciOm7p4M323gXSY0fnrgLVbNoPKsfG-L3gSylWzopZblxtFGxwB_1SZR9DCNicscxxVnYHg3pGW_Zp26y3wqA1Urx2MYiZWzsLOWi_xWlhbkK6djpZgOeHAkrdIxq_xG-QM801fDlt17UAwECebRNQBtdgJRaOWCAjWa8bVZJlqwsfKgzX_wwO5TP-hchzgtNlObxps8gQSxCj0E02FNEZBwFo4S6RVoBI4-sIQ1XXFU8V9RowCme5V60ySYXzPBK6LBTz2dGOB3UlPVT3DwhFC2Ufc7QK565JPQOPovEEYuho2FXg4sMrx1ZOuWXKy_ABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNjZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_2_nZ1SyvL0bU-rL9evZNormMWdAA%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DUdcrpKI6IhoLtH7Zpv4-ETaWeLGSa81i_hRo773Sn0POBAUhsbcIiJdlR_ELvpfcf2fnQtQsWRFd1URh8XfhTjlp6hlL4FCqCaNHAMD0xxsmPeFvk9xxLIkzzMLqt1s_wDA2u4CmZYVwBM05nopAOgVPieEFBtKvmDS-JY04S2yciOOk%2526cry%253D1%2526dbm_d%253DAKAmf-ArGky7ywQ5rEwCING_FifRz9EPVKi2d3uF-Fbcba7bmdrKrizVSTesQ7DiCT8CAVwpNbeG-Rxotur8IbEhC26LUM1oHv4BYGFB_HdwMZWijeMrXhU_x4XBG5kSscZqXIABs_pWRoDyv2X-HhT9kQeO7BT8R2vikVozVZO-ZEDOhVzHjpwv4xdtFtWhhhAu8bj5MMzJvk5uZIEijiEZxxDCyLwOqa_jhzIzXEtZL75eOAR2KS7qR8BG22IbBnmfVFdKN0Qxbng153gTSvSYtBj77tjNgU9FHmP9jd4o4_SKWeoqb2N9BSntOrBJm79ALRMJsHpUHkVk7SKmG0q9ejTTj1HKmOikvGnz0fhRXqYl-ngkejfLB0wnutHfFrLY6DOQ-E2WCSuUI00wz72k_Z4BftmciOly7OlaE4E-vTviUNMViAQdPc7meKco7Ra5FncgRsKeziWZ3VooqDHA8sxLarRroWR1L4XhHSymYEU7ju9X0iFkPCMgSSx00fVg4juthsNEmDmMje4Ab9CpPTORL3vslp5DbRud_9EbkYk7x7IRfBhJtEZtT6kxcpXj2fwAQacX%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2641119
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xHZ%2Bg%2BHsdsTHuxxzs6AfMcsP8NlTp0qCBB0pBxo7MycgDnZM%2BCWHORjiyQGbfTHb47HZAvT7KjP9fM9jVyk1HxJqVZnzjAPtoPtNjDvpMQRAM3fHegi22ZK3UyQ2WCIckTG0FKIgGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84466dbe2b585c74-FRA
expires: Sat, 13 Jan 2024 15:28:20 GMT

GET
H/1.1 200
OK oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0
ndirect.ppro.de/image/e1JZ/ Frame A3C9 15 KB
16 KB 84ms
17ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/image/e1JZ/oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=db2a964b51ea00e0bdf7d2643501cf82%2F149638236992245927&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300056&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC_mJ8kVqhZdf_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9BBHfQZ9_HW25X-Xi6z81qVFNspAHEIOWbCurApWOdciOm7p4M323gXSY0fnrgLVbNoPKsfG-L3gSylWzopZblxtFGxwB_1SZR9DCNicscxxVnYHg3pGW_Zp26y3wqA1Urx2MYiZWzsLOWi_xWlhbkK6djpZgOeHAkrdIxq_xG-QM801fDlt17UAwECebRNQBtdgJRaOWCAjWa8bVZJlqwsfKgzX_wwO5TP-hchzgtNlObxps8gQSxCj0E02FNEZBwFo4S6RVoBI4-sIQ1XXFU8V9RowCme5V60ySYXzPBK6LBTz2dGOB3UlPVT3DwhFC2Ufc7QK565JPQOPovEEYuho2FXg4sMrx1ZOuWXKy_ABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNjZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_2_nZ1SyvL0bU-rL9evZNormMWdAA%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-DUdcrpKI6IhoLtH7Zpv4-ETaWeLGSa81i_hRo773Sn0POBAUhsbcIiJdlR_ELvpfcf2fnQtQsWRFd1URh8XfhTjlp6hlL4FCqCaNHAMD0xxsmPeFvk9xxLIkzzMLqt1s_wDA2u4CmZYVwBM05nopAOgVPieEFBtKvmDS-JY04S2yciOOk%2526cry%253D1%2526dbm_d%253DAKAmf-ArGky7ywQ5rEwCING_FifRz9EPVKi2d3uF-Fbcba7bmdrKrizVSTesQ7DiCT8CAVwpNbeG-Rxotur8IbEhC26LUM1oHv4BYGFB_HdwMZWijeMrXhU_x4XBG5kSscZqXIABs_pWRoDyv2X-HhT9kQeO7BT8R2vikVozVZO-ZEDOhVzHjpwv4xdtFtWhhhAu8bj5MMzJvk5uZIEijiEZxxDCyLwOqa_jhzIzXEtZL75eOAR2KS7qR8BG22IbBnmfVFdKN0Qxbng153gTSvSYtBj77tjNgU9FHmP9jd4o4_SKWeoqb2N9BSntOrBJm79ALRMJsHpUHkVk7SKmG0q9ejTTj1HKmOikvGnz0fhRXqYl-ngkejfLB0wnutHfFrLY6DOQ-E2WCSuUI00wz72k_Z4BftmciOly7OlaE4E-vTviUNMViAQdPc7meKco7Ra5FncgRsKeziWZ3VooqDHA8sxLarRroWR1L4XhHSymYEU7ju9X0iFkPCMgSSx00fVg4juthsNEmDmMje4Ab9CpPTORL3vslp5DbRud_9EbkYk7x7IRfBhJtEZtT6kxcpXj2fwAQacX%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2d56d1cc8ea5ed168b6b4250820de6dad2542bc29ae04b5f0971e642cb5191ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 15847
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK pvtrgenview Show response
ndirect.ppro.de/ Frame A3C9 1 KB
2 KB 97ms
21ms Script
text/javascript 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

f233f1f498a184f1869d03aea460462110a548bc4bd8928542c561f30a51066e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame A84C 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF23 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 12:38:58 GMT
expires: Sat, 11 Jan 2025 12:38:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7025 829 B
1 KB 68ms
23ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92f12de52759f50ec0a45249158d4ae2fcade757a5d968637e510f4d03c3135b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FV9P4G_GGIiA8K6B0jGPig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FV9P4G_GGIiA8K6B0jGPig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:20 GMT
expires: Fri, 12 Jan 2024 15:28:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 366B 115 KB
14 KB 32ms
30ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=fea52d219cee1503f79bf1716dbc5996%2F10430786718170859726&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300069&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DChLtGkVqhZdn_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9Dsl8vCHy4GdQRMO_CQq9E9gBk4nN0dYkEecML3UpQFmKkso16qmMOduENRBGhjHj0tPza0wZMwL_ks9Vd5bRkKW8WeuE4eH2ndumedi3LYjT2BFrrja9UbUZo_Z06M4iFU4LljgjM2kWzByarYqyCkA4yDosY9qfq1A7VHnZF7z2hza1X2b-slL2i4tjzdIf4DSVH4tbZvKOifwBj1xOC8pUKrKHqAYe70RffYK6tlElz0EXEJRvKk2-qI2t8g2jbiJ-u5VPyUR0bKeneZ6OUk58RoU_REPw_AkgXrp2dN_UAkSM9m7HzfLjOE9z-d3ruNKJXtqh5j3fAFj7Z_-N3rw-pJ4Rijc8Wa8tV6z2TABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNrZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_3OaKHVAhQ1ga1ASKPV50dinAxHkw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-Adr0or5_wpsU-T-hWvUQWFBeI5TWJZicSTy6czLs49iPT2NkXJJwvPNGV8R8FQpFzM_QJzYt8a3zBiMojXn5Cvz20Dtwi44jc7prykGJzg9l3NIC741Tt2cSG-CHo4DBL3FubOnL00eEZ90BeWOY2zgr3Sp3AxRRO3Q9U8XWMWya_ZiUU%2526cry%253D1%2526dbm_d%253DAKAmf-BT5VcTK1d_TJfV7ehqz3VNCUsenITqD9BmWW2h5YYo3E4F85UZcomUkAFIo48myqbcGCbstiOObIFx8041K4aUe5jCKK8Iu5xmPqrSwDqZ7hvtFbGfKy71vi7s_WZL5sFO3OpRFCFp4rA8zQKm4YGxUrgYT6uA8F3VqWvMpAD2hx177l33VlNMI7AmbWWH07o398mN5CS84GMqmIwxdvmigoPm19OLEELhGk5p0rP-krf00TzwvB5qlFTIgCO0E3ly9Y_7qc-J1OGoS5IT6rZfxU3rxptQPcl9XkbmzowL19Y27x-_EmVxJgSYYMXLsSyrtyWeePHl5tj7CGnFWD612uUrmYj_yK3ITDJxXycYzE7cTG0H2_tm9zLYN0UEGw29yKFnebvg0bfj_FG9-CVs5EUXMKUxxkTKeYTNKkdEopKQQRssqbazJOWiloLPcLb04w1fzEJmJM6sCrD9sIrRlaROCXA_HOHb5aM-FY7zjJA_kVqeSQbn3mEnEHuRwKNouSpXg2KeZwVW9o-RTBGrWo4euvBNctgrqUihlqJp0FWilL8EYbePm3yCJzsM8lNrOKdA%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=fea52d219cee1503f79bf1716dbc5996%2F10430786718170859726&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300069&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DChLtGkVqhZdn_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9Dsl8vCHy4GdQRMO_CQq9E9gBk4nN0dYkEecML3UpQFmKkso16qmMOduENRBGhjHj0tPza0wZMwL_ks9Vd5bRkKW8WeuE4eH2ndumedi3LYjT2BFrrja9UbUZo_Z06M4iFU4LljgjM2kWzByarYqyCkA4yDosY9qfq1A7VHnZF7z2hza1X2b-slL2i4tjzdIf4DSVH4tbZvKOifwBj1xOC8pUKrKHqAYe70RffYK6tlElz0EXEJRvKk2-qI2t8g2jbiJ-u5VPyUR0bKeneZ6OUk58RoU_REPw_AkgXrp2dN_UAkSM9m7HzfLjOE9z-d3ruNKJXtqh5j3fAFj7Z_-N3rw-pJ4Rijc8Wa8tV6z2TABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNrZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_3OaKHVAhQ1ga1ASKPV50dinAxHkw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-Adr0or5_wpsU-T-hWvUQWFBeI5TWJZicSTy6czLs49iPT2NkXJJwvPNGV8R8FQpFzM_QJzYt8a3zBiMojXn5Cvz20Dtwi44jc7prykGJzg9l3NIC741Tt2cSG-CHo4DBL3FubOnL00eEZ90BeWOY2zgr3Sp3AxRRO3Q9U8XWMWya_ZiUU%2526cry%253D1%2526dbm_d%253DAKAmf-BT5VcTK1d_TJfV7ehqz3VNCUsenITqD9BmWW2h5YYo3E4F85UZcomUkAFIo48myqbcGCbstiOObIFx8041K4aUe5jCKK8Iu5xmPqrSwDqZ7hvtFbGfKy71vi7s_WZL5sFO3OpRFCFp4rA8zQKm4YGxUrgYT6uA8F3VqWvMpAD2hx177l33VlNMI7AmbWWH07o398mN5CS84GMqmIwxdvmigoPm19OLEELhGk5p0rP-krf00TzwvB5qlFTIgCO0E3ly9Y_7qc-J1OGoS5IT6rZfxU3rxptQPcl9XkbmzowL19Y27x-_EmVxJgSYYMXLsSyrtyWeePHl5tj7CGnFWD612uUrmYj_yK3ITDJxXycYzE7cTG0H2_tm9zLYN0UEGw29yKFnebvg0bfj_FG9-CVs5EUXMKUxxkTKeYTNKkdEopKQQRssqbazJOWiloLPcLb04w1fzEJmJM6sCrD9sIrRlaROCXA_HOHb5aM-FY7zjJA_kVqeSQbn3mEnEHuRwKNouSpXg2KeZwVW9o-RTBGrWo4euvBNctgrqUihlqJp0FWilL8EYbePm3yCJzsM8lNrOKdA%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2641119
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfyOkpu4A9Vm%2Fa9ULVhAIBy3jjg9QYlJopD2R1R7CRlO958k0WSdwMCX9yTyqeW%2FiFzs3tM4zTRD7qRD41isMeOaCEf5k2r6nrwBmyAALhmqdMrV11BxTGreUEmQMdEoWorQdKngtq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84466dbeac275c74-FRA
expires: Sat, 13 Jan 2024 15:28:20 GMT

GET
H/1.1 200
OK oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0
ndirect.ppro.de/image/e1JZ/ Frame 366B 15 KB
16 KB 24ms
20ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/image/e1JZ/oneid4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5oneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=fea52d219cee1503f79bf1716dbc5996%2F10430786718170859726&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300069&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DChLtGkVqhZdn_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9Dsl8vCHy4GdQRMO_CQq9E9gBk4nN0dYkEecML3UpQFmKkso16qmMOduENRBGhjHj0tPza0wZMwL_ks9Vd5bRkKW8WeuE4eH2ndumedi3LYjT2BFrrja9UbUZo_Z06M4iFU4LljgjM2kWzByarYqyCkA4yDosY9qfq1A7VHnZF7z2hza1X2b-slL2i4tjzdIf4DSVH4tbZvKOifwBj1xOC8pUKrKHqAYe70RffYK6tlElz0EXEJRvKk2-qI2t8g2jbiJ-u5VPyUR0bKeneZ6OUk58RoU_REPw_AkgXrp2dN_UAkSM9m7HzfLjOE9z-d3ruNKJXtqh5j3fAFj7Z_-N3rw-pJ4Rijc8Wa8tV6z2TABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNrZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_3OaKHVAhQ1ga1ASKPV50dinAxHkw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-Adr0or5_wpsU-T-hWvUQWFBeI5TWJZicSTy6czLs49iPT2NkXJJwvPNGV8R8FQpFzM_QJzYt8a3zBiMojXn5Cvz20Dtwi44jc7prykGJzg9l3NIC741Tt2cSG-CHo4DBL3FubOnL00eEZ90BeWOY2zgr3Sp3AxRRO3Q9U8XWMWya_ZiUU%2526cry%253D1%2526dbm_d%253DAKAmf-BT5VcTK1d_TJfV7ehqz3VNCUsenITqD9BmWW2h5YYo3E4F85UZcomUkAFIo48myqbcGCbstiOObIFx8041K4aUe5jCKK8Iu5xmPqrSwDqZ7hvtFbGfKy71vi7s_WZL5sFO3OpRFCFp4rA8zQKm4YGxUrgYT6uA8F3VqWvMpAD2hx177l33VlNMI7AmbWWH07o398mN5CS84GMqmIwxdvmigoPm19OLEELhGk5p0rP-krf00TzwvB5qlFTIgCO0E3ly9Y_7qc-J1OGoS5IT6rZfxU3rxptQPcl9XkbmzowL19Y27x-_EmVxJgSYYMXLsSyrtyWeePHl5tj7CGnFWD612uUrmYj_yK3ITDJxXycYzE7cTG0H2_tm9zLYN0UEGw29yKFnebvg0bfj_FG9-CVs5EUXMKUxxkTKeYTNKkdEopKQQRssqbazJOWiloLPcLb04w1fzEJmJM6sCrD9sIrRlaROCXA_HOHb5aM-FY7zjJA_kVqeSQbn3mEnEHuRwKNouSpXg2KeZwVW9o-RTBGrWo4euvBNctgrqUihlqJp0FWilL8EYbePm3yCJzsM8lNrOKdA%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2d56d1cc8ea5ed168b6b4250820de6dad2542bc29ae04b5f0971e642cb5191ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 15847
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK pvtrgenview Show response
ndirect.ppro.de/ Frame 366B 1 KB
2 KB 39ms
21ms Script
text/javascript 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=490604&b=2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574P&f=4r4fEf5fXVb7hGHxtxuzCDWWtbSpTzgU3RM5&c=300&d=250&e=&g=fea52d219cee1503f79bf1716dbc5996%2F10430786718170859726&i=28060&j=56&k=0&l=0&m=0&n=&p=&q=&o=dbmPros_Singlesite&r=1705073300069&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DChLtGkVqhZdn_NIf_x_APmcCc0Ai_yZq1b7KamuqxEJCDhZ4LEAEgwYKLmgFglYKggrAHyAEJqQIfbostK2ayPqgDAcgDmwSqBJACT9Dsl8vCHy4GdQRMO_CQq9E9gBk4nN0dYkEecML3UpQFmKkso16qmMOduENRBGhjHj0tPza0wZMwL_ks9Vd5bRkKW8WeuE4eH2ndumedi3LYjT2BFrrja9UbUZo_Z06M4iFU4LljgjM2kWzByarYqyCkA4yDosY9qfq1A7VHnZF7z2hza1X2b-slL2i4tjzdIf4DSVH4tbZvKOifwBj1xOC8pUKrKHqAYe70RffYK6tlElz0EXEJRvKk2-qI2t8g2jbiJ-u5VPyUR0bKeneZ6OUk58RoU_REPw_AkgXrp2dN_UAkSM9m7HzfLjOE9z-d3ruNKJXtqh5j3fAFj7Z_-N3rw-pJ4Rijc8Wa8tV6z2TABOiG5LSJBOAEA4gFk4eQx0KQBgGgBk2AB7eqpMcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYi47vgZXYgwOACgOYCwHICwGADAGiDAgqBgoErLqxAqoNAkRF4g0TCNrZ74GV2IMDFYf_EQgdGSAHirAT-9f2D9ATANgTA9gUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB%2526sig%253DAOD64_3OaKHVAhQ1ga1ASKPV50dinAxHkw%2526client%253Dca-pub-2305304999188653%2526dbm_c%253DAKAmf-Adr0or5_wpsU-T-hWvUQWFBeI5TWJZicSTy6czLs49iPT2NkXJJwvPNGV8R8FQpFzM_QJzYt8a3zBiMojXn5Cvz20Dtwi44jc7prykGJzg9l3NIC741Tt2cSG-CHo4DBL3FubOnL00eEZ90BeWOY2zgr3Sp3AxRRO3Q9U8XWMWya_ZiUU%2526cry%253D1%2526dbm_d%253DAKAmf-BT5VcTK1d_TJfV7ehqz3VNCUsenITqD9BmWW2h5YYo3E4F85UZcomUkAFIo48myqbcGCbstiOObIFx8041K4aUe5jCKK8Iu5xmPqrSwDqZ7hvtFbGfKy71vi7s_WZL5sFO3OpRFCFp4rA8zQKm4YGxUrgYT6uA8F3VqWvMpAD2hx177l33VlNMI7AmbWWH07o398mN5CS84GMqmIwxdvmigoPm19OLEELhGk5p0rP-krf00TzwvB5qlFTIgCO0E3ly9Y_7qc-J1OGoS5IT6rZfxU3rxptQPcl9XkbmzowL19Y27x-_EmVxJgSYYMXLsSyrtyWeePHl5tj7CGnFWD612uUrmYj_yK3ITDJxXycYzE7cTG0H2_tm9zLYN0UEGw29yKFnebvg0bfj_FG9-CVs5EUXMKUxxkTKeYTNKkdEopKQQRssqbazJOWiloLPcLb04w1fzEJmJM6sCrD9sIrRlaROCXA_HOHb5aM-FY7zjJA_kVqeSQbn3mEnEHuRwKNouSpXg2KeZwVW9o-RTBGrWo4euvBNctgrqUihlqJp0FWilL8EYbePm3yCJzsM8lNrOKdA%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

88ffb46d0fcb09d01a737787da36ba38187f75c653b7b4fb8f92d9a01d87e762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F507 0
20 B 69ms
68ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bl1WYk1qhZeSDBrGJ9u8PzZ-E-AMAAAAAOAHgBAI&bg=!hIelh8jNAAaumcC-jpk7ADQBe5WfOJQ-h9xXGK8mlWra9RGXOKu5YNLMdvYWjh-MtN_awZ67pqLFtkcwfM65rHIE_p-1AgAAAXdSAAAABGgBB5kC-tpAUXa8eMTBNskUdxZRNVi4cbi8xyoYNIswrwsIYD_hc_9AaobEpM0JeoKjymTZ43oPizjvLZ-ErCsMn0gELqNZ6Kb1v1Ek-QPB1Ic2iReOJM0paq75huL-uuoqNraIDXoSU9AX6EzfuMPZMy_xyLYgxh6IWGwqyvGpI9jhcYTVFOtsmeu5kOI_4heehnRkLwhA8EhoGPco7NHizZPEBTmi3kbF0ZlPHv_xtclklAQ6KV8g6_-RteR21vlXMyjE_BIxggrprG3FPZ_0-VbrrspZQ0nlcYULh_2pyJ4OVlG1NpdFi6IDkMbGZUqAuh8_aIlw0eJEpFaLRxXAUlqC-sBY4VhiamCu1XXBiNtx8NL0RpLll8CcvGIYh0IUWAYnylBqJ02Ju1ScDfMBJWoLzDY6mQ1hLdxuiF1VQ3zQDf9s0clzkZP0AA_hQFkMn3U9K5P9UgtRrIlg8QBcNOdXNjHs6Ew0AlYny5FFemVnXeUUSXfvkFwojJpvL8goLCMa7WvmNlX4xH89oHVRK79UeNgRve8eEGAZ-Si62fVzqzn78H1TDFtq51QW7ideGoFJKToS9QRF74Tx2McbaeFb5zFVXUIGhUA0eYhQsvef2HIndfFg5N5g9ZtsaJqULQCGbgwnpJ0n93XKo6qUYl4qN9oLfU2ao6TQaawhqV5XPXZ4mRIphProE299HlPpjMxZdW1Bu7CnmgAjTm9E1TPfJkVzUqWkqjUuPLjfL1o_br-9izyYJmm-69LHzivT29K_b_RKZQxomkJiB6Qdgk3ObVYz4XsP48qivzcNw-SYK6fGNZxWDCFSOBgev6UWgtLJTnATfG0svBDFAMMmKbH9zyPG5p__lqFls-lysrX7vhUJPQkg7jUhbKiwcpEIiEwHs-w96B19LHpc1ocEvOm2iq8zhWrCdGahYHJBwIO-1_B7BcBhD7by2t9GhN8YW-S6Zsbhdirqp9KxlQqD7-6u3pf94vT2RuT_SzViOm5LSGcDrGtaZMePJFQ2ow

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C929 0
20 B 52ms
50ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhGQMk1qhZZHGCMXox_APwNiOmAIAAAAAOAHgBAI&bg=!2dql2pXNAAaumcC-jpk7ADQBe5WfOJHeA7usCPdANifo7yBZZRjUdIs0V-sA8TuLooIehwDt77LruNQXrqUxSCLDhPtNAgAAATlSAAAABGgBBwoAaAn4G1oRkOeRlrrDgIgrDGYj4cKdoN9cpCxqPynRf2DHky4sASwkI1F1VYoqcY7aUsz7OYgtcZvopLkAh3bM-i4GwSCaGXfD3dz94bMpdpnKhMmNmAQ1LFsFyV_wZotbt0J9tL2nkEv0mQMFZOt2vWkx_WQIaPtODvYYbuSqCzfp-rEioCP9PJDDxtvh04QCiWp6oi1mrT_zOJ0W8nAvyYtQTciZ6O7bJu8Zxu5Fq-neH8_AkiAQAo8Yblt6YaVXNpVxWBSXNRbfiBMHmyPBEhXgJCPMckRBhZDAUNj1LZZSEGbMlbKyvQhVzzU5Xm2mQ6b2GDd_tmfDXDa8EscB2ayho7-MqDQLqstryavN1oa3sChb-pO-g5hVXdXFqeYZ-gaWjXWwsb9qOTxoE7cJLcgFbOL0PRONRp2gujWPfHyySOggCd6arYXPpZwZwdq8KpPYG2dnGQRx9dyGMEuqDB2Sq1znvCI3avNO3k-mLrboY7yUdGQTFmB_fWLD2jlhNgyCYM7-VWalJBHVGUlnFBEvgI8Xqo0LgjN5PI0iwjnbOhKLm_Kse-J7e96QODmIT8xYOwx6FBHZAoCCmUTK5Ek13fHBhreGInvmaTB8hfd43XF3UDtkJx3QhF6zKhm1uD9dFyNRD_q_0CMbIuXGIobHRPYTOQaSjFF_27P2ZoEGvTEz19BLp7w3mRef50UK-AZYXltDXPYwl5rLK6mVkSgeGJKVsNlE54aa6h8OOQW3DYhLWNmjGsH0mQZPc2CBFSmxv3HN8fhUE7neWX5D2eEs5pA7NCh6Hp62FD06HMiS--EpNTmIIZ-iYQIBHkCe7dY8WzO_NQLR-okgUQfOIN1w6qETiNml7_6YZMCPhuG-u9R1oCD2kgXwqrw4kLZPWYegdSqUJZKfTLFOfjh7BCy_pzWhd-C3eQNEFPFMJXP7N2eXQ0UgFw_0-xaa3-D6ctWuyBhQAbtRUSfqhMo_l3W_3zwsxOk39Hc2xLaZSr8K-2-b-kt5HZ-e1D-oStkhss02Vsmrms7DkpH2phAkd2DpYZy1Lm61xOT4YfeNO7648zKvrJp14uIOIoH6qsBq_wUfardDpjTZ1bOL81d73vrGKKtLCGmrFP8r6uS8EikoJZ5SzIVaGYZ_XyjO9lMMcbgENzvBurzGMMvXyd8pSGA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93D1 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5qUOVOa-SQqyBRzXL9VD79X6AzkryQynLdJW25AhQ592DHgcvkzkEJMUUAWnoOOP0BjOTjoFrB4srNLdCPxFoi2a-aXoJFMm02j8vo6X9fLSirko7bASRmj4rH2qwHbw6y0Dm9mxMKAs&sai=AMfl-YRxSofovfVV4HnQpnSTEaLgHdJvCs_cYk-0FwEjNLGcXPpo9frCSY50GZqLZyWymQ_sDBFnTrxUYCoxtZNdCZ__4ffTCCLJCurQBOjMvM77dgBPjL4gH-IItpL2ljMrnci9Hzq0pxiagDlMe6NM&sig=Cg0ArKJSzOo4Pz3wTTqEEAE&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&id=lidar2&mcvt=1048&p=862,1132,1112,1432&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3064630007&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705073298477&rpt=756&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pvtr Show response
ndirect.ppro.de/ Frame 1340 38 KB
15 KB 24ms
24ms Document
text/html 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtr?v=307dnAeB2&vid=d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

118f3052e4e343fb53cdde6732930c00e317a0e336569441a6eca64c176ba993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 15:28:20 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 /
pvx.freenet-mobilfunk.de/ Frame A3C9 43 B
419 B 125ms
61ms Image
image/gif 2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41100000&subvpid=97683241&eventid=d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 84466dbfae3a039a-FRA
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBBF 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCy0yk1qhZbnvC4Op1PIPoaGKsAsAAAAAOAHgBAI&bg=!FBelF1jNAAaumcC-jpk7ADQBe5WfOCeCyiCv03i0aY-37mSCRxIlwlXlgsZf4Tg-YsR8vxjxk7Usk0MQ3TQVwfb3onOuAgAAAXFSAAAAB2gBB5kC-E1095D0qzns_HSc2oUQD_Hp7pePdI-DIFCjw7TtAZaNkR5m79yxOWFjAE0-CveF9DKYHpWiVQnjaMMFUyH_atER9N46YK6yULbs6TY6-v6FW1RuGdt6ndpuI3ne5vASG_XsiklVTzezhg6TQnzjfwi6e3GkLxmV-Xcot0aCCuSokENL_jrUcTPuf-0YC5TGN8RUXbC8ErOZx-OXe49t7tXXSVpY21BHG74IYj8LyCmI-Ln0efWnYC4UGV2Qjxrq1dHnTuwTfxg71QwceFHNSOltDKoAMRmsjfrRrzAWFmBcyebN0vfjn3fOgDoKElfDBt1NPwViv1TNj6MC1knvwMQ7uqHZx8j3dhJWXUmieM5DRzbRYh-REdrFz8x5Hl8t0e59mWSl7Zid5FCexLO7S4K5HXtu1O6rtTZ8Ht0Q_0cTFn0tU2Sy8v31bJwWZ3eDYTbJFhyTJ-ujCY43oBnB48cMochLJNAKv8kigxmaAZq41d88COB586Bqng_9pSpK7K3a9zEd9ofHs5ZjcXCPt5KPmq-HUQxqFTJMSu6pR_miQyIkWZ4QF9dlv-gGNUes5INzzaJ0ucO8gdkhXSp65V301LYnx4-l0wch0xpWKyQJo0-Bw67P2S5TyivoMg_g1L7XcUuBAJS8bJaWeqVJxeZcxju0Z1CHSSfQ3A8FGPJmZFis4OtmnbDGMn89ImEAH3cwryzi1AJ81MO3uS_BPRdKU9J2vrDEINsANu3f1-87ePxO-7UBwO6Z8ptEiZePVXi2cIgLv8ihSr2munIuXaPoSdYGD_1jWIRIEbSYYb8BShjRGAJMClCaOUuGyuhPH9eSNT55d4BP8L7QSnvwCNOHMuIeKxbaawoIbyW5YjiInhrSM8U9rYwRJoDRhNIcclPPWWI64guC7PypRsh5Sj0fPIv6jmWzU4t7mrXGvUmwCSA_tvrglyiTW2h6aC7ht-3tv9h8rJ2KvfMZ2QIciRt-Kswo6ipFWWx888cRPWcUnzGgBuyvyEY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pvx.freenet-mobilfunk.de/ Frame 366B 43 B
1 KB 70ms
29ms Image
image/gif 2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 84466dbfae33039a-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK pvtr Show response
ndirect.ppro.de/ Frame 59C0 38 KB
15 KB 21ms
19ms Document
text/html 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to

Full URL

https://ndirect.ppro.de/pvtr?v=307dnAhd2&vid=d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2

Requested by

Host: ndirect.ppro.de
URL: https://ndirect.ppro.de/pvtrgenview?guid=e1JZ&isimg=1&subId=oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

eaa60e5659edcb05944473f56efb72463bd3360066a062fc60424458878cb3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 15:28:20 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7025 0
0 54ms
52ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=416983908018843&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame DF23 39 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50CE 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK1WE4sGr532sgXqqGAcSXXwO14OfKoJJCTG1SL3NI2QdGY47Nep3tKkrZcsew6E38FM4bHE1ssi1Mhc_mD5xOCDmeJUxLXbUIIFQmscCCry4CR7NgjzcLFpUJHz4xT-AHW0PnDD3Q2bWqDo85GrQOesQD&sai=AMfl-YQgf-11qMDPIprDXzSuDGUoHL3Y2N9CwipJkBtpovDbWFyPnyRhOlqc8DP805u9k60_vCKpyCMIUCT_t-NjiCIbpI91r7yQiZCDEAw9p7veODlWdXree5hZA9ZPwKijZvYh8pt7yXRekVpcjV5s&sig=Cg0ArKJSzDCEyOrlOD9cEAE&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&id=lidar2&mcvt=1029&p=84,315,334,1285&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3690920304&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705073298504&rpt=894&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 35BB 0
54 B 29ms
28ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrasma8p&c=4139264209984&slotId=2069632104992&ghmsh_eids=44770823%2C44772139%2C44777649%2C44781409%2C44804291%2C44804618%2C44809548
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.612.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DF23 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IWwUWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93D1 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7995716433630&version=m202309260101&ct=77&x=1&cor=16625307565109463000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F52 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1674414618581&version=m202309260101&ct=77&x=1&cor=4165376548654971000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50CE 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3125109816481&version=m202309260101&ct=76&x=1&cor=16359581207861500000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pvfp
ndirect.ppro.de/ Frame 1340 43 B
466 B 22ms
21ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/pvfp?v=307dnAeB2&fp=4b640d5ee0e633e88527d67bdd6c6e95&adv=2&vid=e1JZ.1Rojsg.oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndirect.ppro.de/pvtr?v=307dnAeB2&vid=d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:28:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK pvfp
ndirect.ppro.de/ Frame 59C0 43 B
466 B 17ms
16ms Image
image/gif 194.97.41.228
FREENETDE freenet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndirect.ppro.de/pvfp?v=307dnAhd2&fp=4b640d5ee0e633e88527d67bdd6c6e95&adv=2&vid=e1JZ.1Rojsg.oneid2b9F6fqfRdXVTVH6tZu8tAEECxS7TQRc574Poneid__dbmPros_Singlesite

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

194.97.41.228 , Germany, ASN5430 (FREENETDE freenet Datenkommunikations GmbH, DE),

Reverse DNS

ndirect.ppro.de

Software

nginx /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndirect.ppro.de/pvtr?v=307dnAhd2&vid=d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.&a=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:28:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="https://ndirect.ppro.de/p3p.xml", CP="NOI CUR OUR STP UNI"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=416983908018843&bg=!jo2ljcLNAAaumcC-jpk7ADQBe5WfOBDb3jJnONtkzyb1zRIE98Kh3-v_zwPIPHtctFlEhTKEf0B8osVgoSIMDkjfjltuAgAAAJpSAAAABGgBB5kCu6vf7YoWrk3055qyo-Km_KZLVvHXOVA04H8Au84oaaUOCy7MOiA6pkK4VGTYlS2heGGig5ZMowT3VNyZk0HVai_p_jLWJwaUYJqJQbdanmYYQOnSBaCDTwDPLTyn4FhUPhb8bxlg0v75fmm9QNwwc0YJsuvBtrk8Y9pZ_6YndRXSX_VZWi5-dhuXdF8KXlUd4qD4r5BBW7UgTxks7XT9mHvptpqtYbbD1jfL4kl7RpMvdmgSlLPeAZNR71GH1EjeuE8inzi2EOBZSP7kQjRAUmOxn5OSqToORODItjqQbYmf880yjVfE60MFBNdi97TgOxrHcNbtYT7XzpzJJ69sH6Rv3O6MJeAYUFjZnxw4rGlPKuOyLsC64uenuU0qDDVMFGAAre35Is1Rgy6MNjsdoNPRgftqe6pZ0tLAXFNGSKHx9PR7kiYMcXOXfFtcvSKvkEHiTNKFluRPYPEfX8Mgk4fX-5_22AThPIci22mDxBO5z5GDxcbhXaywECzPYc7x3CTu3rJUYYBNEsjiGCredJMMLiwfPJxnRPKJ587Ksr8AdgykSXYmJudGLy6WAE-Vw6lgSqZmWVjflIa-VvVXtY3J2TqZEs21kK4W012eWg4be__WOTQPbosveBRhqF_fMWt_y15i-z-85tsQrFgYZKJqguNw1OuiQ2Z7I8PykeH9R3IqGT6wvSWRmWiT_UrhZ46LwnWU8_sVjVy0QEtlk8OAqzWGA3DM4q7eHRg_RnHNPc2cA_XUSI-luJywLJZmefXp_2ZLXafSwspolOBeftVDdecnX_jxbFLHXrXt-Vbozg2OVrcsXk5fP6J0XZXA6-cqWFN7e713Ec9C-BPCx-PJwKlbdduuBhhVoIs5sRGGXtz0SdsfMD_cYxNP1H8A3w_Irz6UTGHgcejQi--KlOWiqSA3BDJnS5urWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 p
geo.yahoo.com/ 43 B
95 B 47ms
47ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=JOelqfIySByrw5dY,0.2982831455123043&_I=&_AO=0&_NOL=0&_R=&_P=3.53.38%05_a1s%03d%3DAQABBJFaoWUCEOezRvDK7fhTsc_ggEHPncYFEgABAf-eomWqZeANyiMAAAAAgA%26S%3DAQAAAq2V-wF2I4JKQ4KaZmMgKlw%04_pl%031%04A_v%033.53.38%04A_cn%03VERSIONED-PROD%04test%03900%2Cseamless%04_bt%03rapid%04A_pr%03https%04A_tzoff%031%04A_sid%03sB0GvLfgRqZ57mUE%04_w%03yahoo.com%2F%3F%04_rid%03fssMH6Pv%04abk%03%04colo%03gq1%04mrkt%03us%04p_sec%03default%04partner%03none%04site%03fp%04uh_vw%030%04pt%03home%04navtype%03server%04ver%03megastrm%04version%03US%04uloc%03AAEBAQdZU1VCTkVUAgQAw0TeAwQAJi55BAQAwBLABQQBeOi_BwQAI9IrCAQBZW_RCgRDQ1BB%04A_cmi%03%7B%22AFT%22%3A3868%2C%22AFT1%22%3A3868%2C%22AFTNOAD%22%3A3868%2C%22STR%22%3A3706%2C%22VIC%22%3A4100%2C%22PLT%22%3A7006%2C%22DOMC%22%3A2072%2C%22HTTPC%22%3A161%2C%22CP%22%3A102%2C%22NCP%22%3A100%7D%04A_utm%03%7B%22CONNECTION_TYPE%22%3A%224g%22%7D%04etrg%03backgroundPost%04outcm%03performance%04usergenf%030%04etag%03performance%04_E%03pageperf%04_ts%031705073302%04_ms%03469%04A_sr%031600x1200%04A_vr%031600x1200%04A_do%031%04A_ib%031600x1200%04A_ob%031600x1200%04A_srr%031

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid-3.53.38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:22 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 dc_oe=ChMI0du-gpXYgwMVRfQRCB1ArAMjEAAYACDPhphYQhMImIzxgZXYgwMVh_8RCB0ZIAeK;dc_eps=AHas8cBFTYjssVu6p-NToDURMu2NtXsy5ItlsPTztEdpz3asvjYNWHv4Jf0MjFfb-n__XMMJHpV4MeLdrw;met=1;&timestamp=1705073309921;e...
ade.googlesyndication.com/ddm/activity/ Frame 50CE 42 B
401 B 120ms
53ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0du-gpXYgwMVRfQRCB1ArAMjEAAYACDPhphYQhMImIzxgZXYgwMVh_8RCB0ZIAeK;dc_eps=AHas8cBFTYjssVu6p-NToDURMu2NtXsy5ItlsPTztEdpz3asvjYNWHv4Jf0MjFfb-n__XMMJHpV4MeLdrw;met=1;&timestamp=1705073309921;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0du-gpXYgwMVRfQRCB1ArAMjEAAYACDPhphYQhMImIzxgZXYgwMVh_8RCB0ZIAeK;dc_eps=AHas8cBFTYjssVu6p-NToDURMu2NtXsy5ItlsPTztEdpz3asvjYNWHv4Jf0MjFfb-n__XMMJHpV4MeLdrw;met=1;&timestamp=1705073319921;e...
ade.googlesyndication.com/ddm/activity/ Frame 50CE 42 B
107 B 55ms
54ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 21BC 0
0

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 22ms
22ms Image
image/gif 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=belog&itype=YHB&tElp=22884&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yin-67fb494447-cshcc&svr=264_93_103_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705073297422029970147846099&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&name=ADS_DISABLED&stack=1&lvl=3&crid=&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 12 Jan 2024 15:28:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 233ms
233ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=416983908018843&correlator=3236223981218670&eid=31080239%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=22888152279%2Cus%2Cyhp%2Cmain%2Cdt%2Cus_yhp_main_dt_top_right&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&fsfs=1&fsbs=1&eri=4&sc=1&cookie=ID%3D039ed57b44e917f1%3AT%3D1705073297%3ART%3D1705073297%3AS%3DALNI_MZxDT0290qg0DGBz0x0Cm3GP9tyJQ&gpic=UID%3D00000d3fda9264f2%3AT%3D1705073297%3ART%3D1705073297%3AS%3DALNI_MYIeMaZKIhP-VN3d_asiJ7JcXwi9A&abxe=1&dt=1705073320285&adxs=1132&adys=572&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fyahoo.com%2F%3F&vis=1&psz=300x1238&msz=300x250&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=192911338.1705073298&ga_sid=1705073298&ga_hid=1020561707&ga_fc=false&dlt=1705073296218&idt=1482&prev_scp=loc%3Dtop_right%26ri%3D1&cust_params=bucket%3D900%252Cseamless%26cobrand%3Dnone%26colo%3Dgq1%26device%3Ddesktop%26lang%3Den-US%26lu%3D0%26region%3DUS%26site%3Dfp%26ver%3Dmegastrm%26pt%3Dhome%26spaceid%3D2023538075%26yrid%3DfssMH6Pv%26y_bx%3D1%26y_ldp%3D1&adks=4244626947&frm=20

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ffba9d8f919018c1f2a41022da48350174a5a9887ca317d37bc8e2ecd17399f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12724
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://yahoo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71EE 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 46ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073320549&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=0&ads_refresh_total=1&ads_slot_right_failure=0&ads_slot_right_total=1&ads_slot_top_failure=0&ads_slot_top_total=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
95 B 45ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073320550&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC-iframe&isRefresh=true&loc=top_right&renderCount=2&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EB98 499 B
203 B 55ms
55ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGP-h-4ICMAE&v=APEucNVmQtE1flCTqenzR_Vehwigc95sxTOa1fvAz3LHB6OT6apt0GZj-aDy8SOVkOBhJio2RS3fOYfXmpxOtSoSDXxkXwsaLzclJT5xr82LDLYUzxHGnak

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 71EE 89 KB
31 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71EE 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cjhw7Hh50MnyYUIG3dqG7h2aiUBYcDvbpP2Tm_erB_KPji44dCEUDX6Hyfir2xcrMZHdWhCI2G9GMmcgORjoH_jMxaT919Kifodt66AqsYOzAwOVY

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK unit_renderer.php Show response
jvxas.dco.mazda.de/unit/ Frame 71EE 104 KB
28 KB 151ms
40ms Script
application/javascript 54.73.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jvxas.dco.mazda.de/unit/unit_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=${US_PRIVACY}&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.214.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-214-63.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 78e2be88a99ff165973155495727eaef0d94449d04269fe9096ad0c4f188f7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 28161

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 71EE 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 71EE 20 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 19:20:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 71EE 0
0 24ms
22ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRma4M4vNUwCHepbqeF5fLt1jnBYBIHmy7tzizSi37h2-oAc4b9WnxWiuTnFdpVpK6mfwj5QOH0QTjltmFJ75D5-U1iHg
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71EE 205 KB
65 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:40 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame EB98 170 B
188 B 25ms
25ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGP-h-4ICMAE&v=APEucNVmQtE1flCTqenzR_Vehwigc95sxTOa1fvAz3LHB6OT6apt0GZj-aDy8SOVkOBhJio2RS3fOYfXmpxOtSoSDXxkXwsaLzclJT5xr82LDLYUzxHGnak

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EB98
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
736 B

30ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGP-h-4ICMAE&v=APEucNVmQtE1flCTqenzR_Vehwigc95sxTOa1fvAz3LHB6OT6apt0GZj-aDy8SOVkOBhJio2RS3fOYfXmpxOtSoSDXxkXwsaLzclJT5xr82LDLYUzxHGnak
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08Gda5pfePFCYBw1TNSnePLUrNXvwjCdSyFL6fmIEP7qOSKTfpn%2FN%2F%2FO3O8G8YtdLAuyVldfG5ZOJPhzeQ9vneie2Zv2T%2Bd5V1h%2BbDatCo9Utcp7yCnS5WEVM1%2BLv1GazurMMCNCQyRqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466e3e3c261e5a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EB98
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFakngeaQzMdCR5goDCdgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0

43 B
736 B

27ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGP-h-4ICMAE&v=APEucNVmQtE1flCTqenzR_Vehwigc95sxTOa1fvAz3LHB6OT6apt0GZj-aDy8SOVkOBhJio2RS3fOYfXmpxOtSoSDXxkXwsaLzclJT5xr82LDLYUzxHGnak
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNtqwFMvS7egZosvSc88Y336xdYYhL0RFYxzZ5sM9HElAqmbr9dH3K4wVOQXmpUAFNLP0OZ2lAVe%2FTF0Xd6rb5bWLnv%2FoUnDYKEOuGvquBWytC5R%2FLzHQCd%2Blga%2BK0lSKiMT9ImAVpyJ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84466e3e5c5a1e5a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdq8LAC56OJ0JMyfkvCa4Q&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71EE 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3856768142493&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71EE 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3856768142493&version=m202309260101&ct=77&x=1&cor=17375978755074718000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 71EE 34 KB
19 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwRZaBv2Jcsb_asXqrJR0KNMn35--Dn7x9bGl6-PIIlXeDq7topirlSV9zPI-E-Lo-8PEED8rcWUesAxNa7OI5lbXsbUVVL6eRN3ZxeSLDME4OihO8llX_l4g3YjDR0Z_y6wCp1_pTIraJ2vG1fbJiibejejWkJWgUzLZvIXJkPu-f0PQ&cry=1&dbm_d=AKAmf-Dnm_vmRKAqWgx5sEbR8MIeMThfZDlfrWUhbERDA92C_K1Z_4qOFeCAt_Nzr7eBiwRJMfm-BGHoVUljasPGkEkINY9nf2HJQAJ4X84NjX-8GtL-GJgfiVU22ZGb_Ml7GWOynQqpk0-ifzCD6jrgf5CljcQfyb_nfKwWPqcBFUTeTFrfPt6xJ7IROkBmn9wKH96eNw8BrWPnAQ2qwZ5OvTp9ZRBOZphscKLy-5_Je0w62rfm_uomwHvhfGP0YSCkECHjGWagyUx4c6ctaN9prjEKC45vuiCN6HjmSlSSvWwlWw-uHwFDCBn9b7XQ9LpAWbNCD-qj1vkvMurV6pf1fX9ixIKpWP-6aXxV63FyZxfVg3N7E1daUgkzjYaHkzktwaQ1NliHY8sDwvpXIWHldgb-JRQDRVbIA2bGY3oLcc3ENW8_25m00NRvdwWYKWxGgTtoqQk056L_rBi54bHBdqOgrpQ-gK7aRKKpmwlZ_2FpblujT6alR5seumTuNqUESQ7bw_wLR0XjenUinZvcyCVUNQn_rktmD_FmKsPOZMIVVsxXGT5QePQRL0iI7kxSAFkXGKIM7fR-B3jM0LIUgSKQmF4EvzNDDqEc-6MEud4KDm9axLGP6HnFz7VSbcjUA7Vi8Y-wF2w8hhfjYh_dbazUmVIsI7uCWT_a9b_7KH5y3jYeEAgeMsmxc1rhnLXZFMBXKoFgKwBpmFJC24Yq5tDtQiLn_9pUfK7wBrrHTyUUfV2BSjAd8Z9FUqMjYckDaJCJTZQq2wKR4n_nPfW9vU-xrtZwUgpvRErn3xaG32RvVdfIyH0IoxNB3DaLMFfHgdaewQqf5uDQBrZYbZagfHFsl2L1bztWx3Y3pcdsIk05Q9liLpWNfco5PX5QYxPYQVH7NjSYJQahOMeEWhDcRCP1d0KZwo6JWy5LzkPKxT-ZCNRdEh94H-x1yDmyoGhXMykWj5IrugA5J9ib6BFckL7u6WeORlbjtJulHTWULE-HBTC3BMzPJtHDz6GLGqbQ5y4oWT4kuC5Syh6Eo-6_Pcv05GFXm7TQjGf3dfozj5oR6m9ris5oMvp3u_XKtK5aRcibkCZx1ypTmOinZdd-D0Rq90FlA67aubZexSbs5SxGwYAdWg2p3wPptYOePsMzlAyL3CGhsZuOrtUxOtRktfn81zfFnMmLfAFMoewJRVjfYS2UxSeXqb2mtfpmF5R34LWGhsMyRZePELvsS1gzHP-6DRJcKd2yynL8xNGz7bATQjJPwpkMNU-c12Udb4TsLtfDT4YTSlXt0EudnCcOqwi8GKubhFOFVO-gqhglz_-w_7Uas9KUdGjqdLF42jJnwB-gDZGfvPFx4waMsefuo90Eik-a6xNQe61Lk8qvyHbIjNsZSzh5yP3EKKoAwFLNtrBJff0COGgZiF704A9eRnXuMiWn44T2l9R18NshoqmYaRTDJVOxV9rOCCHzl0urS8YMgoDW_0GIjI6QOHfyEnt6xiMdWX09HnhY-r3bkkJFXrzVi0PiVxm8K7my5VV39vyDf1bdtL35-WlSAfrTj2yxiv5tGgZ1ClKB7DGOnAPVUMYHhzoQxb85zXir8aKE-5jzEX0W0XKWEl4tCkKeb2LhfDp-kVoXfwuXHFz3LHHNJ0oJXOtyelOrIkmE_rkqokRNga50aKvwOyZdqpbjNNq1h83GI_OsqgPgyRSSqa6Su2GHK59gBwkzRMfhfXt_F-Zt-9NdRmgwx2egQWE2BdjFcDt1yIT4w2KUA3tzN7V8FztJ0SepmpGyUD33C_-npZMom5jGIjL2JkY5KYUeEakFD3w-UYOu4II4Nz4pMcAAl9D_9LyJHi2ykrjkvem3O-roWDuc0Owumjn2nd_xKipZRTeBh4vprfUADxqqz0tZANCsll8Iu_bZywzB8Y11PYYbqcjG7M8PfwKrdSg0sZS8tGz4Z2mD3365AnAqG4x-2ViYjPo7AbPo-Ss8n2-BfS_uR2QR48yhTYkuusPBd2ukpt2TlmU71QHdOnEyd66jxP5fbWrq7nwXe62JIYCfOT1OCVJE2jC-TiqtJOBpYU6yyPNH2AG5rjbQW94H4iUzfVxVC47bi7Kiuj29rOjA3D5ydjkjgc_nAejlK9bBN9gcNLGd9dSk_tzVbkzK5t1iGuT20ogQp0LuFCV8oKiE0zWqhNPa0syPn6kiMPwjNTsQxrvj-_vTixruOCuy4QHx8Ml0scf8SGSnfVOOnFXxYHRCHnzJQLRFJRT7JEBloLCfdh6azfXOvwn4DB9PVWR6YqA1HrJRggYeDle-YuTGauz-CnGjL2Nj_mBdiI-_odjIi3Ay7eSDuZy_1W6-S9YORHNQmE_LvKmwVT-hFEf9CiTbq6Rvzi6jr0F5SEsGTgRVs6BDsMoFydOPjjEha4o31c0qoKArPIRSEgXWbDFnoA4D8MRMx4HrnkSCC5mtqsZ1Sm71d30BxPlh_m3ZRTKLYscocR3MmlX_F3YwDKvuQ96S6pYDkOdm8PJVIuFmeIanPmT5XJlqzUAuoUZ4oIROK7uld7u46uL4AHykN3hQX2LrfbtEzlDAs2Z-zOv8sg9pEroIzdaUU1-slbRFPk87h9UUpQd-t11aMq3MIoT6aByrIT4qUG2jwwW5HydUD9USE2LGI5_-DDiKIuESMs_kPF7I3QD-u7oXoHF7G-tnV2TM5GbdwzAAoarGnC-hpPqNfsGI_nkobjFqRmCvuci48ZfxKrvE75VTNzz0vllM4UuK-pbvyU_QbdAXZecfcYYvy6x89nhKT4Hh6V_o1_z85LbkJ4jZoEc5SWdwB10QQdSS38YCQSUZLwhCOWJ4rb9vPah4wcTWXxzu3XmqtICP3YsED-MexOc633X5kSXQytlbmIdrEl8Rrmkf6CU7kAgDdIHdnHuTC1Z6VN_iNoKDdjH1S62co6cwLsuZsK102jzTgdnnwIKSerwovcVEJCIZGOZTt5apZgpXLkkHz1cX9zL5TbJluwQK6DT05DwMDqCikucXMEfwrh_-mqaIjXsRSTXaiRUSOk0JTnX8e_ch6xID5Xs6IMI8RS3oAdw3d4koYClogdgkCRU2ISc4RzlVG6ZjxxepUVUqvessjJVipBfBj862kFzWN5Wvcg37uHqPJSQYOCNYN_uHs6K51KGppRQ-1wGos4tHiFIlqy4trt8s6Jz_AZc2pfG-e31Mei3VMqZO7oKJH75lzVj_0iVCETE59ft0nXznyGFmzVIn05PtRSicIu4FFHLxxj5LaK7symluMcF_N1q9zhU8STETZOYfKZZSxI2f2V2e2kGJYVMh7hLo9aacznWY3ZioqJhz11JpGtiBLCoKNU3QUNSmBT-_WdcDCZ8_2dWXPNZS7Ba21e3RWDFXZwmy4h19G3xE3LjqNIMK--3WGpDSMPZnHjsO5zd3A-BXLBiY83204Eu-uWSv8xSj3AZYxbtSyaJ_b6Sv1MnpK3qu2RmZ-uszqQbVKUWjQFhyiFJLrolb_Y67zjFIc_6HlEzF-jE1j6lbOifq30GteiecxRviOOLkltJUAZuoKztL4Eor4L5VeqP_urv6GSTwP72qZix0yY2kSi5dDloZFmoPMc8vaFnFL8Tqc2TkAyxixYE6gdUXCoeTfZT695Y4V17R4XZYnRQuDBoPrgFWmOB5xTL3iZbJqkOm-cf3vozFXSrkystYpTZlievKSZ4yuA-Ah0KKvL0tuNBoj9t3L7CRaK7EoOGu29MHS80xKOeWnx-Ht1ow-3aO2nqZ_Sff1ohv2hX7V779LpVn06nN1OvhCAitKAh7I46qkUS6kkFjqvHn0TupubAO1FbL9RLpa2w1YAL06D5PE93ETenus_LNXfB7neTWPctVxg&cid=CAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=17375978755074718000&adk=3690638928&idt=123&cac=0&dtd=15

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

752512dbc73f3176ed30fdcb62888bd233bae9d65e792176057f52921f730543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19916
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 21ms
20ms Image
image/gif 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=belog&itype=YHB&tElp=23370&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yin-67fb494447-cshcc&svr=264_93_103_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705073297422029970147846099&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&name=ADS_DISABLED&stack=1&lvl=3&crid=&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 12 Jan 2024 15:28:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
53 KB 455ms
455ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=416983908018843&correlator=4305386603777375&eid=31080239%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=22888152279%2Cus%2Cyhp%2Cmain%2Cdt%2Cus_yhp_main_dt_as_mid_right_a%2Cus_yhp_main_dt_as_mid_right_b%2Cus_yhp_main_dt_as_mid_right_c&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7&prev_iu_szs=300x250%2C300x250%2C300x600%7C300x250&ifi=7&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&rcs=1%2C1%2C1&eri=5&sc=1&cookie=ID%3D039ed57b44e917f1%3AT%3D1705073297%3ART%3D1705073297%3AS%3DALNI_MZxDT0290qg0DGBz0x0Cm3GP9tyJQ&gpic=UID%3D00000d3fda9264f2%3AT%3D1705073297%3ART%3D1705073297%3AS%3DALNI_MYIeMaZKIhP-VN3d_asiJ7JcXwi9A&abxe=1&dt=1705073320763&adxs=1132%2C1132%2C-9&adys=862%2C1132%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1&ucis=2%7C4%7C5&oid=2&tos=~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fyahoo.com%2F%3F&vis=1&psz=300x600%7C300x600%7C0x-1&msz=300x250%7C300x250%7C0x-1&fws=4%2C4%2C2&ohw=300%2C300%2C0&ga_vid=192911338.1705073298&ga_sid=1705073298&ga_hid=1020561707&ga_fc=false&dlt=1705073296218&idt=1482&prev_scp=loc%3Dmid_right_a%26ri%3D1%7Cloc%3Dmid_right_b%26ri%3D1%7Cloc%3Dmid_right_c%26noads%3D1%26ri%3D1&cust_params=bucket%3D900%252Cseamless%26cobrand%3Dnone%26colo%3Dgq1%26device%3Ddesktop%26lang%3Den-US%26lu%3D0%26region%3DUS%26site%3Dfp%26ver%3Dmegastrm%26pt%3Dhome%26spaceid%3D2023538075%26yrid%3DfssMH6Pv%26y_bx%3D1%26y_ldp%3D1&adks=3064630007%2C3845938001%2C1006816889&frm=20

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26b0139edd76d65fca3c019b30e252add3c871ea0fd8c72cb1126f103d24401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54684
x-xss-protection: 0
google-lineitem-id: -1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://yahoo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
geo.yahoo.com/ 43 B
72 B 45ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.yahoo.com/p?s=2023538075&t=1705073320769&_I=&_AO=0&_NOL=0&etag=performance&etrg=backgroundPost&outcm=performance&usergenf=0&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&test=900%2Cseamless&rid=fssMH6Pv&pd=unknown&pt=home&A_utm=%7B%22GAM_MID_RIGHT_C_BRSTIME%22%3A4300%2C%22GAM_MID_RIGHT_C_FTIME%22%3A4925%2C%22GAM_MID_RIGHT_C_RTIME%22%3A27882%7D

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 71EE 31 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:52:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 71EE 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:20:11 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzMyMDc0OTgxMQogIHNlcnZlcl9pcDogMTI2MDY4NzcyCiAgcHJvY2Vzc19pZDogMzg1OTUxMTY4Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjA4Mjky...
ad.doubleclick.net/ddm/activity/ Frame 71EE 0
22 B 53ms
52ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzMyMDc0OTgxMQogIHNlcnZlcl9pcDogMTI2MDY4NzcyCiAgcHJvY2Vzc19pZDogMzg1OTUxMTY4Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjA4MjkyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9tYXpkYS5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA5NzE3MjM1MTQ3ODI5MjcwODY0CmRlYnVnX2tleTogODkzOTk3MDc4NTA0NjIzNzcxNwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMTIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjA4MjkyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg1MzY3NjMyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MDc3MjMxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzM2MDcwNTIwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTQzMDg0Nzk5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL21hemRhLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xce92f811ac1b51780000000000000000","13":"0xed1daeb7f66e01ef0000000000000000","14":"0x5f5456aca10214390000000000000000","15":"0x9c4ad977100205910000000000000000"},"debug_key":"8939970785046237717","debug_reporting":true,"destination":"https://mazda.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9208292"]},"priority":"0","source_event_id":"9717235147829270864"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK layout_renderer.php Show response
as.euw1.jivox.com/unit/ Frame 7DA9 208 KB
46 KB 219ms
81ms Document
text/html 54.73.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.214.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-214-63.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 811d87f7db9634defcfe8ce58c03b5ab23bacc7270a1443a62aac0e68b8d1b58

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 46963
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Jan 2024 15:28:40 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6048 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sat, 13 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 71EE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 691c8125db8d0901eb4fc2623493dbf9f7169d3107e86be3231b5baa1f925e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7573 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6048
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEApK9-XpRgT2UeKxpsxhdnU&google_cver=1&google_push=AXcoOmQag-yz98WVruucOcwsnHNOhwMj1YDWYPEZVvsbbasUy67KbNOq1HI7SHadfqjMailbZyKGn...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQag-yz98WVruucOcwsnHNOhwMj1YDWYPEZVvsbbasUy67KbNOq1HI7SHadfqjMailbZyKGnE2wrV7BUtXmXuYeZQsS2Yo

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQag-yz98WVruucOcwsnHNOhwMj1YDWYPEZVvsbbasUy67KbNOq1HI7SHadfqjMailbZyKGnE2wrV7BUtXmXuYeZQsS2Yo

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 12 Jan 2024 15:28:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2937A2024CE04763B8DDC15B790C3D9B Ref B: FRAEDGE2020 Ref C: 2024-01-12T15:28:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQag-yz98WVruucOcwsnHNOhwMj1YDWYPEZVvsbbasUy67KbNOq1HI7SHadfqjMailbZyKGnE2wrV7BUtXmXuYeZQsS2Yo
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOwVGc9zbAjWzls1coVA==

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6048 70 B
149 B 120ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB5WnmvmfwtUwHqyQVbXCfg&google_cver=1&google_push=AXcoOmRXKWyL_B04kLSF0b0dqXRaJ3nkbZ_IueaZWxuZ9AR4YXfMQUN3PFIuKwTrj6ZtkwRALnSD8engo6ZEV9JN41rVi1yaebCL
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:40 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6048
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPURSNBpocViiytgrxCuRgI&google_cver=1&google_push=AXcoOmTNAUeMcPYIXVyppJ_qldKkXQ7rgIoOzTo_Xhhxzql7PvSPcDoQpYFgLXPmbJDgUnNE9vIGZiGziLx...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNAUeMcPYIXVyppJ_qldKkXQ7rgIoOzTo_Xhhxzql7PvSPcDoQpYFgLXPmbJDgUnNE9vIGZiGziLx_mWd5cT7vOz_NAxdI

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNAUeMcPYIXVyppJ_qldKkXQ7rgIoOzTo_Xhhxzql7PvSPcDoQpYFgLXPmbJDgUnNE9vIGZiGziLx_mWd5cT7vOz_NAxdI

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTNAUeMcPYIXVyppJ_qldKkXQ7rgIoOzTo_Xhhxzql7PvSPcDoQpYFgLXPmbJDgUnNE9vIGZiGziLx_mWd5cT7vOz_NAxdI
Date: Fri, 12 Jan 2024 15:28:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 us
sync.go.sonobi.com/ Frame 6048 0
401 B 342ms
104ms Image
text/plain 2607:f350:3:2569:0:10:0:c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmToHQDJ5orlFrLNe5Wd4HeoMmLndkdFyYSEBxOnWpXSVzVPqaGnM7BxiQAb5Ci8cPYJG_nKY0DH5O8uZcoTiVDDnjWnCin7%26google_hm%3D%5BUID%5D&google_gid=CAESECifBvUZiljFWFe6V0F0giQ&google_cver=1

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-150
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 6048
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHYypYDpaAj27e23qfUI6Nc&google_cver=1&google_push=AXcoOmQ1qW_ckgy6EwCXOXxdIdsB_b-U6XiLCQK96cAfw0vUBUGh0jIey9VbHcGTivmVKuC3Quf7yAVl7Rm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ1qW_ckgy6EwCXOXxdIdsB_b-U6XiLCQK96cAfw0vUBUGh0jIey9VbHcGTivmVKuC3Quf7yAVl7RmzQIaXahdADpUrWJrm
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

9ms
8ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6048
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMEByO7h-Fmi9_OAm26JQ3Q&google_cver=1&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4S...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMEByO7h-Fmi9_OAm26JQ3Q&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4S...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4SubBUq2DDaxBmfUsY9XouFdrdg&google_hm=NDNnSlYxXzdwZ0...

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4SubBUq2DDaxBmfUsY9XouFdrdg&google_hm=NDNnSlYxXzdwZ0pFY0xrS2hsMGQ=

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:41 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSQcNnSV-nmvgwGCkjFj6fcRinUGMrFpL_Ey5X56tTW-esCZXxyqkdiYY8EXlDTtYbc4ds4SubBUq2DDaxBmfUsY9XouFdrdg&google_hm=NDNnSlYxXzdwZ0pFY0xrS2hsMGQ=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 242
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET /
csync.loopme.me/ Frame 6048 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6048 0
12 B 21ms
21ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ll_fVFfhZFRrVLrJMEDMQioFr6qNVwmTrg_p2OabBGa-0neERFzA7iMpdoTgznHgY3TUkVftPo

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7573 50 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:48:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7573 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTP33qFqhZfPhLaTQjuwPh_OtsA4AAAAAOAHgBAI&bg=!FxSlFFvNAAZ1R9vHVUc7ADQBe5WfOKh9zgJS21PdFm611wFMZ8YK7ifxlq1YCXOqUf6AwXuhyDY1M0cFwG2y3QDcqGkoAgAAAEZSAAAAA2gBB5kDAtebxeY0Ab1EyhLmFimf6m89NjxzIjeTpAFUn3WZumjGkqZCp12r9vBSZMJmzR7rlNr7q6piB-NRjD1BEEVuhMHLl3-7wlnBZ8xlBcUr6gwPf-m2KP-mLjKAbCTuuHnDCf2Zg6SmKRysNL1j3jj1eHOv6J7yzMotxdY6MnQOqXopOOkBs5LEIyiidvxfhRiOH92_d3hiDwzom39vwTubOZIPCigE1GGN_V_AG1hUno5elA3d_KaBFksHwSCXDemX0IF0Iv_gnB4t5UqZTfpG2DWh9BpT4W6lX8WTiOyK5wTi5w5KWq5smzYq8_4PlnKsoic96cDHXyQ_GHfoYtbTeTlumy___478RKDaVTtCj-sXKQfRlGr0eV59RHK04DUloCVhW8BaeXiiSDXJfEMmt_wUJStprOIj6qtsOrkn6uY-4RKs4EuyblGUvRW3Z9imEjJvyLWX6dYdnWfgGBUy7FFYy_4abpnD008oSqlP-788uWlj4AAlHloKNLKm-6Z5eXe30q_hjBkZ6y3BSDqh9XXTa5yfHCQ8geN8z47cMejphF-trUriT95DNDZsIEEjZOk2PbrdFlJSfOLOkWErf1rHeEnM788utinUKqzSvhuHqSL2ixzwcrjQDUmPbGVaTJcoWZV1-YKnXgMXetgfrIu3uz5_i5WQhyUfPQMfk9VDlWcu_Fuluhvdv3WhbtnDd6U9rOWrdgmAzJ3Kw6UjwZjCEjf1Lc1s5y4aTK5Y6LDtdDew8QnTfx-5Ln6cylbXtSEAJ1gooWKtbYF0RC5id7_A3Xd1JDHWTIjkNfKQb0Vmck5KBUjNDoCDY61avO7CQU7OGYthW5DVVS9pRfk2qhkqliirBGobjVMGDJdGX9hqa-v9_HTexGcPE4-agec4EWfG8SJHMw0vvi5Ar8Cc6_9ClfP39vZ8UtsQqsflLpkAEKGnWP1ndoI5w9PoTqLvzJTojBWBqWGVySB-3DUpa8UYsq1ma3BaSV8uuOeDgX1Ky_t4-Q6CMv8Gc32IPR6o52Y_

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-2.1.0.min.js Show response
playercdn.jivox.com/1700114009/unit/js/gz/ Frame 7DA9 82 KB
29 KB 46ms
10ms Script
application/x-javascript 108.138.7.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1700114009/unit/js/gz/jquery-2.1.0.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:41:58 GMT
content-encoding: gzip
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 28004
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29294
last-modified: Thu, 16 Nov 2023 06:02:24 GMT
server: AmazonS3
etag: "84642ab523899a6150af1489287de4de"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: 5cFIf5xY80a8wLg7zgad6RjvxtRsz0AiWKVoNMt5jGzRNBEWy800bQ==

GET
H2 200 velocity-raf-disabled.min.js Show response
playercdn.jivox.com/1700114009/unit/js/gz/ Frame 7DA9 34 KB
13 KB 44ms
8ms Script
application/x-javascript 108.138.7.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1700114009/unit/js/gz/velocity-raf-disabled.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 20:57:34 GMT
content-encoding: gzip
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 66668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12405
last-modified: Thu, 16 Nov 2023 06:02:37 GMT
server: AmazonS3
etag: "6db08f58b76a3c4459a454a7acf752ca"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: Xe2MirCXt8_tH2amhNX9ahRo_vW1ZLIK0WX-ELLeahFhsZbKKovyAw==

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1700114009/widgets/jivoxWidgetApi/gz/ Frame 7DA9 29 KB
6 KB 52ms
17ms Script
application/x-javascript 108.138.7.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1700114009/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54488723c384fee5fb9a583a3ccd59e6bb5506b8e556ab3befac9c930a2380ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:41:58 GMT
content-encoding: gzip
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 28004
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5995
last-modified: Thu, 16 Nov 2023 06:03:42 GMT
server: AmazonS3
etag: "6533b4a33e9a2e07877dd943e2f2c958"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: NpgsImg7g53_l0Unl621o3wwl9eIywgmemQjO-pqFJOdrNRLUQK-lw==

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1700114009/widgets/jivoxWidgetApi/gz/ Frame C7D0 29 KB
6 KB 10ms
9ms Script
application/x-javascript 108.138.7.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1700114009/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54488723c384fee5fb9a583a3ccd59e6bb5506b8e556ab3befac9c930a2380ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:41:58 GMT
content-encoding: gzip
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 28004
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5995
last-modified: Thu, 16 Nov 2023 06:03:42 GMT
server: AmazonS3
etag: "6533b4a33e9a2e07877dd943e2f2c958"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: njfeGscZWXt5SqYdRR2MK9xvAlWczEEpvqwW_O64fL4BhSdTEfRvAA==

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/ Frame C7D0 69 KB
25 KB 40ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.4/gsap.min.js

Requested by

Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3745396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25169
last-modified: Thu, 22 Dec 2022 06:00:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a3f27f-6251"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teAUxK43gYXW7OoqAa3SgpuDgJv28ENywICGdCvLjq8sr4EhabrNPo5Ro4SVRTxChXzynvn0DxWN%2BQxrfz6qhoQ9kLGcEqSxmSzIBSfpFBdITQJ1xj7fLKW1J9eCTFSiqOwOVoAF7xddHhS5k1cBxB%2F0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84466e411a88bb37-FRA
expires: Wed, 01 Jan 2025 15:28:41 GMT

GET
H2 200 logo.png
assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/images/ Frame C7D0 16 KB
16 KB 66ms
10ms Image
image/png 143.204.215.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/images/logo.png
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-11.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:25:14 GMT
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 83032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16349
last-modified: Wed, 23 Aug 2023 07:30:12 GMT
server: AmazonS3
etag: "7f0160e79867e7360cc692e067174aeb"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: 3_cGDUvGt9-MXD3MOyqnHcCgUp_iZUHyUugIzr0rCElS2Mr9LZlFWA==

GET
H2 200 2023_CIJ_CX-5_Sideshot11_HighRes.jpg
cdn.euw1.jivox.com/files/72839/Temp1_German_v3/300x250/ Frame C7D0 33 KB
33 KB 42ms
8ms Image
image/jpeg 99.86.4.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Temp1_German_v3/300x250/2023_CIJ_CX-5_Sideshot11_HighRes.jpg
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-17.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b909597e009efac6b1a92dcf104832dea3956c7f4902ef9eecae095b743e707c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:24:50 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33389
last-modified: Fri, 18 Aug 2023 08:41:02 GMT
server: AmazonS3
etag: "b363cca12e5828d926ce14381835a429"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: _ID9igDjZ7kldN1SaGE3HvANzFTQ7K7v9BtSbSrufvFWCF9s9IUnxQ==

GET
H2 200 2023_CIJ_CX-5_Sideshot10_HighRes.jpg
cdn.euw1.jivox.com/files/72839/Temp1_German_v3/300x250/ Frame C7D0 16 KB
16 KB 53ms
19ms Image
image/jpeg 99.86.4.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Temp1_German_v3/300x250/2023_CIJ_CX-5_Sideshot10_HighRes.jpg
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-17.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5295df199cf6f192ce4a602f501d57f9867c68d807ccd1622dcc582c04bbad1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:24:50 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15894
last-modified: Fri, 18 Aug 2023 08:41:02 GMT
server: AmazonS3
etag: "78caea793a9c173438e5bfcd09b6d825"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: ZOfsw7sC-lI2xlCYGRk1nlxDucA-1lsn1GL9WbWdq3REadpXBWD6UQ==

GET
H2 200 2023_CIJ_CX-5_Sideshot13_LowRes.jpg
cdn.euw1.jivox.com/files/72839/Temp1_German_v3/300x250/ Frame C7D0 26 KB
27 KB 50ms
16ms Image
image/jpeg 99.86.4.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Temp1_German_v3/300x250/2023_CIJ_CX-5_Sideshot13_LowRes.jpg
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-17.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06cad8b481431780afdd83822a96026e9dec8e1a86fadd79c146a6342e81826a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:24:50 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26867
last-modified: Fri, 18 Aug 2023 08:41:02 GMT
server: AmazonS3
etag: "7bf68a681cb6d0a87b2a8007688799e0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: zkkFtkoQn2ktnqcPPEpBbCtUwjl5eJ09ZNgaEcgyjT4G3BfaMv0DVA==

GET
H2 200 logo_2_white.png
cdn.euw1.jivox.com/files/72839/Template1_FullPreview_v2/ Frame C7D0 14 KB
14 KB 54ms
20ms Image
image/png 99.86.4.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Template1_FullPreview_v2/logo_2_white.png
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-17.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aee882bd9116cfa3b8514408bb1725a830c0bcbb2a0c185078bcb876e86f7203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:21:46 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14213
last-modified: Fri, 10 Mar 2023 08:11:27 GMT
server: AmazonS3
etag: "225b3e0cb2153ab188852204f3e3624c"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
x-amz-cf-id: 7InZHFaZR6DBxKmbblGC4hXrolGQ4FtakN431PEdbWJu5vhdoksDTw==

GET
H2 200 es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9iRGltPTMwMHgyNTAvd2w9MS9yPTAu...
evs.euw1.jivox.com/trk/66/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/ Frame 7DA9 43 B
230 B 103ms
32ms Image
image/gif 34.251.108.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/66/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9iRGltPTMwMHgyNTAvd2w9MS9yPTAuMTQ0MTkwMzI1ODYxMTg0NTIvZXNfZXQ9MS9lc19jZ05hbWU9TWF6ZGFfSFRNTF9NYXN0ZXJfR2VybWFueSUzQW5zYyU3Q01NRF9sYW5nJTdDREVfY3R5JTdDQVdPX2F0eSU3Q0Rpc3BsYXlfZm9ybSU3Q1Byb2dyYW1hdGljX21vZCU3Q01BWkRBX0NYXzVfbW1vZCU3Q01BWkRBX0NYXzVfZm4lN0NCb25kX210YSU3Q0dlbmVyaWNfY3RhJTdDRVhQX2xvYyU3Q1VyYmFuX2NvbCU3Q05vK2RhdGFfY2NvbCU3Q05vK2RhdGFfZmVhJTdDdjFfY2dpJTdDZmFsc2Vfc2l6ZSU3Q0FsbC9lc19zZWdOYW1lPURTUF9VcmJhbg==
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.108.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-108-160.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 15:28:41 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9lc19jbGlja1VybD1odHRwcyUzQSUy...
evs.euw1.jivox.com/trk/60/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/ Frame 7DA9 43 B
229 B 103ms
32ms Image
image/gif 34.251.108.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/60/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9lc19jbGlja1VybD1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ2dHTzFxRnFoWmNyOUUtS1h4X0FQMk55em9BZmNqTHlYZFl2UjBhYVVFcVNGazhDd0FSQUJJTUdDaTVvQllKV0NvSUt3QjZBQjV1UGU2UUxJQVFtcEFoOXVpeTByWnJJLXFBTUJ5QU9iQktvRWt3SlAwQzJKWWo2SXJYS2Y3UFBrbl9nV3VNdUlKMGRxc3dTa1I3bVB0bnpqMFdkLUJ1ZGFMUHNRQ0lXV3lFWXN3Mnc5UzZUSWZkMWpBbkRQVHkzUGtyTnV3WThKT1dKWFFvWERDY2tOSE1hNjllam5sZTV4elUyNVVWS3N2cjc1OFlCRTRDQ1Rra1ZCQjBweldvSGlpRGVJVG43YVVUZ1F6M1pDWkppOXZlTk16d2lWNllCWndkZW56aUxBT09qU1ZDOTZKV0pJSUxIRDVlcWd5TUU5aWhOT2plbjdRdEtreHlvVzcwVW5tNzcyX3huaHBKdEdzZkp5UC1QbWJYOE9LRjFaRHFobExUeV95a1RfX2F2SG5BcDBLWmtUYzJtTEdXTUo2OFlaaERFSzRVTmp2c2JmbHNkOTVENTh6dlNzdFdvUHB5a2t1dWFNSHNUZi0xWmIwMGpCREJfZlBTcE5GejRwN0JMVEQ5d2RiWGIxaWNBRXFNbk53OXNFNEFRRGlBWDRwdDJmVFpBR0FhQUdUWUFIZ3B5aGxnR29COW0yc1FLb0I0N09HNmdIazlnYnFBZnVsckVDcUFmLW5yRUNxQWZWeVJ1b0I2YS1HNmdIbWdhb0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFlRHJiRUNxQWZfbnJFQ3FBZmZuN0VDMkFjQTBnZ2ZDSUJoRUFFWUhUSUNpZ0k2QklCQWdFQkl2ZjNCT2xpZDBzcU1sZGlEQTRBS0E1Z0xBY2dMQVlBTUFhb05Ba1JGNGcwVENQZjN5b3lWMklNREZlTExFUWdkV080TWRMQVRqcnVmRnRBVEFOZ1REZGdVQWRBVkFmZ1dBWUFYQVElMjZhZSUzRDElMjZudW0lM0QxJTI2Y2lkJTNEQ0FRU093QXZIaGZfTG9TSUhJakRQa0ZxS0FyTEFxSnVTSFV4N0ZjV1E1ak92VE1vSVNrVVpTVTh1ODAxMjViWnppWEN4WnhrLVlCRTkzd2g5Z04yR0FFJTI2c2lnJTNEQU9ENjRfMVhzNm1ueXRRakQ3Z3JvdUVGSDllVkc1OHd4dyUyNmNsaWVudCUzRGNhLXB1Yi0yMzA1MzA0OTk5MTg4NjUzJTI2ZGJtX2MlM0RBS0FtZi1BTElSTkVMVmJoQ1lzZzVqYzY5WTM2MFl5emd2X2VVZGdtUzRhajZlcGMwTEY3WGQwNmlNYXl1bEF6dGZhRTRTWDNkNTBvUmstZkIzanNGc0tCd193Wmx6Z2VFRV9Gcks1VEtmMDFHMTViTnJfbDQxWXE2c1dFWi15anJuczU5M0ROZlRLZ1A5X3UtRlhjQjItOUVXUElmM0R4alpnUjJIVDJSUEhpWFA3VUtfZUNseUklMjZjcnklM0QxJTI2ZGJtX2QlM0RBS0FtZi1BZU5POTgwWWRmZXV1ZVJHdmtwYy15MkJyYW4xVzBGUmt3bl9CWTNrOUFCVGxXX2hmckQ0WHZTQlMyaExIQjY4YlRtMWZsQ3l0b0pyT0ZVOUppRlBkZlM2M2lwR2pTOURsMTlaU3JfLWpqWmFlejVac19fU3JHTGFVSVk5Z1pLVm9PVDRKUVFVeHdGSVRiMWJaMjNoZVQ5T3BweU1FbEdlUGJQRDViZGl4VTAyRjlTREc1UlNHQnZDZkNkWFFkMDR4ZkJaR19VekRjMHF2ZHdkQUJvNzFuNVZ4TzFZTEJJMzJFVjN6ZDc4dkQ5T19aMG9VcFlJdTlQU0l0VEwtVG5Vb2U5a1NXbzlOaHM3YUtlenN3T29Kalh6TXpCNzFXbEE1S0VXbndTdmVyazEzbzJISWZTazZ4RzB3QkVJeUxFckVnV1NMSEJLT2QyX1ZvZWdEbE1tZWNITjQyUmM5UVlGTTQyQ1lKMlVUWW40bzV4NkZFdDI2d1hXZEtTZUhON3lTR2N2TjFHZUNoTWZYUlJtb2NmdWpULXY3QUZsMEQ1QVFqQ3llYlROWVNEbXJlS0VHdHdUX21Id1VlS3NTU0N1dDhzaXhSd3hfeWlfdFBLbEtRc0ZpOERVQVR4QUdtb3IybEZxUUZyanlhUXlaUGRfSmR3eE41SldOSEFYZ0tBV05VSVRkNXZLaDNxWGxtaVBxNzlNb2ZYLXVzZEZRMy10eXhWSzBOa3FzR2t6cUVUOXMlMjZhZHVybCUzRGh0dHBzJTI1M0ElMjUyRiUyNTJGd3d3Lm1hemRhLmRlJTI1MkZtb2RlbGxlJTI1MkZtYXpkYS1jeC01JTI1MkYlMjUzRnV0bV9pZCUyNTNEMS0zNDc3MjYxMTI3MDQlMjUyNnV0bV9zb3VyY2UlMjUzRGRvdWJsZWNsaWNrJTI1MjZ1dG1fbWVkaXVtJTI1M0RkaXNwbGF5JTI1MjZ1dG1fY2FtcGFpZ24lMjUzRG1tZF9wZG1fcmFuZ2VfYWx3YXlzb25kY29fZGVfMTU4XzA0MjMlMjUyNmNhbXBhaWduX2ZvY3VzJTI1M0RtYXpkYWN4NV81d2duJTI1MjZ1dG1fYXVkaWVuY2UlMjUzRGJvbmRfZGNvLWN4LTUlMjUyNmNhbXBhaWduY29kZSUyNTNEbW1kX3BkbV9yYW5nZV9hbHdheXNvbmRjb19kZV8xNThfMDQyMy9jbVVybD1odHRwcyUzQSUyRiUyRmFzc2V0cy5ldXcxLmppdm94LmNvbSUyRndpZGdldHMlMkYyMDIzJTJGOCUyRmE3Mjc5OHo2NGU1YjU4MTUyYTIwJTJGMSUyRk1hemRhXzMwMHgyNTBfSFRNTF9NYXN0ZXJfR2VybWFueV92MiUyRkluZGV4Lmh0bWwvYkRpbT0zMDB4MjUwL3dsPTEvcj0wLjc2Mzk2MDk0NDkxNDYwMzQvY2xpY2tNYWNybz1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ2dHTzFxRnFoWmNyOUUtS1h4X0FQMk55em9BZmNqTHlYZFl2UjBhYVVFcVNGazhDd0FSQUJJTUdDaTVvQllKV0NvSUt3QjZBQjV1UC9jYWNoZU1hY3JvPTE3MDUwNzMzMjAzMjczNzAvcGFnZVVybD1odHRwcyUzQSUyRiUyRmQ3YmU1Y2RkY2RiNDZiYzI0YjRjZGQzNzA2NmU5ZjllLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20lMkZzYWZlZnJhbWUlMkYxLTAtNDAlMkZodG1sJTJGY29udGFpbmVyLmh0bWwvZXNfY2dOYW1lPU1hemRhX0hUTUxfTWFzdGVyX0dlcm1hbnklM0Fuc2MlN0NNTURfbGFuZyU3Q0RFX2N0eSU3Q0FXT19hdHklN0NEaXNwbGF5X2Zvcm0lN0NQcm9ncmFtYXRpY19tb2QlN0NNQVpEQV9DWF81X21tb2QlN0NNQVpEQV9DWF81X2ZuJTdDQm9uZF9tdGElN0NHZW5lcmljX2N0YSU3Q0VYUF9sb2MlN0NVcmJhbl9jb2wlN0NObytkYXRhX2Njb2wlN0NObytkYXRhX2ZlYSU3Q3YxX2NnaSU3Q2ZhbHNlX3NpemUlN0NBbGwvZXNfc2VnTmFtZT1EU1BfVXJiYW4=
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.108.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-108-160.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 15:28:41 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9lc19jbGlja1VybD1odHRwcyUzQSUy...
evs.euw1.jivox.com/trk/77/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/ Frame 7DA9 43 B
229 B 103ms
33ms Image
image/gif 34.251.108.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/77/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9lc19jbGlja1VybD1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ2dHTzFxRnFoWmNyOUUtS1h4X0FQMk55em9BZmNqTHlYZFl2UjBhYVVFcVNGazhDd0FSQUJJTUdDaTVvQllKV0NvSUt3QjZBQjV1UGU2UUxJQVFtcEFoOXVpeTByWnJJLXFBTUJ5QU9iQktvRWt3SlAwQzJKWWo2SXJYS2Y3UFBrbl9nV3VNdUlKMGRxc3dTa1I3bVB0bnpqMFdkLUJ1ZGFMUHNRQ0lXV3lFWXN3Mnc5UzZUSWZkMWpBbkRQVHkzUGtyTnV3WThKT1dKWFFvWERDY2tOSE1hNjllam5sZTV4elUyNVVWS3N2cjc1OFlCRTRDQ1Rra1ZCQjBweldvSGlpRGVJVG43YVVUZ1F6M1pDWkppOXZlTk16d2lWNllCWndkZW56aUxBT09qU1ZDOTZKV0pJSUxIRDVlcWd5TUU5aWhOT2plbjdRdEtreHlvVzcwVW5tNzcyX3huaHBKdEdzZkp5UC1QbWJYOE9LRjFaRHFobExUeV95a1RfX2F2SG5BcDBLWmtUYzJtTEdXTUo2OFlaaERFSzRVTmp2c2JmbHNkOTVENTh6dlNzdFdvUHB5a2t1dWFNSHNUZi0xWmIwMGpCREJfZlBTcE5GejRwN0JMVEQ5d2RiWGIxaWNBRXFNbk53OXNFNEFRRGlBWDRwdDJmVFpBR0FhQUdUWUFIZ3B5aGxnR29COW0yc1FLb0I0N09HNmdIazlnYnFBZnVsckVDcUFmLW5yRUNxQWZWeVJ1b0I2YS1HNmdIbWdhb0JfUFJHNmdIbHRnYnFBZXFtN0VDcUFlRHJiRUNxQWZfbnJFQ3FBZmZuN0VDMkFjQTBnZ2ZDSUJoRUFFWUhUSUNpZ0k2QklCQWdFQkl2ZjNCT2xpZDBzcU1sZGlEQTRBS0E1Z0xBY2dMQVlBTUFhb05Ba1JGNGcwVENQZjN5b3lWMklNREZlTExFUWdkV080TWRMQVRqcnVmRnRBVEFOZ1REZGdVQWRBVkFmZ1dBWUFYQVElMjZhZSUzRDElMjZudW0lM0QxJTI2Y2lkJTNEQ0FRU093QXZIaGZfTG9TSUhJakRQa0ZxS0FyTEFxSnVTSFV4N0ZjV1E1ak92VE1vSVNrVVpTVTh1ODAxMjViWnppWEN4WnhrLVlCRTkzd2g5Z04yR0FFJTI2c2lnJTNEQU9ENjRfMVhzNm1ueXRRakQ3Z3JvdUVGSDllVkc1OHd4dyUyNmNsaWVudCUzRGNhLXB1Yi0yMzA1MzA0OTk5MTg4NjUzJTI2ZGJtX2MlM0RBS0FtZi1BTElSTkVMVmJoQ1lzZzVqYzY5WTM2MFl5emd2X2VVZGdtUzRhajZlcGMwTEY3WGQwNmlNYXl1bEF6dGZhRTRTWDNkNTBvUmstZkIzanNGc0tCd193Wmx6Z2VFRV9Gcks1VEtmMDFHMTViTnJfbDQxWXE2c1dFWi15anJuczU5M0ROZlRLZ1A5X3UtRlhjQjItOUVXUElmM0R4alpnUjJIVDJSUEhpWFA3VUtfZUNseUklMjZjcnklM0QxJTI2ZGJtX2QlM0RBS0FtZi1BZU5POTgwWWRmZXV1ZVJHdmtwYy15MkJyYW4xVzBGUmt3bl9CWTNrOUFCVGxXX2hmckQ0WHZTQlMyaExIQjY4YlRtMWZsQ3l0b0pyT0ZVOUppRlBkZlM2M2lwR2pTOURsMTlaU3JfLWpqWmFlejVac19fU3JHTGFVSVk5Z1pLVm9PVDRKUVFVeHdGSVRiMWJaMjNoZVQ5T3BweU1FbEdlUGJQRDViZGl4VTAyRjlTREc1UlNHQnZDZkNkWFFkMDR4ZkJaR19VekRjMHF2ZHdkQUJvNzFuNVZ4TzFZTEJJMzJFVjN6ZDc4dkQ5T19aMG9VcFlJdTlQU0l0VEwtVG5Vb2U5a1NXbzlOaHM3YUtlenN3T29Kalh6TXpCNzFXbEE1S0VXbndTdmVyazEzbzJISWZTazZ4RzB3QkVJeUxFckVnV1NMSEJLT2QyX1ZvZWdEbE1tZWNITjQyUmM5UVlGTTQyQ1lKMlVUWW40bzV4NkZFdDI2d1hXZEtTZUhON3lTR2N2TjFHZUNoTWZYUlJtb2NmdWpULXY3QUZsMEQ1QVFqQ3llYlROWVNEbXJlS0VHdHdUX21Id1VlS3NTU0N1dDhzaXhSd3hfeWlfdFBLbEtRc0ZpOERVQVR4QUdtb3IybEZxUUZyanlhUXlaUGRfSmR3eE41SldOSEFYZ0tBV05VSVRkNXZLaDNxWGxtaVBxNzlNb2ZYLXVzZEZRMy10eXhWSzBOa3FzR2t6cUVUOXMlMjZhZHVybCUzRGh0dHBzJTI1M0ElMjUyRiUyNTJGd3d3Lm1hemRhLmRlJTI1MkZtb2RlbGxlJTI1MkZtYXpkYS1jeC01JTI1MkYlMjUzRnV0bV9pZCUyNTNEMS0zNDc3MjYxMTI3MDQlMjUyNnV0bV9zb3VyY2UlMjUzRGRvdWJsZWNsaWNrJTI1MjZ1dG1fbWVkaXVtJTI1M0RkaXNwbGF5JTI1MjZ1dG1fY2FtcGFpZ24lMjUzRG1tZF9wZG1fcmFuZ2VfYWx3YXlzb25kY29fZGVfMTU4XzA0MjMlMjUyNmNhbXBhaWduX2ZvY3VzJTI1M0RtYXpkYWN4NV81d2duJTI1MjZ1dG1fYXVkaWVuY2UlMjUzRGJvbmRfZGNvLWN4LTUlMjUyNmNhbXBhaWduY29kZSUyNTNEbW1kX3BkbV9yYW5nZV9hbHdheXNvbmRjb19kZV8xNThfMDQyMy9jbVVybD1odHRwcyUzQSUyRiUyRmFzc2V0cy5ldXcxLmppdm94LmNvbSUyRndpZGdldHMlMkYyMDIzJTJGOCUyRmE3Mjc5OHo2NGU1YjU4MTUyYTIwJTJGMSUyRk1hemRhXzMwMHgyNTBfSFRNTF9NYXN0ZXJfR2VybWFueV92MiUyRkluZGV4Lmh0bWwvYkRpbT0zMDB4MjUwL3dsPTEvcj0wLjQxMjQ2NTE2MjA3NDA4MDQ2L2NsaWNrTWFjcm89aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENnR08xcUZxaFpjcjlFLUtYeF9BUDJOeXpvQWZjakx5WGRZdlIwYWFVRXFTRms4Q3dBUkFCSU1HQ2k1b0JZSldDb0lLd0I2QUI1dVAvY2FjaGVNYWNybz0xNzA1MDczMzIwMzI3MzcwL3BhZ2VVcmw9aHR0cHMlM0ElMkYlMkZkN2JlNWNkZGNkYjQ2YmMyNGI0Y2RkMzcwNjZlOWY5ZS5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGc2FmZWZyYW1lJTJGMS0wLTQwJTJGaHRtbCUyRmNvbnRhaW5lci5odG1sL2VzX2NnTmFtZT1NYXpkYV9IVE1MX01hc3Rlcl9HZXJtYW55JTNBbnNjJTdDTU1EX2xhbmclN0NERV9jdHklN0NBV09fYXR5JTdDRGlzcGxheV9mb3JtJTdDUHJvZ3JhbWF0aWNfbW9kJTdDTUFaREFfQ1hfNV9tbW9kJTdDTUFaREFfQ1hfNV9mbiU3Q0JvbmRfbXRhJTdDR2VuZXJpY19jdGElN0NFWFBfbG9jJTdDVXJiYW5fY29sJTdDTm8rZGF0YV9jY29sJTdDTm8rZGF0YV9mZWElN0N2MV9jZ2klN0NmYWxzZV9zaXplJTdDQWxsL2VzX3NlZ05hbWU9RFNQX1VyYmFu
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.108.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-108-160.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 15:28:41 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 50CE 0
0

GET dc_oe=ChMI0du-gpXYgwMVRfQRCB1ArAMjEAAYACDPhphYQhMImIzxgZXYgwMVh_8RCB0ZIAeK;dc_eps=AHas8cBFTYjssVu6p-NToDURMu2NtXsy5ItlsPTztEdpz3asvjYNWHv4Jf0MjFfb-n__XMMJHpV4MeLdrw;met=1;&timestamp=1705073321119;e...
ade.googlesyndication.com/ddm/activity/ Frame 50CE 0
0

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 25ms
24ms Image
image/gif 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=belog&itype=YHB&tElp=23738&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yin-67fb494447-cshcc&svr=264_93_103_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705073297422029970147846099&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&name=ADS_DISABLED&stack=1&lvl=3&crid=&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 12 Jan 2024 15:28:41 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 490ms
489ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=416983908018843&correlator=4305386603777375&eid=31080239%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr_consent=tcunavailable&gdpr=0&tcfe=3&iu_parts=22888152279%2Cus%2Cyhp%2Cmain%2Cdt%2Cus_yhp_main_dt_top_center&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=970x250&ifi=10&sfv=1-0-40&fsfs=1&fsbs=1&eri=4&sc=1&cookie=ID%3D039ed57b44e917f1%3AT%3D1705073297%3ART%3D1705073297%3AS%3DALNI_MZxDT0290qg0DGBz0x0Cm3GP9tyJQ&gpic=UID%3D00000d3fda9264f2%3AT%3D1705073297%3ART%3D1705073297%3AS%3DALNI_MYIeMaZKIhP-VN3d_asiJ7JcXwi9A&abxe=1&dt=1705073321129&adxs=315&adys=209&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fyahoo.com%2F%3F&vis=1&psz=1600x270&msz=1600x270&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=192911338.1705073298&ga_sid=1705073298&ga_hid=1020561707&ga_fc=false&dlt=1705073296218&idt=1482&prev_scp=loc%3Dtop_center%26ri%3D1&cust_params=bucket%3D900%252Cseamless%26cobrand%3Dnone%26colo%3Dgq1%26device%3Ddesktop%26lang%3Den-US%26lu%3D0%26region%3DUS%26site%3Dfp%26ver%3Dmegastrm%26pt%3Dhome%26spaceid%3D2023538075%26yrid%3DfssMH6Pv%26y_bx%3D1%26y_ldp%3D1&adks=2115072069&frm=20

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

809f9bfbbdd4e9b0491fe90380ba9f980dde984cd8c3e59499ac018ab8bd4273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11992
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://yahoo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/SCSS/ Frame C7D0 4 KB
1 KB 14ms
9ms Stylesheet
text/css 143.204.215.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/SCSS/style.css
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-11.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b65a8a0b20001630e311cdde4f161655ec60bb79f59806204dd5300a476a577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
date: Thu, 11 Jan 2024 16:24:47 GMT
last-modified: Wed, 23 Aug 2023 07:30:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 83049
x-amz-server-side-encryption: AES256
etag: W/"52cbe98704a7ccc13ee574a0f97f6377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400, s-maxage=86400
x-amz-cf-id: CZjn2kbcrAmS2kgSaaS-RuIGtWuBpjSqcnsO2ttbzFFHtw9ULnttXQ==

GET
H2 200 MazdaType150-Regular.woff2
assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/fonts/MazdaType150Regular/ Frame C7D0 42 KB
42 KB 30ms
11ms Font
application/octet-stream 143.204.215.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/fonts/MazdaType150Regular/MazdaType150-Regular.woff2
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-11.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:26:37 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 83032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 42740
last-modified: Wed, 23 Aug 2023 07:30:11 GMT
server: AmazonS3
etag: "3f2a9073b5b7460866937e4cd2251bb8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 5RHxDJNksrxZ8QEU-Spbv_OJeJioppTjfbB-yg6A0JHGZvcktJOEkQ==

GET
H2 200 MazdaType150-Bold.woff2
assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/fonts/MazdaType150/ Frame C7D0 42 KB
43 KB 39ms
21ms Font
application/octet-stream 143.204.215.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/fonts/MazdaType150/MazdaType150-Bold.woff2
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-11.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f933d95c0e31a6f637a994c9d1190c55a62758799419dc3a464f06696017a720

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:26:37 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 83032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 43052
last-modified: Wed, 23 Aug 2023 07:30:11 GMT
server: AmazonS3
etag: "fd0d058ad8ef32b77a0a2c6e7dd389b7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: vAEfkwyaE2IK7AnudOpo6-csmLLRJ3Fu95R25ChNaixvg1QRMvFSQQ==

GET
H2 200 MazdaType-Regular.woff2
assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/fonts/MazdaTypeRegular/ Frame C7D0 26 KB
26 KB 37ms
18ms Font
application/octet-stream 143.204.215.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2023/8/a72798z64e5b58152a20/1/Mazda_300x250_HTML_Master_Germany_v2/fonts/MazdaTypeRegular/MazdaType-Regular.woff2
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=989d645&showAdChoices=0&isDynamic=1&campaignId=160618&ts_pId=989d645&siteId=16d96d7524bb47d&dspId=DBM&bDim=300x250&creativeUnitType=20&jvxVer=2&bUnitId=2000&us_privacy=%24%7BUS_PRIVACY%7D&gdpr_consent=&gdpr=0&r=1705073320327370&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgGO1qFqhZcr9E-KXx_AP2NyzoAfcjLyXdYvR0aaUEqSFk8CwARABIMGCi5oBYJWCoIKwB6AB5uPe6QLIAQmpAh9uiy0rZrI-qAMByAObBKoEkwJP0C2JYj6IrXKf7PPkn_gWuMuIJ0dqswSkR7mPtnzj0Wd-BudaLPsQCIWWyEYsw2w9S6TIfd1jAnDPTy3PkrNuwY8JOWJXQoXDCckNHMa69ejnle5xzU25UVKsvr758YBE4CCTkkVBB0pzWoHiiDeITn7aUTgQz3ZCZJi9veNMzwiV6YBZwdenziLAOOjSVC96JWJIILHD5eqgyME9ihNOjen7QtKkxyoW70Unm772_xnhpJtGsfJyP-PmbX8OKF1ZDqhlLTy_ykT__avHnAp0KZkTc2mLGWMJ68YZhDEK4UNjvsbflsd95D58zvSstWoPpykkuuaMHsTf-1Zb00jBDB_fPSpNFz4p7BLTD9wdbXb1icAEqMnNw9sE4AQDiAX4pt2fTZAGAaAGTYAHgpyhlgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlid0sqMldiDA4AKA5gLAcgLAYAMAaoNAkRF4g0TCPf3yoyV2IMDFeLLEQgdWO4MdLATjrufFtATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE%26sig%3DAOD64_1Xs6mnytQjD7grouEFH9eVG58wxw%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-ALIRNELVbhCYsg5jc69Y360Yyzgv_eUdgmS4aj6epc0LF7Xd06iMayulAztfaE4SX3d50oRk-fB3jsFsKBw_wZlzgeEE_FrK5TKf01G15bNr_l41Yq6sWEZ-yjrns593DNfTKgP9_u-FXcB2-9EWPIf3DxjZgR2HT2RPHiXP7UK_eClyI%26cry%3D1%26dbm_d%3DAKAmf-AeNO980YdfeuueRGvkpc-y2Bran1W0FRkwn_BY3k9ABTlW_hfrD4XvSBS2hLHB68bTm1flCytoJrOFU9JiFPdfS63ipGjS9Dl19ZSr_-jjZaez5Zs__SrGLaUIY9gZKVoOT4JQQUxwFITb1bZ23heT9OppyMElGePbPD5bdixU02F9SDG5RSGBvCfCdXQd04xfBZG_UzDc0qvdwdABo71n5VxO1YLBI32EV3zd78vD9O_Z0oUpYIu9PSItTL-TnUoe9kSWo9Nhs7aKezswOoJjXzMzB71WlA5KEWnwSverk13o2HIfSk6xG0wBEIyLErEgWSLHBKOd2_VoegDlMmecHN42Rc9QYFM42CYJ2UTYn4o5x6FEt26wXWdKSeHN7ySGcvN1GeChMfXRRmocfujT-v7AFl0D5AQjCyebTNYSDmreKEGtwT_mHwUeKsSSCut8sixRwx_yi_tPKlKQsFi8DUATxAGmor2lFqQFrjyaQyZPd_JdwxN5JWNHAXgKAWNUITd5vKh3qXlmiPq79MofX-usdFQ3-tyxVK0NkqsGkzqET9s%26adurl%3D&ap_cookieData_type=maz&wl=1&ap_DataSignal1=20736070520&objectName=jvx_65a15aa8addd4&adUnitId=2000&jvxSessionId=1705073320.6555&base=1&creativeResolveBeginTime=1705073320000&ap_cookieData_id=u1a9Ta8VATLG&omid=0&localTimeOffset=-60&pageURL=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-11.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04044f475eb29011291b64adae97d21de0cc6204463562500d98e7552454fabd

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 11 Jan 2024 16:26:37 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 83032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26212
last-modified: Wed, 23 Aug 2023 07:30:12 GMT
server: AmazonS3
etag: "0435c128bf57231c4b9f022807ff1167"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: IDQ7XHlje6CnoiQgrzMtUlatbCLoJjfHfchFBsVYSE37asUFyrx2dA==

GET
H2 200 es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZF91MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9lc19ldD0wL2JEaW09MzAweDI1MC9q...
evs.euw1.jivox.com/trk/72/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/ Frame 71EE 43 B
229 B 32ms
31ms Image
image/gif 34.251.108.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/72/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZF91MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9lc19ldD0wL2JEaW09MzAweDI1MC9qdnhSYW5kb209MC45MzMxMTAxMzg2ODQ3MjI3L2VzX2NnTmFtZT1NYXpkYV9IVE1MX01hc3Rlcl9HZXJtYW55JTNBbnNjJTdDTU1EX2xhbmclN0NERV9jdHklN0NBV09fYXR5JTdDRGlzcGxheV9mb3JtJTdDUHJvZ3JhbWF0aWNfbW9kJTdDTUFaREFfQ1hfNV9tbW9kJTdDTUFaREFfQ1hfNV9mbiU3Q0JvbmRfbXRhJTdDR2VuZXJpY19jdGElN0NFWFBfbG9jJTdDVXJiYW5fY29sJTdDTm8rZGF0YV9jY29sJTdDTm8rZGF0YV9mZWElN0N2MV9jZ2klN0NmYWxzZV9zaXplJTdDQWxsL2VzX3NlZ05hbWU9RFNQX1VyYmFuL3dsPTE=
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.108.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-108-160.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 15:28:41 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 93D1 0
0

GET
H3 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17AC 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
95 B 45ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073321278&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC3-iframe&isRefresh=true&loc=mid_right_a&renderCount=2&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 8F52 0
0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 45ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073321289&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-MON2-iframe&isRefresh=false&loc=mid_right_c&renderCount=0&status=failed

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 44ms
44ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073321289&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&errorMessage=Failed%20ad%20with%20no%20fallback&id=sda-MON2-iframe&loc=mid_right_c&renderCount=0&sourceType=native&status=failed

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D1A1 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 46ms
46ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073321313&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-LREC4-iframe&isRefresh=true&loc=mid_right_b&renderCount=2&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6459 632 B
269 B 55ms
55ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNWN65F3SchOCTpCb68Fudun0izTIj9jT-xqHYalnZHZVhMWwS5_-M-BWECJuENbwB7pBrO3Q_Z6nPmkCIbGpK_diZAQeKCgVMVICMnafb75IUyzDeg

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 17AC 111 KB
39 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 19:20:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 17AC 7 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:01:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 17AC 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 00:01:21 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 17AC 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:20:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 17AC 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD20 1 KB
645 B 15ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sat, 13 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 17AC 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 19:20:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17AC 42 B
63 B 48ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmjvuKyh85cDVb7Ys6KvRJEDcoF61gE8KeULcFW0goccOS3qr-o-OD0-wi8392AFh4O5tOYOtgtyne5SL3rR3UWcOA7jt7AMSAegr3F-DL_wpeOzQ

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 17AC 0
0 21ms
21ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsNlWph3LXpMQ5uUHIWVMgxZl-AIkNNYoxa_-n-GCYSAsu53QYF65bcdSycjAojppTwtxW4p2OSaj6opeKtAdX9x3EsQ
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17AC 205 KB
65 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:41 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B2F 462 B
203 B 57ms
57ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVYHlkQZ1o1UHjmnA7mOtWgNEJXYO4SQ2iWdyWuX3TNRw_S44j_KLhxi7bgV0aZbK61Pj0vtmdXFVw3tNyvYUZYqA9cccfLhJL_iejPbqjsepISV5A

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89d538c36cf602eba0a7634d92b4ba8fe05a79bbd7c2721f490bcf993ba3ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D1A1 89 KB
31 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1A1 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTCFKVzHrWWpFo_pE-RawUg7ZJ9L0morhHmSU6jFP1URGKzGutdvILvK3vLgMOlzqXFjnkAeO8mMKHlLCn7xLVgh7swAh6ZSgDA_3DVjLj7b27aPc

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D1A1 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D1A1 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1A1 205 KB
65 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:41 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 6459
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESENJUNQuNjN6ME9eGzONiqhw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESENJUNQuNjN6ME9eGzONiqhw%26google_cver%3D1

43 B
1 KB

50ms
46ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESENJUNQuNjN6ME9eGzONiqhw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNWN65F3SchOCTpCb68Fudun0izTIj9jT-xqHYalnZHZVhMWwS5_-M-BWECJuENbwB7pBrO3Q_Z6nPmkCIbGpK_diZAQeKCgVMVICMnafb75IUyzDeg

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
an-x-request-uuid: b91f6363-9219-433d-8cd7-2ce6541145dd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.131; 178.162.209.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
an-x-request-uuid: 3ddd7731-c510-4340-b2dd-c9bf09210d57
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESENJUNQuNjN6ME9eGzONiqhw%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6459
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzOTQyODUxNjU5MTg5OTEy

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzOTQyODUxNjU5MTg5OTEy

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
an-x-request-uuid: b76e83d4-1f1c-4068-b212-d2e49556417b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzOTQyODUxNjU5MTg5OTEy
x-proxy-origin: 178.162.209.131; 178.162.209.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6459
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECbSFa5utNzF6R8dVBMCC-U&google_cver=1&gdpr=0
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbSFa5utNzF6R8dVBMCC-U&google_cver=1&gdpr=0

43 B
171 B

22ms
19ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbSFa5utNzF6R8dVBMCC-U&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGOn5hoICMAE&v=APEucNWN65F3SchOCTpCb68Fudun0izTIj9jT-xqHYalnZHZVhMWwS5_-M-BWECJuENbwB7pBrO3Q_Z6nPmkCIbGpK_diZAQeKCgVMVICMnafb75IUyzDeg
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESECbSFa5utNzF6R8dVBMCC-U&google_cver=1&gdpr=0
date: Fri, 12 Jan 2024 15:28:41 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6459
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI3MDJlYWUtNDhkYS0yYThlLWQ1ZWYtMzIwZjAyM2UxY2E1

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI3MDJlYWUtNDhkYS0yYThlLWQ1ZWYtMzIwZjAyM2UxY2E1

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDI3MDJlYWUtNDhkYS0yYThlLWQ1ZWYtMzIwZjAyM2UxY2E1
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD20
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEB9l9irV4OIWT-sorYsBRlA&c_param1=AXcoOmT9gAcDOY2VwP7Tp-p0bIWqIn11sOZhnnzMuHUFeoF4wBjDI-s32Dq504o2pRLcqiyGGK56QIjeppB3YP5vT7km7PAk1laQmQ&gdpr=%%GDPR%...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmT9gAcDOY2VwP7Tp-p0bIWqIn11sOZhnnzMuHUFeoF4wBjDI-s32Dq504o2pRLcqiyGGK56QIjeppB3YP5vT7km7PAk1laQmQ

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmT9gAcDOY2VwP7Tp-p0bIWqIn11sOZhnnzMuHUFeoF4wBjDI-s32Dq504o2pRLcqiyGGK56QIjeppB3YP5vT7km7PAk1laQmQ

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmT9gAcDOY2VwP7Tp-p0bIWqIn11sOZhnnzMuHUFeoF4wBjDI-s32Dq504o2pRLcqiyGGK56QIjeppB3YP5vT7km7PAk1laQmQ
date: Fri, 12 Jan 2024 15:28:41 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD20
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELrW9amwgzLm6Hy78wwxuPM&google_cver=1&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCfGzdel...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELrW9amwgzLm6Hy78wwxuPM&google_cver=1&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCf...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCfGzd...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCfGzdelb6a2gyOp6voWKvNW5noTsQ

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmQqm1K_YHj4R6Fym7nOVJw5g_FloSpTHrGe7gZCVQV0vPg6gmetn3Xv1DSu4-Te9LQxuCfGzdelb6a2gyOp6voWKvNW5noTsQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame AD20 43 B
236 B 58ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDbwHjPYpkRzPLWQ0GcHvAs&google_cver=1&google_push=AXcoOmRpU2SFBNwFEYbeJmw7BtvlzvwnWKfJJ2BZitcR5oovu6xP8oj_2NnogscnAYiJh7RRLIA5o8TqkPgrzmPR_W6yuWx8JCmw
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD20
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkSq9JJqJKNJIME4BDv8hs&google_cver=1&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YC...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDkSq9JJqJKNJIME4BDv8hs&google_cver=1&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YC...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YCgJbW1NJgWbNjg&google_hm=H-sgAGZHYRlCP0A6R46J...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YCgJbW1NJgWbNjg&google_hm=H-sgAGZHYRlCP0A6R46JXCHb

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRghK6eCNNQyruuwUHXw44bsiHiL0dzJ87uaXZ8j_e8e2akKHx6SW0a133KUr-Tm_h1AbBsNDbnbEJTh55YCgJbW1NJgWbNjg&google_hm=H-sgAGZHYRlCP0A6R46JXCHb
access-control-allow-origin: *
date: Fri, 12 Jan 2024 15:28:41 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD20
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQGerf5RSbp8BYLiXEJM876iP9wmlFEAF64QnEPgcSKA0H99p21JNLSMaQv9AI0_xi1rBNJmII8VRxLLQYjLzggOpiQhySipC0&google_gid=CAESED8BKkeBH_...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED8BKkeBH_gf6IUdCMELjeo&google_hm=T1BVYzNhNTc2OTkwZjM3NDE3NmIwMzE2ZWJlYjRmYjhlZjE&google_nid=opera_norway_as&google_push=AXcoOmQGerf5...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED8BKkeBH_gf6IUdCMELjeo&google_hm=T1BVYzNhNTc2OTkwZjM3NDE3NmIwMzE2ZWJlYjRmYjhlZjE&google_nid=opera_norway_as&google_push=AXcoOmQGerf5RSbp8BYLiXEJM876iP9wmlFEAF64QnEPgcSKA0H99p21JNLSMaQv9AI0_xi1rBNJmII8VRxLLQYjLzggOpiQhySipC0

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED8BKkeBH_gf6IUdCMELjeo&google_hm=T1BVYzNhNTc2OTkwZjM3NDE3NmIwMzE2ZWJlYjRmYjhlZjE&google_nid=opera_norway_as&google_push=AXcoOmQGerf5RSbp8BYLiXEJM876iP9wmlFEAF64QnEPgcSKA0H99p21JNLSMaQv9AI0_xi1rBNJmII8VRxLLQYjLzggOpiQhySipC0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 327
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame AD20
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEl1v5h_oF_9...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTft9fYwNUPO-DR28hyGwdIfW18hcSPz_8cODQcFCz1NA2Nz1XiMUN9sFINyP6hKjWC9w2r_gHLN6bGsSq7kJol1TrqnvTsQck
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

60ms
60ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 15:28:41 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dot.gif
s0.2mdn.net/ Frame AD20
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESENwQNm8z8ofjJUb32FEM9qc&google_cver=1&google_push=AXcoOmQXBD1xf6hRhGLkioMeo8-fGWKPkeD58jYMVc84bGlZjrjcdIrMNalCIrY3Rjb6jFMNfpHeQ0DsjTcBC9WpX5XY...
https://sync.gonet-ads.com/match/google?google_gid=CAESENwQNm8z8ofjJUb32FEM9qc&google_cver=1&google_push=AXcoOmQXBD1xf6hRhGLkioMeo8-fGWKPkeD58jYMVc84bGlZjrjcdIrMNalCIrY3Rjb6jFMNfpHeQ0DsjTcBC9WpX5XY...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NjlhNDZmZDYyZmUzNzEwNg&google_push=AXcoOmQXBD1xf6hRhGLkioMeo8-fGWKPkeD58jYMVc84bGlZjrjcdIrMNalCIrY3Rjb6jFMNfpHeQ0DsjTcBC9WpX5XYGc9...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NjlhNDZmZDYyZmUzNzEwNg&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
73 B

16ms
16ms

Image
image/gif

2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:46:06 GMT
x-content-type-options: nosniff
age: 63755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 21:46:06 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD20 0
12 B 24ms
24ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuJTqnaDYVTFlBpbSZFE7j2S_ASDB05IAjQH5uKnB10VJMHDLeUIz1TFygt1UCPqKzsi3GqLxx

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8F53 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8319215292978823168/ Frame 93D8 92 KB
19 KB 17ms
17ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d956b67e387ea2582e9929e71a3131b916eab41f0eb98d8e39efc83bde47df4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 12833
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19035
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 11:54:48 GMT
expires: Sat, 11 Jan 2025 11:54:48 GMT
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 17AC 0
0 61ms
61ms Fetch
image/gif 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstOom1lU_3_4wGz1Btcp63LKGSgtfRaTsv9m_4hYuthb42SyKNZbzQF8YTjRFZk8oCvSX9Ss3JFwK_M7BZRmI-XCj-b_jLqgu_GlJQbnGmstWCPd71eAahdVg6G7GilQlykRVrABa1hL1SqGYk_0NTxO2cEpHewleuFwgVq-3H8XNFZ0fk6bcyNZGEMuoN7stV3FznpIZMyEaxugLQ2-4DcsZZeMiMYOePxAhtRMquhc7BKrM-5H9IimpAiBjawfUEuu1e8wb5s83tHNF3URDCIq7t_OktGDHvP4YBHAyFhJgDYVLvdlNRbM87EbfDDcbCRrhVIZkHkWOi74xox6nFfGWxbNU6OXYAtRSzvUsE2eotH0moG8_PLP2sJpJpp5gRS-9skbRuYwWHxDnVkBDGmUFWB3zYOFECBJjSSmXx121pQ0pwlHTU26yfpAVI1GMMf5nKJJcxtJHoSs3O_Ml5S9Lp_QICaO59GZCo1GmDavLf7WQF59rpkyTbw6hj70xl-g4eOd8EL6YXVwldOp36Zs0Q0PANVSKylqIHVbn3NIYVT30pq38Fe9eaUwMOmtz7GzGc0tSxJBv87ixfTlNY1q3bdyP50fJobGWIAIFhSaaAp9hbU7NPpm56-MZmfBh5E3CZVYuHgX726pz2HX0thjyFkjQ602z7tkP8ORq-kxlmxbpn1FaNmXKKUPPJZWL9Q4X-MlA4FfRFI2QVRPbhppPyo7LntZt_8PybGVex08i_5BKzuaIx1U-40eydT_TDMrqv0gMlu9N5cCOSzfxsDq3Shkr7GwIiBeSbWROAMD_klfP0YdXREZdvH74r6m4gtmObQ6GBRROWEcmVUavg7b8JtzWjJ4aIJWlhmcZUlFVd0coI4sszz2zR6UvnoQxkeWtVNwzT1eTZZoB6ueVFTYY3uJgr2GmvWPBMBCGWOmVBwrlvhmzo-B9qNHvh8XmOCIopt1n2i1NAwE8xVSBy8gnHxv40tjjKe3l9bYVbrFFUpm0aIF1_PJVmxnPPe-3E0IALXICWvcoPwwxY_VqERmaI3zhjhTav8y5XhvYK0nkb_MAADVmkqssKbmj9S9TUDPzr86KcbAGbF0mAJ20CID_vRw8eMWTeeJWsuxwImu5yyOPaGQhdsPu0A9zoyAsijIeUeEFM1U46-MO9pK-F7Vbs9Sf28xDzhhPLb7ooQyj_OykyXl3oqgr0vFspG9m77CqGMiZ53KQEke6F_mq9hEMRTS2-SMrkdFcX9ix7FhOVhOw3jT2OO4sEm19q7wzENsRT5S-1xkhRPBXq7texxV2N-5ws0FHWaqLE7SpSCoFJ8165ZyeDE3ATktNHH0OCUfZw_VAjbfaR8FV1dBdWv-UYYdZ7ytK_VRIWuVGpezWRLkkz66zR23LMLo-VSgAxkv28P&sai=AMfl-YTvMxL5QB9T7p1vXCnGJ7trd_DXJU6s8f04PmTI903jmAtjcT_mDkA_oQFpjjlU7KDnZGRuetQ_D5Q1DpUV2E5Z06bnwtP3bn7ewwI21BRCg4aLn-wpeO4uo9d8wM8wV_X9pqCyuJ1osQa2Lhf_xiNIce4vTFEtrdCUvTomgM53Fzqoj3OZc7vJf24atd12usXvK3EedPbw9C1DtDUxBn3rA-OXBDR9Hv9c-0ulo3aatkFPXwLTmRN_hSZSuMMt3Cq3UI2_cNSd-20CGVjF_L1qcQR2Wfm7G609embXdym6fCn3p-YyLAxuLnobCN0l1XhjEmf13nR_bYIO5D3ayHsJi86369Bd5izdDKpBRIm8cnrGf9AQiMfOt_ZQvm5PVjI_E2FyGWcp1xPDGcIQsUuDxAmaHRoYdDs7E3u2&sig=Cg0ArKJSzLqeav2wfWsAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=70&cbvp=1&cstd=66&cisv=r20240109.63097&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 17AC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fba69a9ecaca360bc7e6a57ed703aac2cdba282b864dae89fbe4a7cbac5654

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F53 50 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:48:02 GMT

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 93D8 70 KB
25 KB 32ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3005822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxhcquOxAUYAhDpLv219FncpikzB0cX8cLdSu5%2FmEsu73Ok4wXBjqMQLAIH6Avm4GEPneYdRhxt%2FhJS1aAMZxEMyV1OAlfa1ooqwJ1ZtXKRuvPGNy9I6eoRq2ZKWjuef11F%2BOD2E157xCHILkUDpS7A3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84466e436ee42be0-FRA
expires: Wed, 01 Jan 2025 15:28:41 GMT

GET
H3 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 93D8 2 KB
1 KB 31ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3752580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTyfwQyfayHEzbdeZ3rzCPn453SpGgB8DB9DGayqdbgQj7VS12aY3RqtlcDgKZ8wyxeBEsIjkdCEbhG2z4%2Bu8Vty17fO%2B5s4tUbMo4WUfAI8xb7P1oi3yagSzWewCuYZKcFS96J9QzcUn0Et8Xbea4Hj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84466e436ee82be0-FRA
expires: Wed, 01 Jan 2025 15:28:41 GMT

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 5 KB
2 KB 19ms
15ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:57:46 GMT
date: Tue, 09 Jan 2024 08:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 669 B
439 B 21ms
17ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:01:09 GMT
date: Tue, 09 Jan 2024 09:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 5 KB
2 KB 29ms
25ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:46:27 GMT
date: Tue, 09 Jan 2024 08:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 107689d0.jpeg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 54 KB
54 KB 29ms
24ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/107689d0.jpeg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90cd37b7ee25284b847f912ffe44555ca87e770cbd7f25cdefd1476e581235f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:02:19 GMT
date: Tue, 09 Jan 2024 09:02:19 GMT
x-content-type-options: nosniff
age: 282382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54953
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 774a2176.jpg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 60 KB
60 KB 24ms
19ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/774a2176.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

283d3ab3dc017152ffa86d2353ada56f9faaec83c98e01d4a4cdcd826654fed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:10:29 GMT
date: Tue, 09 Jan 2024 09:10:29 GMT
x-content-type-options: nosniff
age: 281892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61108
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 db03c651.jpg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 42 KB
42 KB 32ms
27ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/db03c651.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e518be317653620dc026a249493e19adb3ee4bf6d8d7747b7ac12d10c1837f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 15:24:29 GMT
date: Wed, 10 Jan 2024 15:24:29 GMT
x-content-type-options: nosniff
age: 173052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42949
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 302 B
272 B 31ms
26ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:06:56 GMT
date: Tue, 09 Jan 2024 09:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282105
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 63ca751c.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 2 KB
2 KB 41ms
35ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/63ca751c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e5dfe98cc72943d3a0c3ec75a441dd9d2111c27db7cb5a9ac721ee7b60abfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:57:46 GMT
date: Tue, 09 Jan 2024 08:57:46 GMT
x-content-type-options: nosniff
age: 282655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1940
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 72064023.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 3 KB
3 KB 40ms
34ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/72064023.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1bd882478ea2d53cea87b43488a5bbf1bf8302f8a3de5a2baaccf9df96a9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:48:31 GMT
date: Tue, 09 Jan 2024 08:48:31 GMT
x-content-type-options: nosniff
age: 283210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3357
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4caa6916.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 2 KB
2 KB 33ms
27ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/4caa6916.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b817576adb88b7fe165a3cec26332bee830344d1453a7c77343fe4f329f7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:06:56 GMT
date: Tue, 09 Jan 2024 09:06:56 GMT
x-content-type-options: nosniff
age: 282105
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1700
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 64d40b2e.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 3 KB
3 KB 39ms
33ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/64d40b2e.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d3da40c817053ac4a638c787507ca72835553a1bc27d2d21090dcc6759c13d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:47:29 GMT
date: Tue, 09 Jan 2024 08:47:29 GMT
x-content-type-options: nosniff
age: 283272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2753
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a6e304b2.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 1 KB
1 KB 35ms
29ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/a6e304b2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa6522e0ac537a9155811bafefeae7f345f8a112e3434695a6a6917b49f5e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:48:02 GMT
date: Tue, 09 Jan 2024 08:48:02 GMT
x-content-type-options: nosniff
age: 283239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1192
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 7e1c8366.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 3 KB
3 KB 35ms
29ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/7e1c8366.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60159e9de8ca359fa7bfe53d8f4b2bbba92ad4432a6569a5f74ea33d55be3f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 12:55:03 GMT
date: Tue, 09 Jan 2024 12:55:03 GMT
x-content-type-options: nosniff
age: 268418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2612
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 820 B
509 B 37ms
31ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 13:44:01 GMT
date: Fri, 12 Jan 2024 13:44:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 769 B
440 B 32ms
26ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:00:22 GMT
date: Tue, 09 Jan 2024 09:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282499
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 bc87b8ac.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 3 KB
3 KB 33ms
27ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/bc87b8ac.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d968224acd90ff526419597fc9128e8214a87080f4daffd56099f4fa08990d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 13:35:09 GMT
date: Fri, 12 Jan 2024 13:35:09 GMT
x-content-type-options: nosniff
age: 6812
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2618
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3942350a.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 4 KB
4 KB 43ms
37ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/3942350a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

057db10da18fb34336431b645044e7fa19a01f377270cd0e47afcd38fddda68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:48:53 GMT
date: Tue, 09 Jan 2024 08:48:53 GMT
x-content-type-options: nosniff
age: 283188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4471
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 1 KB
1 KB 43ms
37ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:38:21 GMT
date: Fri, 12 Jan 2024 14:38:21 GMT
x-content-type-options: nosniff
age: 3020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 3 KB
3 KB 42ms
36ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:47:29 GMT
date: Tue, 09 Jan 2024 08:47:29 GMT
x-content-type-options: nosniff
age: 283272
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 694e4de6.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 12 KB
12 KB 39ms
33ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/694e4de6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e39b60c6f9cf4a0e89e4de15fa00ef99c221b75401b28e89e05723ff310730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:43:40 GMT
date: Tue, 09 Jan 2024 08:43:40 GMT
x-content-type-options: nosniff
age: 283501
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12679
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 7da93d3f.png
s0.2mdn.net/sadbundle/8319215292978823168/images/ Frame 93D8 32 KB
32 KB 41ms
35ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8319215292978823168/images/7da93d3f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

218511cc421e9df747b7733fc96b66ed26748c18901527c66cf9983173bee7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8319215292978823168/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:04:45 GMT
date: Tue, 09 Jan 2024 09:04:45 GMT
x-content-type-options: nosniff
age: 282236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32590
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 11:20:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

um
sync.teads.tv/ Frame 8B2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0

23 B
163 B

37ms
36ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVYHlkQZ1o1UHjmnA7mOtWgNEJXYO4SQ2iWdyWuX3TNRw_S44j_KLhxi7bgV0aZbK61Pj0vtmdXFVw3tNyvYUZYqA9cccfLhJL_iejPbqjsepISV5A
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 15:28:41 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8B2F 23 B
163 B 46ms
38ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVYHlkQZ1o1UHjmnA7mOtWgNEJXYO4SQ2iWdyWuX3TNRw_S44j_KLhxi7bgV0aZbK61Pj0vtmdXFVw3tNyvYUZYqA9cccfLhJL_iejPbqjsepISV5A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 15:28:41 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

sync
partners.tremorhub.com/ Frame 8B2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0

43 B
175 B

354ms
105ms

Image
image/gif

2600:1f18:612b:4216:bba5:fc0b:66fa:bb51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGLLC3d4BMAE&v=APEucNVYHlkQZ1o1UHjmnA7mOtWgNEJXYO4SQ2iWdyWuX3TNRw_S44j_KLhxi7bgV0aZbK61Pj0vtmdXFVw3tNyvYUZYqA9cccfLhJL_iejPbqjsepISV5A
Protocol: H2
Server: 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 12 Jan 2024 15:28:41 GMT
server: nginx
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
lg1.hb.yahoo.net/ 35 B
191 B 39ms
39ms Image
image/gif 23.50.131.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg1.hb.yahoo.net/log?logid=kfk&evtid=gptslog&itype=YHB&tElp=24161&adt=desktop&cid=8YHBJ3BJ0&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PR6KY355&dn=yahoo.com&servname=ssp-serving-yin-67fb494447-cshcc&svr=264_93_103_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001705073297422029970147846099&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=eu&itypeid=84&sd=-1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=1&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=&gtd=400&inid=&ngfundl=1400&rdl=1400&r_tim%3C%3E=3821649&pubdpa=2&sid=sda-LREC-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_right_1&szs=300x250&tp=loc%3Dtop_right%7Cri%3D1&late=0&srt=1123&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_right&istgt=1&tref=0&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=572&btm=822&lft=1132&rght=1432&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-LREC3-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_a_0&szs=300x250&tp=loc%3Dmid_right_a%7Cri%3D1&late=1&srt=1125&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_a&istgt=1&tref=1&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=862&btm=1112&lft=1132&rght=1432&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-LREC4-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_b_0&szs=300x250&tp=loc%3Dmid_right_b%7Cri%3D1&late=1&srt=1126&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_b&istgt=1&tref=1&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=1132&btm=1382&lft=1132&rght=1432&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-MON2-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_c_0&szs=300x600%7C300x250&tp=loc%3Dmid_right_c%7Cnoads%3D1%7Cri%3D1&late=1&srt=924&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_as_mid_right_c&istgt=1&tref=1&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=&btm=&lft=&rght=&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&sid=sda-MAST-iframe&dsid=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_center_1&szs=970x250&tp=loc%3Dtop_center%7Cri%3D1&late=0&srt=1126&lzl=0&dfpAdPath=%2F22888152279%2Fus%2Fyhp%2Fmain%2Fdt%2Fus_yhp_main_dt_top_center&istgt=1&tref=0&ads_disabled=1&td=%7B%22ydevice%22%3A%22desktop%22%2C%22ylang%22%3A%22en-US%22%2C%22yregion%22%3A%22US%22%2C%22ysection%22%3A%22main%22%2C%22ysite%22%3A%22fp%22%2C%22ysrc%22%3A%222%22%7D&top=84&btm=354&lft=0&rght=1600&ydt=desktop&ylang=en-US&yr=US&ysec=main&ys=fp&lper=20&requrl=https%3A%2F%2Fyahoo.com%2F%3F&kwrf=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.131.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-50-131-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 12 Jan 2024 15:28:41 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1A1 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8545027703537&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1A1 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8545027703537&version=m202309260101&ct=77&x=1&cor=14020637837031230000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D1A1 34 KB
19 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6bCusP7iTwev7nLc6wOt2nhlAQ2p1wcYcInwIGOG2SRRrK-DwvWyMf56aLaiEfr_NnVmnu8qXwGaR3Ib3zGjviBSLCsCGJELpaJlXKfzpRwU-TCZxZOYHzt2kH24rYTma94ZeXKb32Hf32iNku7C8Ue90Zi6QXX06ereUqHCCbww1uNg&cry=1&dbm_d=AKAmf-A493Wm6WXW7GfruErl-WipvYZVFO2frBshu7MvEHtQKKH4tkMcI6BF-ZBXqn4W6lTTuW0NO9oid1W6NymFmIQMxQsMhaEBlCZka_ng_Usm6zlmKya-npl_VfbQEhCM6CbhHDQZnmdrXWemI_BpHC8rp0X6J25ECzf981xn2hGu9-I2Pf1PAlU05ALs7kD-6k9aEpf1bHyDV3z2lMVpb6JC_eF4FfzFZjbUEzbxtfgf60RIHPGFxhxUgCu6uG-rdshnwsHuqxKM-tG57yJFLD4V0U3sa8ZJTeDhJNs2peLBJN6hRaF4sJ0pRZAlihJ33O41cStk-5xhwXAcIGDQB0QA2mTobpd402GoQ-RIGkyfZ_bPiHI6ImUrWS-nZ66JsOq8VUqIp_pv4Mx3SBsxOUWy99WLHsXGh37zI5sSjILRtkFT3LboMFkGqYOqBb34wSD1vMtexq1xKPisuZVlJnaTqKfnb7iM1KCpzptFjnncbkKyDr-4aWcy2wLF9cc2ZxrDhCnl0gW2u1F_8oqHbkrP2h5SmtzkEtrBcWZQuzG2FFvp83di7hSxEWEcEE02eP4N4i3ArgQV46EitDZ-cqoW1scuQ42W4zUx_nP_9w0GA2SVRpDgzzhq-wuzkYpM47d3ukl5oKB9eR0pEBkXV6gL6febFGKg754mSQBcft4OCbmT64fbrkuSyyvP2DiDA9PjD2bdtpIyAVFRd9pdcGZeBhR0DNhym6qQu516vXCZTBVHRzkKceceXGcR8TRo3MlGkZAII-2hUfH9pRQ8bAFyOridOgfoj4ggYOO2xohAxBXhkZnblX5FcdkP5KZTrECP2bMNbUlnoc3dPAqyBoKRiH1o1xeXU8AvZkdkrSYmZ3RLJSR1D-IBbMUGAP2f4nIyCQkgQo3E3U8NuPNgY-p7UsY-E9MELSA-13IbXwz3_EpKZbTxsaa6gyLBLIRDk1ZBJ8Gd-THK6Rd3ycsxiUBirdWNGdJzhbwmXayBQ75WmyYMiLE_fh0r5E-f4qV_PQWuJIg6lizKpqpHqAXBx5Waeg5LrMldMXJYPT6U-QdWNJ10qYJkkcYMF30S-zgkBNT7C6ZgKzJVsIY_eLWsHHyP7_YQ1FtJk803ZD4oxIpsUdpC3WCgOiS89bB4WqS41xC-eKK1dBxAi_FVxyooyviZsbOjWTqPP3XoZ-lSxvJYWmzU2i-xDiItdHaQ7DyK0AUdzL2NIyEefjuYIlM-lzTAk2XoK7R1D9UjdHz1YnTpGGSm8SLe1wa3XrT0NbtQCsIhM__dTfv-_xzlATj4AYXexpNV3VOBR3lUt8BABsLQkP2x2pvBWOxAM0qbSsSsr2V2bCzGrDJUQgPCKMCj-CjqdM3iTIA27DYJmTYbnku5y49_A2SG5KqB5MK8wI5UgJiilkD--sMY7_ymKgX5Hwjkk4mZZRkRtwaJ5Y6VDZ4OA7tXUMjmU5gslHtCwoEwgbYIa7ut921XvbHAPQoZYZh5lVxhNqOUx-gTNOMQn3Yk6Xxjfj1Lo9H98vK1xpqdYh4zmx23fcFPzTJD7UpKpySaCdwU8IBBuKiv08_pbvYKpA4T-HZITAsROf71Lt29RdMF5NPmH6mTdR3cP83pIrYnEPTshv9xhyHcZiKbPCqcgsRdyCedvASE-NuPXEnEvBUEfF4l4BMQZyqC1091O-oMQQ1fUf5tlLGLfMUkyT4Wbm-hm-RjEBgZGnsV35x3BPAhseC2snKx69F6txZ2RH5evQIBJMOUdskPlwIuA67fqg22ZLh5EFfIt2U6OeJFAxoMaPIiT7NMpFhEYLq9Y3E_FjXSenjT-N75XJ7IqTWRu1gGsKbtg77n6HfElBxiXGBTbPdwQ_3gjmbjQCnCPb012qKePHDYcXWmF0H-XsyLuchXB0uHdKc3k7_7wZJGBw_nEmyuzVy3dsKo8H1NnNiZx5_jnpjrPyo-5psnCo8Mcp4H2T24NMsjbyX5cMy100yqG34r4XZIKRycrQLJKv3_z0L6AEvywkfs2iKtC9Bu_5yhisA-5qT07PDYqtmnJAwpHwanfQdevWL3XtvNclERGb1AVAuPgVqP9El3JVs6uD2L9C9TbmLCx6vNJJ_57XIzK2Pfz8kqfHadXqENpBrNkPBa9mPSLVEP7AjYVIL9O-MB1nZcTkxgdfkI_vp2FURzlgZCd1lW1-ky5ChqxVpj2WID3vw9SJtYz7ClKETQjrE5dn38A-mkYC2UrJqISUjuIHY8_uSJJyS7coQqkZQyx3zjsdj0hP3Cwc2xXvaf3JbPO7NK97P675ADev-da2R2CFSQlQwW4_mrL9CMfonPdttB8b988SVc8CRbQv2GzcinF2OT3aiHyoHs-vbJGTm8gvszTNS5x3QO1HVVdf0wh3oj0TrPj37FnKRvZtPca1tk-jCAmqHvLJdw5vZCaThQZMEP1Oo3Y7nd0nrOiis5IUkA9sAQsr2LCvhlOrKN3r1lFmJuf6j0YzqhnyPxR6SjCUkcHHU-n2VdD_JO44ZtFN_e0v_1U7RGBX6gQCtjcFmBUJxgheHo6ESgpdWB0n8kTJJIBamlmmG9DF66OY8KTY92oXXU-C0-qcNsW_tTTkyohycnZRdyY3qcCklCfBriKmFawUs-UEDbmDnblEdYeL46oO72rxHo4Legq7AFodOYIKDQUJDA2Gp5vP1B5uJMWWtdKB0oxiu8tlvP-f5nreO1dxCjFJarQhC6vRWv10GQ-TPoAj6CkEd7vW5JHckbkjfH8gMbMpjXlG-zqvsUSFT4FozyAA_FI8GWE6-d2mNNubmonUpg7J-IpY_eEaIHHV7PcL57T7XclM3wCJ0t8NMttYUo0l5qItPwBUM6TBQEFjRcX2YgxYupnDnqYqiVr1BygCpfByidZa3SeQJTs4cALv5kDKefECNevOb6WHH_NbzlrHOdlZfn4nsPbM2wUCkTBZQaxP4Tegg9AX6S76_oNq-GXZFpLDMx_FORCGkYERkiaU_cGc6M1GnUoQoRm95z0tygZkC-3yO48wyjcVV3VNGMWhQyxA6_DnxHfBVfbZp44X531j4CUETh2cStxDmYxk18ihABT7RgY-JsrD_ShC9tuhvNPOYrmLxhUHaKcInQlAMW8gWyynqMXu_0il34Em6sE8omMmuhrdIDeJXlfFee6WIAnORRX2J8RxRrfhBAV8pePdcilgPMA_-g44404qIWR0ua7TfwIatSrgmMtoKEXDAr4IaLEhNFljinq9YQ6cuhkh73cYzl1JiIs-npcGWnZNeuYy2y0R7IZRiHh50o0KF6be4V2pLvj45EjUI1qPrTrJ25xFs5a-KAYyX1ZnVklzmvxaD_S1QuQnIdzhGBPOuM8kx5m8IsmmjokN3rNEyPN1W0RgotYFvwfjPYde3JTOXERubwGNOyvvv2Raf6gMc51PH7jybNNUNvBAPBViNjtU6ej5kdQ0GDW9fkXeAUZjjVFLjnOHoni7KeDWI-1n9Y3_fFIjKJo-HmpAZzJuQaH8Z_gRRk8-GHTIUQO4EL3fogDSxHYDNiIP1Y8B__5aubmPWvI6hCjLN2IsqyQPc56AQrPke2aUH6CzWPO5uWEH84zBMYjPk-F3BnSSYxL8dAaauXb3crJ3egPGGmVMQjk6rUQt27SHv9E-9kI06S0WGcXl4hB5IiJzjhPijswtXdfmvwZ2TnF-EcGEcRrJ0U5yrzrbnJalrIJovWeA_T9CbSd-q0-tqo5MG2aSXbNu-L2xEPFfO7GxNOfz-mlMopxGUqjVb0ZA4T-xm4hcvdWN0gq27WWRSbmMh0RzJpd-IoZJZ2dmXuNskUe3gSG0Qz0FELytbop52u9t4ouDPV4WYQ7cXBwKV6Q04lfg&cid=CAQSOwAvHhf_cnLF__vPgLqkuw_TPB8AEewQh6kMyOcrZKyOgBQgQj7Bdhqm1IJHufI4SzwMvO6iUBf7SiiQGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=14020637837031230000&adk=943508964&idt=84&cac=0&dtd=8

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9700914e6e866ee5c282895e9d78cf38f67e112eba1f6de5fc55b96c9f72f294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19630
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 17AC 0
0 52ms
52ms Fetch
image/gif 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstOom1lU_3_4wGz1Btcp63LKGSgtfRaTsv9m_4hYuthb42SyKNZbzQF8YTjRFZk8oCvSX9Ss3JFwK_M7BZRmI-XCj-b_jLqgu_GlJQbnGmstWCPd71eAahdVg6G7GilQlykRVrABa1hL1SqGYk_0NTxO2cEpHewleuFwgVq-3H8XNFZ0fk6bcyNZGEMuoN7stV3FznpIZMyEaxugLQ2-4DcsZZeMiMYOePxAhtRMquhc7BKrM-5H9IimpAiBjawfUEuu1e8wb5s83tHNF3URDCIq7t_OktGDHvP4YBHAyFhJgDYVLvdlNRbM87EbfDDcbCRrhVIZkHkWOi74xox6nFfGWxbNU6OXYAtRSzvUsE2eotH0moG8_PLP2sJpJpp5gRS-9skbRuYwWHxDnVkBDGmUFWB3zYOFECBJjSSmXx121pQ0pwlHTU26yfpAVI1GMMf5nKJJcxtJHoSs3O_Ml5S9Lp_QICaO59GZCo1GmDavLf7WQF59rpkyTbw6hj70xl-g4eOd8EL6YXVwldOp36Zs0Q0PANVSKylqIHVbn3NIYVT30pq38Fe9eaUwMOmtz7GzGc0tSxJBv87ixfTlNY1q3bdyP50fJobGWIAIFhSaaAp9hbU7NPpm56-MZmfBh5E3CZVYuHgX726pz2HX0thjyFkjQ602z7tkP8ORq-kxlmxbpn1FaNmXKKUPPJZWL9Q4X-MlA4FfRFI2QVRPbhppPyo7LntZt_8PybGVex08i_5BKzuaIx1U-40eydT_TDMrqv0gMlu9N5cCOSzfxsDq3Shkr7GwIiBeSbWROAMD_klfP0YdXREZdvH74r6m4gtmObQ6GBRROWEcmVUavg7b8JtzWjJ4aIJWlhmcZUlFVd0coI4sszz2zR6UvnoQxkeWtVNwzT1eTZZoB6ueVFTYY3uJgr2GmvWPBMBCGWOmVBwrlvhmzo-B9qNHvh8XmOCIopt1n2i1NAwE8xVSBy8gnHxv40tjjKe3l9bYVbrFFUpm0aIF1_PJVmxnPPe-3E0IALXICWvcoPwwxY_VqERmaI3zhjhTav8y5XhvYK0nkb_MAADVmkqssKbmj9S9TUDPzr86KcbAGbF0mAJ20CID_vRw8eMWTeeJWsuxwImu5yyOPaGQhdsPu0A9zoyAsijIeUeEFM1U46-MO9pK-F7Vbs9Sf28xDzhhPLb7ooQyj_OykyXl3oqgr0vFspG9m77CqGMiZ53KQEke6F_mq9hEMRTS2-SMrkdFcX9ix7FhOVhOw3jT2OO4sEm19q7wzENsRT5S-1xkhRPBXq7texxV2N-5ws0FHWaqLE7SpSCoFJ8165ZyeDE3ATktNHH0OCUfZw_VAjbfaR8FV1dBdWv-UYYdZ7ytK_VRIWuVGpezWRLkkz66zR23LMLo-VSgAxkv28P&sai=AMfl-YTvMxL5QB9T7p1vXCnGJ7trd_DXJU6s8f04PmTI903jmAtjcT_mDkA_oQFpjjlU7KDnZGRuetQ_D5Q1DpUV2E5Z06bnwtP3bn7ewwI21BRCg4aLn-wpeO4uo9d8wM8wV_X9pqCyuJ1osQa2Lhf_xiNIce4vTFEtrdCUvTomgM53Fzqoj3OZc7vJf24atd12usXvK3EedPbw9C1DtDUxBn3rA-OXBDR9Hv9c-0ulo3aatkFPXwLTmRN_hSZSuMMt3Cq3UI2_cNSd-20CGVjF_L1qcQR2Wfm7G609embXdym6fCn3p-YyLAxuLnobCN0l1XhjEmf13nR_bYIO5D3ayHsJi86369Bd5izdDKpBRIm8cnrGf9AQiMfOt_ZQvm5PVjI_E2FyGWcp1xPDGcIQsUuDxAmaHRoYdDs7E3u2&sig=Cg0ArKJSzLqeav2wfWsAEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=237&vt=11&dtpt=167&dett=3&cstd=66&cisv=r20240109.63097&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F2AA 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yahoo.com/?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:17 GMT
expires: Sat, 11 Jan 2025 15:28:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 45ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073321677&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamMetric&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&ads_failure_total=0&ads_fetch_total=0&ads_refresh_total=1&ads_slot_right_failure=0&ads_slot_right_total=0&ads_slot_top_failure=0&ads_slot_top_total=1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 200 p
noa.yahoo.com/ 43 B
72 B 45ms
45ms Ping
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://noa.yahoo.com/p?s=2023538075&t=1705073321677&_I=&_AO=0&_NOL=0&etrg=backgroundPost&outcm=gamDebug&src=unknown&site=fp&partner=none&lang=en-US&region=US&device=desktop&colo=gq1&bucket=900%2Cseamless&rid=fssMH6Pv&limitedAds=false&NPA=false&pd=unknown&pt=home&id=sda-MAST-iframe&isRefresh=true&loc=top_center&renderCount=2&status=succeeded

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/aaq/benji/benji-1.0.131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yahoo.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame D1A1 31 KB
12 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:52:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D1A1 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:20:11 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzMyMTYwMjg4NAogIHNlcnZlcl9pcDogMTQ2NTIzODI1CiAgcHJvY2Vzc19pZDogMzYyNDU3NTE3Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame D1A1 0
22 B 53ms
53ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA3MzMyMTYwMjg4NAogIHNlcnZlcl9pcDogMTQ2NTIzODI1CiAgcHJvY2Vzc19pZDogMzYyNDU3NTE3Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTU1MjcyNTA3NjI2OTUyNjg0ODgKZGVidWdfa2V5OiAxNDE4NTIzMTg5NTI4NzQ2MDQxMQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMTIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMjc2ODE3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzU3NjkyMjM1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTExNzk5NzQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwMzE3NzgzNTY0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDY3MDk5OTU0CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmZyIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5wbCIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xb271cf18102622d00000000000000000","13":"0x9afcb3c0665dd02e0000000000000000","14":"0xb47f959261ec2ea60000000000000000","15":"0xe7425dc66d3cf6630000000000000000"},"debug_key":"14185231895287460411","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"15527250762695268488"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame D1A1 43 KB
18 KB 60ms
23ms Script
application/javascript 168.119.66.181
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 168.119.66.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.181.66.119.168.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Fri, 12 Jan 2024 18:28:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AF95 1 KB
645 B 16ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sat, 13 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D1A1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c90e71ec608ca4ca20ac8427d99ac415a8ca762b9bf807c7e7254866f0c9698

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DFD7 462 B
203 B 57ms
56ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNUEQredbHSiJsVD98qR-uEmTD4LGAVT03osKLDOKsWwHGXnDfmcHgjYibyJM41I8Fd-DXX8z_u-0slf04NfcAPD9Od3OerJDM7UKgetyNGbGmsf4m0

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89d538c36cf602eba0a7634d92b4ba8fe05a79bbd7c2721f490bcf993ba3ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F2AA 89 KB
31 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2AA 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYMATBj2HuYmxEy2Kk2Fu94-r4dxua0ovd93nnxsUCoIzCHV6X3Q-hh6KY1i1KZwSrY9Hx8QYZ7OyRO037xo8D93ZrwwyDb5Aj7XWfTPc_TTIStbQ

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame F2AA
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77329995/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015562965&ias_pubId=pub-2305304999188653&ias_chanId=1&ias_plac...
https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
482 B

13ms
12ms

Image
image/gif

2600:9000:223f:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2757538
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: W3z2_jlodP3p-WuUolOKTtCf0J_J44XSHXMlV4g8PSTTx5QBtf7Orw==

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=0&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F2AA 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:26:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F2AA 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 19:20:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F2AA 0
0 22ms
22ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsHnmSHta7jdDbnX0Fm4hY7oWdpnPnrnsAknjViYojE0B7XzOBfJ7TybkGO4XVNPeylHpXf4DqKeSvogJlPIHR4B002Q
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2AA 205 KB
65 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:28:41 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CB7B 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF95
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKR4xbUkHOG2y7j6fBTcJs8&google_cver=1&google_push=AXcoOmQpGAF-0zt1ztvQuSnXmGeBBBBd9mVS62dVadzE1-nevaBrkX0_O1HFOLAJuF45VrnHFfzu_2ulYxKeA...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQpGAF-0zt1ztvQuSnXmGeBBBBd9mVS62dVadzE1-nevaBrkX0_O1HFOLAJuF45VrnHFfzu_2ulYxKeAUiZfmaJJ09nEZFjiA&google_hm=NDNnSlYxXzdwZ0pFY0...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQpGAF-0zt1ztvQuSnXmGeBBBBd9mVS62dVadzE1-nevaBrkX0_O1HFOLAJuF45VrnHFfzu_2ulYxKeAUiZfmaJJ09nEZFjiA&google_hm=NDNnSlYxXzdwZ0pFY0xrS2hsMGQ=

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:41 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQpGAF-0zt1ztvQuSnXmGeBBBBd9mVS62dVadzE1-nevaBrkX0_O1HFOLAJuF45VrnHFfzu_2ulYxKeAUiZfmaJJ09nEZFjiA&google_hm=NDNnSlYxXzdwZ0pFY0xrS2hsMGQ=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF95
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEFVdV-g3M5MuGRf5asNzSDs&google_cver=1&google_push=AXcoOmTTjn0UvrPaOYAeXN-UHOwx4ImpOs7cm1nyDD19mNGELcFl49bvcZEn3BmoYb3IoQfL5lzXO8r0BVz-KF0N1fGNOkJrnnKTCA
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTTjn0UvrPaOYAeXN-UHOwx4ImpOs7cm1nyDD19mNGELcFl49bvcZEn3BmoYb3IoQfL5lzXO8r0BVz-KF0N1fGNOkJrnnKTCA&google_hm=VkV6XzdjY1FRWWNIeW...

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTTjn0UvrPaOYAeXN-UHOwx4ImpOs7cm1nyDD19mNGELcFl49bvcZEn3BmoYb3IoQfL5lzXO8r0BVz-KF0N1fGNOkJrnnKTCA&google_hm=VkV6XzdjY1FRWWNIeWRESWF3RHA=

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTTjn0UvrPaOYAeXN-UHOwx4ImpOs7cm1nyDD19mNGELcFl49bvcZEn3BmoYb3IoQfL5lzXO8r0BVz-KF0N1fGNOkJrnnKTCA&google_hm=VkV6XzdjY1FRWWNIeWRESWF3RHA=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF95
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEFGNnYqO8OPVnoaJYod5omA&google_cver=1&google_push=AXcoOmQGxuVpvAHoIleQuyA0czxGwJwJbiTbOms5Im7EwDOxH4Gbz_GpP9XliEbVRY_9hsUWCxxXEm4zg9sDI9rOXPD6fFxcZ...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&mn_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQGxuVpvAHoIleQuyA0czxGwJw...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&mn_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQGxuVpvAHoIleQuyA0czxGwJwJbiTbOms5Im7EwDOxH4Gbz_GpP9XliEbVRY_9hsUWCxxXEm4zg9sDI9rOXPD6fFxcZcgQFw&gdpr=&gdpr_consent=

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:28:41 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&mn_hm=MzQ4MDc0OTIxMTQ5MTUwMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQGxuVpvAHoIleQuyA0czxGwJwJbiTbOms5Im7EwDOxH4Gbz_GpP9XliEbVRY_9hsUWCxxXEm4zg9sDI9rOXPD6fFxcZcgQFw&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 12 Jan 2024 15:28:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF95
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESENjXAtIiJJP6iZwho-5YX7U&google_cver=1&google_push=AXcoOmR8ezvOioRc13lTgLeYI1AQY_sozL-BTbqccKVEmb5_vxllEBFfe4RdR3TC9XzfObKBZShSvtLfqqR8FVJJoMp79Xj...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR8ezvOioRc13lTgLeYI1AQY_sozL-BTbqccKVEmb5_vxllEBFfe4RdR3TC9XzfObKBZShSvtLfqqR8FVJJoMp79XjEPkyiIQ&google_hm=MjY1ODI0M...

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR8ezvOioRc13lTgLeYI1AQY_sozL-BTbqccKVEmb5_vxllEBFfe4RdR3TC9XzfObKBZShSvtLfqqR8FVJJoMp79XjEPkyiIQ&google_hm=MjY1ODI0MzAwODY4ODEwNzE0Mg==

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmR8ezvOioRc13lTgLeYI1AQY_sozL-BTbqccKVEmb5_vxllEBFfe4RdR3TC9XzfObKBZShSvtLfqqR8FVJJoMp79XjEPkyiIQ&google_hm=MjY1ODI0MzAwODY4ODEwNzE0Mg==
Date: Fri, 12 Jan 2024 15:28:41 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame AF95
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHYypYDpaAj27e23qfUI6Nc&google_cver=1&google_push=AXcoOmRD8Xoh1wTb5QVCoC8Cx4b7ZED9g1lqdSc29I8y9BW4o5WQRpaqMAghygNT3Ufswqs7jjjIQsbssoK...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRD8Xoh1wTb5QVCoC8Cx4b7ZED9g1lqdSc29I8y9BW4o5WQRpaqMAghygNT3Ufswqs7jjjIQsbssoKXl982KYia3RXLuwQXE5g
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

13ms
13ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame AF95
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEl1v5h_oF_9...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ_zp9Y75Y7k3iyo8rrtr8HmT7ZJbMPAeCCwc10LoKKKhiPBuFuaok5oLl6PvfPnt8dD2e33QP1UJbabMgrF2PnyDVBVEC_zCA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

51ms
51ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 15:28:41 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame AF95 43 B
146 B 49ms
10ms Image
image/gif 35.158.60.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAQs2TzxW_g77skkvTDIOiI&google_cver=1&google_push=AXcoOmRQNlfJMHPXRePNv5CnOBwmRArz1nBpJF6JaM8ig9UKSKmG1-hpybNHOpC6QuQUcEagApsUQkKwcKKHyiOYrr_MMTYkXjjuH8w
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.60.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-60-234.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AF95 0
12 B 22ms
21ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxYjjT-4l6h95kDubBwWMGM4Ajmf2WcLNUq1JEvLiCTLn370NTICnjLaeWoBg2wtSqA1ey98d0YA

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame D1A1 20 KB
7 KB 83ms
15ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:13 GMT
server: ECS (amb/6BA2)
age: 358
etag: "64e381d9-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Fri, 12 Jan 2024 15:38:41 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame E4F8 2 KB
1 KB 80ms
15ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 455
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Fri, 12 Jan 2024 15:28:41 GMT
etag: "64e38310-744+gzip"
expires: Fri, 12 Jan 2024 15:38:41 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H2

200

um
sync.teads.tv/ Frame DFD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0

23 B
163 B

59ms
59ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNUEQredbHSiJsVD98qR-uEmTD4LGAVT03osKLDOKsWwHGXnDfmcHgjYibyJM41I8Fd-DXX8z_u-0slf04NfcAPD9Od3OerJDM7UKgetyNGbGmsf4m0
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 15:28:41 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFkSGwWmwJfTpr2qb57X0vk&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DFD7 23 B
163 B 49ms
49ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNUEQredbHSiJsVD98qR-uEmTD4LGAVT03osKLDOKsWwHGXnDfmcHgjYibyJM41I8Fd-DXX8z_u-0slf04NfcAPD9Od3OerJDM7UKgetyNGbGmsf4m0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 12 Jan 2024 15:28:41 GMT
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

sync
partners.tremorhub.com/ Frame DFD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0

43 B
174 B

104ms
103ms

Image
image/gif

2600:1f18:612b:4216:bba5:fc0b:66fa:bb51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNjp5oACMAE&v=APEucNUEQredbHSiJsVD98qR-uEmTD4LGAVT03osKLDOKsWwHGXnDfmcHgjYibyJM41I8Fd-DXX8z_u-0slf04NfcAPD9Od3OerJDM7UKgetyNGbGmsf4m0
Protocol: H2
Server: 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 12 Jan 2024 15:28:41 GMT
server: nginx
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESEEkJsU9Hf2f_QRzZOzBEm-g&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame CB7B 39 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2AA 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3078608547562&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2AA 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3078608547562&version=m202309260101&ct=76&x=1&cor=2490200916699272700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F2AA 101 KB
39 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6p05GfMGTdcnpkO8WsvKFk86mrLYRVOPHXShN-gLkpFn-P9jDC2quoh7DP_-ycJTO8oQT8XPJjY4XUQMXpw5KX-Sp3KM1T-st0ZydhDFpCHpglZEY4yHUXE1HZ0eioEvAHU9IAB5Pjb6wRdyH3y9X31DKLmZ0AJ3-RYAFNaKOlznHxps&dbm_d=AKAmf-CvAIZZe8xjjm5sCQlubdhu4uR4zbKmGIBiXj5MqBFUuL_uPAtKVeSKLRz6z8AwbKWzxNSTS52bAS1xQKtF3OVElgnhcoj_3_s71sY99XbKBwEBW7IM1pzO4xWOjAk_nITI1M1ol_tiXKgbJn1fNj-z2Isp9mRZyuqhojsigv6ZikU5sPF0yHBWVmDpbl4yz3Opqi6SZbb9CPmaQAXe88IpiK4BuNrwMx31h83LQnrq5xj8tL3uF0xcFYJQkERL_DNEZG6-BwO_WsBTIhGLy0fq5Y19m9NXg8SVr8gaolyuukb5wxUUOSyEUa1tqamTDWuVaC05Bt4tV3K9-t1DGrCHfNTpmBR9arLntAjq4io1isMBvdglUSd4Y0-eyqO_mBAdg_NJJzazNHsSParjgMieiR3RbkkGu1wWgI7BARP8Lvwtk8stvc8p368Jj48BA7VEhN-T6XbdRvjd05lBQRsB_IyRn1UlcimzECkvUHnU3WGNvs4odRk25FYWs5xvAcF45EAa2YD0T-iKKWx6qaisS99Dd1Vby2BlhrIOmia8PtlFftRp6X_N6vJ3rIbddftab-a4IUY-DWa9rQrIXkvwMbcnmYkDYMuPJJm3UfxQTL5OZ1CW8RsT45RPZnQJYYI3GGz6f3IZnMYmHfVNA1y43fuh9SICBHgZmcl-qDMKV0tSoNw5hIljj8LrZIVgIiexelnqV9yDYvKb-aYL7ib4hO6_6-UZKoHlOp-8iiwvERIVmEOBR97vC3TOt9Kw_A_1QtA_b84EqaHa8zh-FTH5iCCbzzRJwSzSt3-cfZQ7HerGK_dUYUE-cQVHs-4pX2-ZC-LIcb9iMTBLBHGl3AF3Vt30C__gLefJ2YzqfkTyXMmtMG-A2Vm3UzhHYxcFIWBPY9UME2Z7hQ3ZIgkg6QRuxuV_Bh1vgkeJkP4oBcEn7JxH8u8r2z2S87waaNs21guB8oIBf2pYKNnjdQCHrxKHAKTgd1vYhPsmt-LR6rzPf4l80vqP2ePKB3CMwgYcSKNHWG2iEDcpvmBtsoMrsloJOGzzlPkc6LD0c45UqCTuq1VkLt71ACkLH6eyt61QSVAdm2iljpjbJsJV0UO1lT9GFIeC2hSjwgr1I28W96koHN-LE3WQ6nbzLw5BQkN8HVYs5XIPNANkC30Eaas7p6QEXJVg6DR2GgiXw1CBW12wxB4g1N3UBwZGoQHZllPS8hKVKycEOQHkdIgm-qidZXq9Fa0avj6bLXlf5Xq-ymp-oDwEDTnYSTWzFU8PJk5C4_cyrYStT_67IR65d4tlv-oo7nK9vR0d3bdtgJsZRVF27J0FYRUdh2alTaV6MZmZnNWGLbdxFPugYZA2ueKTHBlvEI6kVd0qPKJytptEnlpzxFPjhf2IfvBHHL-Tk8ydvnTx0bkxUjlKGBvyZ74nnr9YKGU3sc56RrqxIjeamw_26zOAqE-8oEb2JCRtwaN7UgUZzIiRkU_aA9shNK2yaSTX8dTFrGYn6Is_9B6rweJ3ddam5lqHZldIAUfiov-hctRm-Uga952ezhVgUl_Ro4MBGinW36nzaU4f1qCbKiN77bAirKbjtnFem3WGXgAaxQLct5fWfLCSLuCgmV7o6pmlngrsHnawWetx2poudkZ0TPVBjtlmYIQRA4Rfp9hjGyLm3fQpgqT5sxIA_u3TTlRi9H2BCa51dKAwOc2oDzFm-iKMVCVn--NpKbpEnsHLCreosxwP-TfK49DkWbuLb4x5sJIIP5qKCU3Vn-s-f90YzB7ps2WRsZ3zOfz4lAunP-UmemlLFDZDmsZZdi16q0wyv3WnGf_DUqhKGMhoFldSL4N9cjg2AJ-6WdEEoKVV1KADjkZgmQVMs3qiSeAfngOC4qlDeD5EgY4-NFRT88KyjwoKhyVsvHibGepntkOM2x0muVgUCwqxgUiASzzvWwMzIOs8FCDOms7shQibpM51RTcc4O9CM3O1n9Jj0Oh3pzO-JjuPSF8_90gQnvLm7APTVFZW0KuvlZgoA_J7f0CP9C-1KsGhfzMOpE6Z7Xq18D8CmGbT2za35TrwShv43BLktLj-JBkQDVxHvoranQq6sQI_l518qc3pryRKfkJyGp46n8LbtSwHlShhFHJVhQ7aZfduHdssrhONC9pm306sqKUY3Vf9WKi-3Kwi1EqaTOaWV8BxAMKqXChJhud-jLcZSAfsSXQi-Xs-7g1Bl5Q2AQI63f5MdEB0W43CvXKfKi3b0ou-NmPjyhmY4BBrJSLHoVUicWJWjkXiGjDSLt8xY9Iuc5kX8vNfNhS1iC_ZufwtsUjFrp1jAH3CrZbHzR1ib2Qdk_T_5mlwCCyzCd3zm-p8LkRg3glUs8mqaHkTMZqmiho_EYVdqfbVKBKq12ULhfe0SoUrqiSxxYd94Y9Fq1xUrrh2TRefDs7VQ0yl_bgjijgrnE46KxD_p5ZKRne8IK8p1HVCpaeq2O5FNmkVZZQcHOifSluIRJrvx6vnKARXTlPlk4Z6-wdKtozZf1JLSPag5zRWa5aR2iUZui6gSo1isosJ0MwVJMWJU6BNlAjTBS0jZiruHFPUHKfCnPPgzvMCk61QStfhp2mucFIVkjPK4wK8lnwDCrLqpb1FPXaPqSPhMAjagSU68Xftgdhg9XoL2atf-vniY9FQ8bZQRYhfvWFO_7GSDIb0LvBPY8Fu9fyFWyCqaBfhbCtM0ZKNy1tLJhpPa6QSaMuJ3rCdpT-m6yuCUU7teL5lQwXIjun-TnaY5lfgvvs465RZC-HFEIZQdqQfJ2mnEWEFWXoCTBT07uaBhKJdzpV0uIlswd84uP8KIvnH7C3978yHYwzpDVI0aKoD4OcgM-1JvGw6X6zAz_PFr1C0Wh3S4_spbCZIosa7P2u90e3NfPvD6TIUZ6eamAlO-iGgCxoiplcESqsUwNHbkuZvRJea4FXslB0s0nrix_DOHHb2LQK0PLscXFvy8Pw_teQ8VxLuhptn3euhY9lXmrubd_267M5uLntlA__otzSMgQZx6Kop_eolEmPRjZePDAyPVSC70-4c-YWNyb43tGsbbdSAsDPhoAN1-PgzOwDdO7Xn4-ehBP4_S1-l4NBmRO_xHUaasRzwbbZOH-4q-Z9T9hiMbR-WkD39TI_adRV_Nael3U_CWViIATGR7G_0necbeTaKAwvSAPh1-rwZ7BvZnkvwTxjJY3IOfWWCwOXRXAVspdoz9F2uyEjlY44VE35xcw-DQOo_5Py9phcK-W9H3TubMPx4YA9J8bsMMWL1ggYUpKt1iV-0Gol1Z-mRp3WCBSS2YD3qBSyPuHUyzCHhtHey9FM5gV3zBfdQWLHiC8WCq57_raAZ1HXNw3WQi4AGDkvgRJqp3m7w2jzEsPwgo81YCYM_LlWimXUeaCg45k5X_g9_nKi06xF7RC7sVYhElHtHo8eF254ORp-9acS1X9xMsTTV4ihUuGi9ubbxXd-jKQgGESGzfM7lBmxfhu29Gvp-5xBZ9gWxyWXeg_vlUEjT7OjP_-mgRPIcodXDDVIZceqY6lgYEdlOyjPMmrGAeXDViMGMs25dI5C514jdX7Bwjbvj69cusN0rgTZCFtLDvmgdv8mYYSU-4wOa3-ZSriR6yPTnauxUplo-HCC1TFmocz2ewGqIVf72PEoB2cX3umY2fDzm0c92DpZHZdDMnOzlxRYpYL_40RMcFXhCYsrfF6vPzR772BEGKIp4078QZnrchDAPvV0l4h9U9rweyVI2qe7IM7CQRHEF3GNw9nEF8rRoaRZqcqcvnAbx5LuwSI7PAlWfqvSTzzQZYFGG_qNNAar4kfq2zax4K1STht2n5ENcWax0cLKgQ74jwijIgvwBu5M39x6sg_L5GHmS8S4T8YWaHy8wnY_-65VEUTqKON6jmIbElqtj&cid=CAQSOwAvHhf_vNGyvTeEV5IHpINvPz3NFiNTxCLgQ8ySENruoXwkRYQtoB1h2rmnFAYY1YOb8_89ZlV2snAEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fyahoo.com%2F&ds=l&xdt=1&iif=1&cor=2490200916699272700&adk=3690638928&rc=1&idt=68&cac=0&dtd=12

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

400b6eb24d3e6a125be3b1721261d9d98098d213e99d2c1daa0a84f29ca32b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39910
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71EE 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6iE3Ei6vg9QywejVBAByHB497665TQAJ0BtDAg2EPnBSpidL0SrdfCWzK5ld8ay5ynBN2ERBR6DqrbEVXdk3JsWIzxt02EhTXnemcOjR6UngN7UgTM6sv3FdzRPZf2-LMPEqlOmFVcGFgDw__xAY1Z_yy&sai=AMfl-YSnhDs3y6HRqgVb-4tBF_hxp29zbu1tkfJNKq_FTUzlc5TDNva2_ogf1D9AMXo9_xRs8RQCURKlEMjtZ1CwXzmFOiWzxqLrvjooATFSdB6Yb27FBNOwYS-qtbU&sig=Cg0ArKJSzFGCSNqixt-HEAE&cid=CAQSOwAvHhf_LoSIHIjDPkFqKArLAqJuSHUx7FcWQ5jOvTMoISkUZSU8u80125bZziXCxZxk-YBE93wh9gN2GAE&id=lidar2&mcvt=1032&p=572,1132,822,1432&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4244626947&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705073320537&rpt=311&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F53 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRHi1qFqhZZOKMoT81PIPpsSD6A4AAAAAOAHgBAI&bg=!JySlJGvNAAZ1R9vHVUc7ADQBe5WfOG-ArOqkR5kIccm6IkP-evoC9_aCLJSlMS7KAfwpUReaRB2woAsn9ldmtG2-abHoAgAAAQlSAAAAA2gBBwoADUSo_IEEfj_r5JQjtgKZAwfMNWzB0U0eygiM7xMYp0GQhrSRtQ1QLibgfAy5u_-Ngy1Ui_SzL6KtGgh6FxnLroFDobVM78S2Bjf2S27gASArzDRGSbsvyaYTfqr3nTOx424Vd4GBCdY_cAi2nwq0LLXzGagdLK2_dhFSVPp912dL3ci_tFXCR1SGVYxDsQirDA1q1oSizn7WLFRLpmEpx7CKGCnn3PGjfRlOgYipkX6WC7J7zJmbjKamwQaJZySIlIKItRH_gilztc43bMoJJm4tKvwQVLDX6q8FmmPYDptLgHn1hyhuUHw1f2x2WyUec--EnEEr2GS-pr4AQbmeSPRslKgHAnUJq3o5F8-Jg_qjOGvz7-ZS8ztoDWdMyvFSwu98VgUNRN3K0ZWo0qOh3TTBSs28tAH0eJ0hria0L5BgiyeuzRl3ddSHyvavZJZ0DkiqT2U5KOmycZMdeTp7idgTz57GwGmtw7tJxyRibtpht-9JWj7mMO-Ssy7x-gZz4A-AumeTMe11ayXCwJDt0lLMbHhrRViz9ja25UOqNz7tPM96sMYPpJbFu72f95j8FAhHxSjENSw7XnK28cxoZOERc_Kd4QNx1MtDZmFV5Wrjq6jFzQzvnziyohcyOIsT9y_V7q--1KZcukgd6ndSAjAvnqeT7zxbqud9D2CK0sKKRwvvwl5G7O-qT2r2kYcFDtGor3GkNpOBKzI6qMMBhSS8_unwzL3-y3TdNAAvURky2xwRuf0XHsd3Ta_Y6ADAy_KztXSGSAYtOC8LT8rUuM_oF3kb8YsiR8isdvOc3NvoRHSxifrjQVYeZRzwMl551qnZokT26YQkAJTtqHE56uFwf2X-qGRikSfRtrualM6fFHEXJ6AukGE-C9v61sqbi1lKqt3xBSOxHKZeICSNzmuhW-f21YMAlgmleNyXrJWJjALMM6PT4dxtq0vH2vVmer4Qhojkl3A7aNY7E9yLY357XQ2zE1U6vW7ODLadMn9cV2mdbPhhV-1pqZ4OpQzI5vRtmyLyiDpvu7EAyuLFIaGIh68WYshZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag236630 Show response
ads.revjet.com/ Frame D1A1 252 KB
41 KB 27ms
26ms Script
text/javascript 168.119.66.181
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236630?_plc_id=111757016&_key=e8d&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCBaxEqFqhZZSKMoT81PIPpsSD6A6nxYC8dNLb3LP6ELv57JCCAhABIMGCi5oBYJWCoIKwB6ABuayQiynIAQmpAh9uiy0rZrI-qAMByAObBKoEmgJP0JfdHyaqQJIkwHvP9-xlDW6ffUxWmpADPxne7dnWuMNNdf8v6w53WHl4mpPvOuG3HhAMOImO-XerkSDb2ULtw4g9O7CJOUj1IXQRrH2ssAq3QhRbMIwr204sWHTlA3vfcK5hSReT5hxc00p7oB-yzgqjtJOY3wE2t_q7fO0CWiZSfHdjFzVp9kqfvfYxOpEIe6G_SvgE_oT_arff6AvHxRNmBFk2jywP4kIYRqZvJ5OkssTZ6DLpNJGspRJMNh7hPT0PjOWJGesxjHUCTEGoyB-kH1AFayprNNIJq6ufUqV-Q__6qXvMmU5lb58vjGDjrmOCw3oJKlYz9xb7gYjIrq3GJ9HN_GoW-Eeh0gTUOHTAHw_aXbrCYpTABJ2nq7mlBOAEA4gFjIyj2EuQBgGgBk2AB7nk4OoDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY4-rnjJXYgwOACgOYCwHICwGADAGqDQJEReINEwi7ouiMldiDAxUEPlUIHSbiAO2wE9u8lxbYEw2IFAbYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_cnLF__vPgLqkuw_TPB8AEewQh6kMyOcrZKyOgBQgQj7Bdhqm1IJHufI4SzwMvO6iUBf7SiiQGAE%26sig%3DAOD64_2oMjbUuuBFnJeFD9MiOgePrpy_MA%26client%3Dca-pub-2305304999188653%26dbm_c%3DAKAmf-D7n95Ix9AjQ-mjE8-6DCltxs299PmuCCzYNnc8b8ts9Mh5TeQ9xMuERQasPSM1gQT-m728QLVpmRhyg_adIsvajXADrcN_9EaS0ijDqGeqClEWF-AyEx0o4KiR4KLpsMo3fbelGCXR1_wbcRMTHMEBn3fFmVQ5qGp2wVYM3_JkuQ1Tb6s%26cry%3D1%26dbm_d%3DAKAmf-A1ELRU-I9BYVQYp0lGPiosHKcCjpc2QEXG4cI_ZKVXiTfDEBsaMfjcckmHHxsTdmyXzR_4909U6Idpj8KRdGhGfY3a4UnKKmkvcCwFVw1HCas5J6FtB4Jmft4roKtHW6p-R9XTGQ5aCwX7hlmEtvz773BCAo8VGxCOMdpdxYE_sTx_EPKN83zy_IkD18WgvAOVYZfCkR2nZcZBjPrHWBnddmjYscfWh2cg4h18cF9eZmuwZcRmEOQjkpvHM2CVWQFQooAhgRQ9Fz5-UctNsOlN6kGXsxpYI1fGhmOIU8uYSGoER_FWvWdA6kSE5hKN4sK7n6cVa5KrptE8fyz3x3F4euz4Bx3U99wcFA_VHbmt8UK-SCWh3m4Q_zwoXP_7McsNLiaCnmdBTFlFk82YkGlUrWQ-5_EAQGQvN_h3CXUMtembarMVINE9Y34NtZJlIIIVjhIQ11py3K9gon8TlJ1WofOtjZ5xaLxdm1oNMajk6UkdpzSry-VRMFi7Cn9tqCDQgPwNchrXlMwSaBvCgWg60lrdzKCP2M9xExsMOnLv9eRXlO6vPnrXGQMMR7-uXfrY6ksX%26adurl%3D&dv360_cmp_id=20317783564&dv360_li_id=1013520331&dv360_crv_id=467099954&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fd7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fyahoo.com%2F%3F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=ae18b117c82d7220e04_1705073321943&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fyahoo.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1705073321949
Requested by: Host: yahoo.com
URL: https://yahoo.com/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 168.119.66.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.181.66.119.168.clients.your-server.de
Software: nginx /
Resource Hash: f9ec62a047ea070a77925d31627f7ffd01f3daba083a6017fabb9b225bf97758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56670
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F2AA 172 KB
60 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 11:58:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame F2AA 11 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame F2AA 31 KB
12 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:52:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F2AA 41 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:20:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 44D5 1 KB
648 B 16ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Sat, 13 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F2AA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78cccbbc170772adea62503d527562217c744233c7520ddd7bda8ccb513aad09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BB5A 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 72511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:20:11 GMT
expires: Fri, 10 Jan 2025 19:20:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13605343744850012072/ Frame 6CFE 30 KB
5 KB 25ms
25ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d64f8363e9fe274098d3a8744fc70607e0482d5cb955b65a4753d04673bef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:28:42 GMT
expires: Sat, 11 Jan 2025 15:28:42 GMT
last-modified: Wed, 27 Sep 2023 08:55:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2AA 0
0 60ms
60ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP8AJUQAB_UQRIRt6Y-q-chJ_KBDG-ryJHRlTnkqPDdDM_6gQ6lIDr-FsS7zVEDlc2HRSuEVHlLUiFYUZ3h3Xp8ir0kB82wYjUSiLByy7KzsrdsIeXyzPA2pWw4QBsLBwGn_J_y77j7PUsnwyU6j7LBrGZPilrLLMeC6rJGKsNhnDYsM4GcI2nsIrj8HmEpYF0FMChkmrWuiveDwa35G0-o5tL7n3inDM2FhmEMLOXtATnFNUojF-07f4Jr4qlL6T32OfVxG4AHHRFeC6lSVr6-acFGRXzvAFWqlfOqxiPzBRTZvWsd0m9gqYhKZo_aSzp_a44G62qcR-Zurnc45yaw3iY1pUBsha0bu1yh8_EFQiGq1m4-uTeCMoOfaX_ji3rThAfdhc5lZIkR_i-c3KEYNVwXHZlMJzk36zDvuqiqmBirsz0-QHgrXJsWPhBoTm4FYoTQqySC0zyhjj8PStnr1rBnnZREBZCmRch7GO300v5Y9FdFUJFbk15j1dQTFjS_32YVrvJCM27pOjiOTtPvttHuVVwPWEsEktrNR3JRivuhwDhAzC58VnwTsnkZ-ojUqFITyxOj_-Rd9NkOmTexr2PED0z-jkpD1xfiyi9_lr1b6HocnxNInncfZVEYUOvkyQgDcrxirZ9CsV1bI6vfGYPKzp-E7wZvtCfoVAhYpXizXQ2JV75K7rGDrNGERo0pGdGEwqLA1mde83WiUkrXmJmzMRPHBGDnn5QZK7dWoiN5RADwQvwvRg4FQZ1wOso9MyBt-w81XJbx6UD75zbuxzGTXi-uZI96TUP_W6U9AOINcQrI0_rlDvOyeROqq7w7rRcs88qBF2rl2pVdkRLQTrxi19wAoxOK1lnZo6SL4uzPnoVmcV9o4wqe1_iaj7EUH0XgU_BwMW5CREIk-SOoIce3GEm-_d6Ki2s74GJTkJ-FMGRgi_v5AUBvX5RKnrEEUGS_OKVdUJJX5ZF6PzTb_fQHAw8Nk_QY-7k0RsBFXQicW17lVK10ZbIFIBljZOgLbJWzAXrj_COFYeGrCye_6CeogAZyhvrOXMBdeAqtFLr15hPVBGQ8cs2_bTAakQ-b_LDprHoBLO-8egfFLNSstxnhronxce09j8y7XFMXVkjUSqSdrIxblhxAaZc_G6Z8xvGHMR00Gty7Anzb2OlkfI_vJAPI8C7bqPrv3hRbrt5eUel_gPIZJ0goGkZhiAH4DjSWmUkul9pzlMPg39e0AFPHWdrWxw13eTMbnTzgVvvc19MnwWa1ACsQRX_VRiFzRVfdKoyUin8ovQT4PpITqoS2v-H0-hfEWmQlejp5wc2KvU7pWYbr2k6gp0Q5hxSezrn4R-rxxsCq1Lp5fB0MUYhg96yli8FuaIsbBOQgg&sai=AMfl-YSsmra21f690SdIWWrL_DJloEcfIulcubrN5JoguLTfLva0VxI7i8oox5zgrMqezSO4aAWgv5-zeUfZTQkUwbPfonC137u3jW6GLidZYLagkyvLUgy-0pQIIgHpP_a5TYeb3EvVLeXmJrUXJrGvsJneUSnrsZicjcf9Pi3TxwhQOOEzx6JYtTyKet8uZ28Q8or88hYFHjx4aXdiUV9e5ERiwtCAWVYJ-g0NjpwXCDGvo4GSk7f8FzvqBs6xK3jDyOps&sig=Cg0ArKJSzPp7RsOyw8i5EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=130&cbvp=1&cstd=109&cisv=r20240108.65762&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 event
skydeutschland.demdex.net/ Frame F2AA 42 B
733 B 39ms
38ms Image
image/gif 54.246.204.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184943439&d_placement=383211463&d_campaign=31191216&d_bust=4231879536&gdpr=0&gdpr_consent=

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.246.204.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-204-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-052072f40.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 5uYKs3XCRJY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDFKTydRY7nwZHa7bcmY14k&google_cver=1&google_push=AXcoOmTvgQFjQrK67YSt4FyGT2Qxy8ywpk8wm_bFeatYPvnBm8LenzjNIqBv21vMmaAzKdTDDWRpQdj8Vkm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvgQFjQrK67YSt4FyGT2Qxy8ywpk8wm_bFeatYPvnBm8LenzjNIqBv21vMmaAzKdTDDWRpQdj8VkmxJyHB9p-vcqgvI4Z6&google_hm=jjNhljSbT62gQgPLVyR2W4M

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvgQFjQrK67YSt4FyGT2Qxy8ywpk8wm_bFeatYPvnBm8LenzjNIqBv21vMmaAzKdTDDWRpQdj8VkmxJyHB9p-vcqgvI4Z6&google_hm=jjNhljSbT62gQgPLVyR2W4M

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTvgQFjQrK67YSt4FyGT2Qxy8ywpk8wm_bFeatYPvnBm8LenzjNIqBv21vMmaAzKdTDDWRpQdj8VkmxJyHB9p-vcqgvI4Z6&google_hm=jjNhljSbT62gQgPLVyR2W4M
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELrZgGbdBkCxItWHX1uFdSA&google_cver=1&google_push=AXcoOmTQpEIQ0Mjf1UGM8iPUP2GvjeB0QtJ2EZp5coZQIgwPlWMCFM_0_82ZlIVVLPBqq8E6yrcbY4j7fSm0G7...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMzIzNDE1NTI3NTU0ODgxMQ%3D%3D&google_push=AXcoOmTQpEIQ0Mjf1UGM8iPUP2GvjeB0QtJ2EZp5coZQIgwPlWMCFM_0_82ZlIVVLPBqq8E6yrcbY4j7fSm0G7nbBw...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMzIzNDE1NTI3NTU0ODgxMQ%3D%3D&google_push=AXcoOmTQpEIQ0Mjf1UGM8iPUP2GvjeB0QtJ2EZp5coZQIgwPlWMCFM_0_82ZlIVVLPBqq8E6yrcbY4j7fSm0G7nbBwuKRruXZRJg

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyMzIzNDE1NTI3NTU0ODgxMQ%3D%3D&google_push=AXcoOmTQpEIQ0Mjf1UGM8iPUP2GvjeB0QtJ2EZp5coZQIgwPlWMCFM_0_82ZlIVVLPBqq8E6yrcbY4j7fSm0G7nbBwuKRruXZRJg
Date: Fri, 12 Jan 2024 15:28:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPURSNBpocViiytgrxCuRgI&google_cver=1&google_push=AXcoOmR_0ywx91-RTtdh4x7s_7idIxo_FndweaSsaW20CBiSMkGY5AG5SbsEIdl9xZd9QYkCFsx9EG6ZoMZ...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmR_0ywx91-RTtdh4x7s_7idIxo_FndweaSsaW20CBiSMkGY5AG5SbsEIdl9xZd9QYkCFsx9EG6ZoMZ1vjcdZYp4gjA8Sl8X

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmR_0ywx91-RTtdh4x7s_7idIxo_FndweaSsaW20CBiSMkGY5AG5SbsEIdl9xZd9QYkCFsx9EG6ZoMZ1vjcdZYp4gjA8Sl8X

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmR_0ywx91-RTtdh4x7s_7idIxo_FndweaSsaW20CBiSMkGY5AG5SbsEIdl9xZd9QYkCFsx9EG6ZoMZ1vjcdZYp4gjA8Sl8X
Date: Fri, 12 Jan 2024 15:28:42 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELrW9amwgzLm6Hy78wwxuPM&google_cver=1&google_push=AXcoOmS9C9HJfMqGx-zG1Bf7XINBSrvjdA-X0ktYqT00O5E3qH-ZlTaslZESqwW3rUdNSGmeN1MjGO2J...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmS9C9HJfMqGx-zG1Bf7XINBSrvjdA-X0ktYqT00O5E3qH-ZlTaslZESqwW3rUdNSGmeN1MjGO...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmS9C9HJfMqGx-zG1Bf7XINBSrvjdA-X0ktYqT00O5E3qH-ZlTaslZESqwW3rUdNSGmeN1MjGO2J5_PI_uR1peou2UfhkrY

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDI1NDA1NTA2OTU1MzkwMDk3OA&google_push=AXcoOmS9C9HJfMqGx-zG1Bf7XINBSrvjdA-X0ktYqT00O5E3qH-ZlTaslZESqwW3rUdNSGmeN1MjGO2J5_PI_uR1peou2UfhkrY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC8roCxpD002UriVGit3SkY&google_cver=1&google_push=AXcoOmSwYXRnDF5pbGeByQPVjHUUSUfSEd0WUcRzX0Qx1anOtkkMTUUFjGJ2N-FBZPHE-neXNvG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBU01SSFItMjMtRkJZOA==&google_push=AXcoOmSwYXRnDF5pbGeByQPVjHUUSUfSEd0WUcRzX0Qx1anOtkkMTUUFjGJ2N-FBZPHE-neXNvGY6hvZz7rbP8wmMDEPG-YMQrw

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBU01SSFItMjMtRkJZOA==&google_push=AXcoOmSwYXRnDF5pbGeByQPVjHUUSUfSEd0WUcRzX0Qx1anOtkkMTUUFjGJ2N-FBZPHE-neXNvGY6hvZz7rbP8wmMDEPG-YMQrw

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJBU01SSFItMjMtRkJZOA==&google_push=AXcoOmSwYXRnDF5pbGeByQPVjHUUSUfSEd0WUcRzX0Qx1anOtkkMTUUFjGJ2N-FBZPHE-neXNvGY6hvZz7rbP8wmMDEPG-YMQrw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2 200 us
sync.go.sonobi.com/ Frame 44D5 0
324 B 105ms
104ms Image
text/plain 2607:f350:3:2569:0:10:0:c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRONqR35U0_eXNppGOed7M8uzwaHvuHA2ERMJehWEOM-y81S_4sL07vLAxJ7BlwBEl3jwfcQzm-7Jq3u1q9__xm03EE243T%26google_hm%3D%5BUID%5D&google_gid=CAESECifBvUZiljFWFe6V0F0giQ&google_cver=1

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-150
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D5
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBupF1kC-OId9QjJTNjw2p8&google_cver=1&google_push=AXcoOmToW5pyCK4Jp...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzIzOTQyODUxNjU5MTg5OTEy&google_gid=CAESEBupF1kC-OId9QjJTNjw2p8&google_cver=1&google_push=AXcoOmToW5pyCK4JpmFAaAjzK6k8S-QK2tC5u8k-mG...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzIzOTQyODUxNjU5MTg5OTEy&google_gid=CAESEBupF1kC-OId9QjJTNjw2p8&google_cver=1&google_push=AXcoOmToW5pyCK4JpmFAaAjzK6k8S-QK2tC5u8k-mGb_T2BNzNtQpB1r1dhnmqm8qRucRjYJLEAsvW2KqPAyhN29Eoi7epluKoP9Dw

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
an-x-request-uuid: d3be4461-5b7f-4354-a6cb-f68aa61c353a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzIzOTQyODUxNjU5MTg5OTEy&google_gid=CAESEBupF1kC-OId9QjJTNjw2p8&google_cver=1&google_push=AXcoOmToW5pyCK4JpmFAaAjzK6k8S-QK2tC5u8k-mGb_T2BNzNtQpB1r1dhnmqm8qRucRjYJLEAsvW2KqPAyhN29Eoi7epluKoP9Dw
x-proxy-origin: 178.162.209.131; 178.162.209.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 44D5 0
12 B 26ms
25ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IG0bWnS0x2KezF0avKTWTuGYxGI8cKECu6TLPP4dILQ3eEJBnjbPpw4vxlQcGNy-JkBUMe2Q

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 2DF2 169 KB
50 KB 61ms
15ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBC) /
Resource Hash: f6246ebe302e91d6fb04472e2b5e7aa5b75bf992fb24cbfa3a7c5b5a7bb6a037

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
last-modified: Fri, 05 Jan 2024 21:15:22 GMT
server: ECS (amb/6BBC)
age: 338
etag: "6598716a-2a507+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 51154
expires: Fri, 12 Jan 2024 15:38:42 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 2DF2 56 KB
15 KB 13ms
13ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (amb/6B9B)
age: 512
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Fri, 12 Jan 2024 15:38:42 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 2DF2 43 B
170 B 150ms
42ms Image
image/gif 95.217.106.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=597ce992f8e8e866afbbe8253c1a0f28&__adt=8240603339759740234&__ade=1&vid=5110160631442057187
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.106.24 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.106.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3

200

B29255022.357498595;dc_pre=COn3vY2V2IMDFUeS_QcdIkQJ1g;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1705073321966
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 2DF2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17050733...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=COn3vY2V2IMDFUeS_QcdIkQJ1g;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_chil...

43 B
64 B

39ms
39ms

Image
image/gif

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=COn3vY2V2IMDFUeS_QcdIkQJ1g;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1705073321966

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498595;dc_pre=COn3vY2V2IMDFUeS_QcdIkQJ1g;dc_trk_aid=548523481;dc_trk_cid=185255539;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1705073321966
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2DF2 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 2DF2 470 KB
470 KB 43ms
16ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 84829
x-amz-request-id: CR47366306N41Z09
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: OCplrt4cC5LIufevczgcMJvJTcbjWb+JCyL8bhRqV+pLX+x+Lz8rDb6zXrwtV5AoO+HrcB2Nb2M=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 13 Jan 2024 15:28:42 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13605343744850012072/ Frame 6CFE 5 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46072ff450e58861395db6f972ea897ef9e4869c2779aed03527b5b0f994bbb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:58:39 GMT
date: Tue, 09 Jan 2024 08:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1757
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 08:55:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 6CFE 120 KB
41 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 07:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 07:58:53 GMT

GET
H3 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6CFE 69 KB
27 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:28:42 GMT

GET
H2 200 es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9iRGltPTMwMHgyNTAvd2w9MS9yPTAu...
evs.euw1.jivox.com/trk/73/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/ Frame 7DA9 43 B
229 B 30ms
30ms Image
image/gif 34.251.108.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/73/206467/2000/160618/16d96d7524bb47d/20/jvxSId_1705073320.6555/es_pId_989d645/es_encParams_L2FwX2Nvb2tpZURhdGFfdHlwZT1tYXovYXBfRGF0YVNpZ25hbDE9MjA3MzYwNzA1MjAvYXBfY29va2llRGF0YV9pZD11MWE5VGE4VkFUTEcvYWRiMS1rZXk9NC9hZGIxLWlkX3ZlcnNpb249MzA0NTJfMS9iRGltPTMwMHgyNTAvd2w9MS9yPTAuMzAxNDIxODY5MTYwNjQ4Ny9lc19jZ05hbWU9TWF6ZGFfSFRNTF9NYXN0ZXJfR2VybWFueSUzQW5zYyU3Q01NRF9sYW5nJTdDREVfY3R5JTdDQVdPX2F0eSU3Q0Rpc3BsYXlfZm9ybSU3Q1Byb2dyYW1hdGljX21vZCU3Q01BWkRBX0NYXzVfbW1vZCU3Q01BWkRBX0NYXzVfZm4lN0NCb25kX210YSU3Q0dlbmVyaWNfY3RhJTdDRVhQX2xvYyU3Q1VyYmFuX2NvbCU3Q05vK2RhdGFfY2NvbCU3Q05vK2RhdGFfZmVhJTdDdjFfY2dpJTdDZmFsc2Vfc2l6ZSU3Q0FsbC9lc19zZWdOYW1lPURTUF9VcmJhbg==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.108.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-108-160.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Jan 2024 15:28:42 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame BB5A 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 2DF2 33 KB
33 KB 30ms
30ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 110
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Fri, 12 Jan 2024 15:38:42 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 2DF2 13 KB
13 KB 30ms
30ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
Origin: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 77821
x-amz-request-id: 08R0ANM03GC3TXN7
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: J57pdftAW7/sRF94SmsB+xJTG77Gcs9mCF3n56wfF1Kc6mFt9tzEwHFpZlDRNmiw/cFbuxvOy8I=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 13 Jan 2024 15:28:42 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 2DF2 286 B
562 B 18ms
18ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 60631
x-amz-request-id: ZANCJ161JYGZKD0K
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: 9IAS7qDM09tI7tABtQbKRVk/fqxKcs2THT/GqChSjTMvTg52Fp0pfi1H2vuyZQom61Tm1LwiFts=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 13 Jan 2024 15:28:42 GMT

GET
H3 200 CTA_FX.png
s0.2mdn.net/creatives/assets/4736540/ Frame 6CFE 519 B
556 B 17ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4736540/CTA_FX.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8e59c22f784ae124e2e4ea700d0361f147c5e67417abb1f845f49082190111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:24:22 GMT
x-content-type-options: nosniff
age: 260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 519
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 12:50:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:39:22 GMT

GET
H3 200 sky_bold.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 6CFE 28 KB
28 KB 17ms
17ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcda08a8d45d378df4fdeafd2529f3c7521d3e9c3a4b12daf2fe2c919940e57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:15:07 GMT
x-content-type-options: nosniff
age: 815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28672
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:30:07 GMT

GET
H3 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 6CFE 33 KB
33 KB 17ms
17ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:14:03 GMT
x-content-type-options: nosniff
age: 879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:29:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB7B 0
28 B 52ms
52ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bujt5qVqhZYTmJLGN7_UPxMGqwA0AAAAAOAHgBAI&bg=!DQ6lDkHNAAaumcC-jpk7ADQBe5WfONUSJdqFyl_kmpliP5W7rIzLel1jLNCQHTpAGBOqVNOQqmRjDNd_IBsgxuh_2yDvAgAAATZSAAAAA2gBB5kC_7H85WobVEQQrs50xxzsKGot9UvjayP9H2N02yHpz4uSOo5IFMKB3HNvbgKCKR2jmTp7Jceud-mjiOFlExkMS1tYCTMX6EOz4NGuGrBK4ybXGd581d3ZuPuwBY3Ro700ymj1s-85mfKMlujB3W3qK1wNb1OnTq5bEgmN7LCHkMgOG4sif742IKwJ53gP1ww_Wn6Y3prE7H2WpSsOEENraJYDbsw3N3oLFucQTYG541hcvpkAXrLfUo1KlbnH0-2GHTWR5RWFW8G9mrEamzRzR2ZCkYJ8vcUy6VVE-oNeeZP7CUq1Ceq3byYIu0ry-ojhViZefLnHDvr9tw3a5XnhCxp9UsW30MqFDh77McwE-OVl5H1mSf6rw6q5-_mwCHL2pRrfbuoYd3q6dlfcV8njSnZkHyqNZFLx89NaeRtnxDMQiF0Oq_h5NkvIIa8Tb8WtC1oIQVk22wdp7PyySo-ZxKbbaxcuPTVg91EukKAktYSpNNgxtkHFtusEJj6nKJhccH5uPu7TuYzUZRc5fNaWEfxZD1jH9I7cvBAjGTncwws01GBdM7bgAgcps2BHq-xMbLwFxr8pdLg_ZR5vzRRkWulj-zYH1R7IbCNOy6uMn5IjzhqkVOCjx_gNNbmk-gf-ucdPqDchk59mtKgix-TTNPNY30Kd-cg4ADXFZ52YZmNqEbw2itcvLq7tLSV_8__yuGtNdCB0r89Uh0fpzxGbarZo6ADgoiEO--bgQlH2vs67JnSAgsBlgRGeauJxOHeGVeDUbL7QZUZibAvO2mbHuE4nRpJ7gvCR0gNBCBLknD8nMb9NZQ9flZeuiedzq-QpYJIntoa8ov8b2lmRq_yp34oIY38hm1vwRcIlQHD6QlE7YaFUDcJ2_ehrBBzxYVyPK11QJQUD1YP8STeKQTfcR_Q1UC9o0XVKOFZSB32pgG0rk5L2CvLYB_IuTQaPrbUCd5lvMEpnbjUxVG5OsR5UHNLObqDnrfPDniTWfV9cyZYb51LZqZup2pkjIZojfs81

Requested by

Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2AA 0
0 53ms
53ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP8AJUQAB_UQRIRt6Y-q-chJ_KBDG-ryJHRlTnkqPDdDM_6gQ6lIDr-FsS7zVEDlc2HRSuEVHlLUiFYUZ3h3Xp8ir0kB82wYjUSiLByy7KzsrdsIeXyzPA2pWw4QBsLBwGn_J_y77j7PUsnwyU6j7LBrGZPilrLLMeC6rJGKsNhnDYsM4GcI2nsIrj8HmEpYF0FMChkmrWuiveDwa35G0-o5tL7n3inDM2FhmEMLOXtATnFNUojF-07f4Jr4qlL6T32OfVxG4AHHRFeC6lSVr6-acFGRXzvAFWqlfOqxiPzBRTZvWsd0m9gqYhKZo_aSzp_a44G62qcR-Zurnc45yaw3iY1pUBsha0bu1yh8_EFQiGq1m4-uTeCMoOfaX_ji3rThAfdhc5lZIkR_i-c3KEYNVwXHZlMJzk36zDvuqiqmBirsz0-QHgrXJsWPhBoTm4FYoTQqySC0zyhjj8PStnr1rBnnZREBZCmRch7GO300v5Y9FdFUJFbk15j1dQTFjS_32YVrvJCM27pOjiOTtPvttHuVVwPWEsEktrNR3JRivuhwDhAzC58VnwTsnkZ-ojUqFITyxOj_-Rd9NkOmTexr2PED0z-jkpD1xfiyi9_lr1b6HocnxNInncfZVEYUOvkyQgDcrxirZ9CsV1bI6vfGYPKzp-E7wZvtCfoVAhYpXizXQ2JV75K7rGDrNGERo0pGdGEwqLA1mde83WiUkrXmJmzMRPHBGDnn5QZK7dWoiN5RADwQvwvRg4FQZ1wOso9MyBt-w81XJbx6UD75zbuxzGTXi-uZI96TUP_W6U9AOINcQrI0_rlDvOyeROqq7w7rRcs88qBF2rl2pVdkRLQTrxi19wAoxOK1lnZo6SL4uzPnoVmcV9o4wqe1_iaj7EUH0XgU_BwMW5CREIk-SOoIce3GEm-_d6Ki2s74GJTkJ-FMGRgi_v5AUBvX5RKnrEEUGS_OKVdUJJX5ZF6PzTb_fQHAw8Nk_QY-7k0RsBFXQicW17lVK10ZbIFIBljZOgLbJWzAXrj_COFYeGrCye_6CeogAZyhvrOXMBdeAqtFLr15hPVBGQ8cs2_bTAakQ-b_LDprHoBLO-8egfFLNSstxnhronxce09j8y7XFMXVkjUSqSdrIxblhxAaZc_G6Z8xvGHMR00Gty7Anzb2OlkfI_vJAPI8C7bqPrv3hRbrt5eUel_gPIZJ0goGkZhiAH4DjSWmUkul9pzlMPg39e0AFPHWdrWxw13eTMbnTzgVvvc19MnwWa1ACsQRX_VRiFzRVfdKoyUin8ovQT4PpITqoS2v-H0-hfEWmQlejp5wc2KvU7pWYbr2k6gp0Q5hxSezrn4R-rxxsCq1Lp5fB0MUYhg96yli8FuaIsbBOQgg&sai=AMfl-YSsmra21f690SdIWWrL_DJloEcfIulcubrN5JoguLTfLva0VxI7i8oox5zgrMqezSO4aAWgv5-zeUfZTQkUwbPfonC137u3jW6GLidZYLagkyvLUgy-0pQIIgHpP_a5TYeb3EvVLeXmJrUXJrGvsJneUSnrsZicjcf9Pi3TxwhQOOEzx6JYtTyKet8uZ28Q8or88hYFHjx4aXdiUV9e5ERiwtCAWVYJ-g0NjpwXCDGvo4GSk7f8FzvqBs6xK3jDyOps&sig=Cg0ArKJSzPp7RsOyw8i5EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=373&vt=11&dtpt=243&dett=3&cstd=109&cisv=r20240108.65762&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71EE 0
28 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3856768142493&version=m202309260101&ct=77&x=1&cor=17375978755074718000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 2DF2 43 B
169 B 42ms
42ms Image
image/gif 95.217.106.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=597ce992f8e8e866afbbe8253c1a0f28&__adt=8240603339759740234&__ade=1&vid=5110160631442057187&__clstampdif=329&__stamp=1705073322387
Requested by: Host: d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
URL: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.106.24 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.106.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 249247421_uc
cdn.revjet.com/s3/csp/1702543564732/ Frame 2DF2 19 KB
19 KB 14ms
13ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1702543564732/249247421_uc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA0) /
Resource Hash: 260a53b00d7d96a734bab50f6fa6164c0043edbff94ccbe773175302068e051d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
x-amz-version-id: V3SEOJNV3ehDQngrqisN_qeQrxqkwXX2
age: 58032
x-amz-request-id: S6ZQ1N5595RW9T7R
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 19230
x-amz-id-2: R9GSwA4ZwR3moPs8e1HA6tJtCTpeIXAgNEAEDk4hhf9D8TS0eIDne99p7msfNOpJYpWIICdPOiw=
last-modified: Thu, 14 Dec 2023 08:46:07 GMT
server: ECS (amb/6BA0)
etag: "b0cdf7db940df01f516edf829e67e1dd"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Sat, 13 Jan 2024 15:28:42 GMT

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 6CFE 27 KB
27 KB 22ms
21ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:20:30 GMT
x-content-type-options: nosniff
age: 492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 15:35:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6CFE 8 KB
6 KB 55ms
55ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbdbae963c3fc7df68ecd97698c63ec13cceaeb8c76519097461a74f0bb79639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5824
x-xss-protection: 0

GET
H3 200 DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 6CFE 45 KB
45 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db8feafd6af3d4d57cf32077151974db17993016ec90953d027f08ca0a8198e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:01 GMT
x-content-type-options: nosniff
age: 282701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46432
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 09:40:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:01 GMT

GET
H3 200 DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 6CFE 64 KB
64 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg_1694770760072_DCO_Residential_Sky_ist_wenn_Q_over_IP_970x250_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80819880082b2da6970a20108373fbeb7a2eeded83bf90a7c95d6f3d2346443d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:26 GMT
x-content-type-options: nosniff
age: 283216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65487
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 09:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:48:26 GMT

GET
H3 200 blank.png_1672924800548_blank.png
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/ Frame 6CFE 95 B
131 B 22ms
22ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/4736540/blank.png_1672924800548_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13605343744850012072/index.html?e=69&leftOffset=0&topOffset=0&c=KI4pwuUqP3&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:43:59 GMT
x-content-type-options: nosniff
age: 6283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 13:20:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 13:43:59 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 2DF2 632 B
651 B 14ms
13ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 59544
x-amz-request-id: P5PFSJDBN09PPYZ3
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: ppn5IkzyzoZ4q6/XMOBIXf+xzNh9PtSz47ZSfWQrIkHP6Bd2KKngYclFUJD9cDjdKy0olSfWMOI=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 13 Jan 2024 15:28:42 GMT

GET
H2 200 Logo-Wordmark-noShadow.svg
cdn.revjet.com/s3/csp/1679927261226/ Frame 2DF2 7 KB
4 KB 15ms
14ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1679927261226/Logo-Wordmark-noShadow.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
x-amz-version-id: _LI8vXFq5W37Tvc9LZcnQweHjqGcRfe8
age: 22377
x-amz-request-id: W284RTEEXHZS34PV
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3634
x-amz-id-2: ZqYwJM/O2Ywo40r7+yfYnAuatxVaqiLUrZRgkzAZBoYNoU3Dxm4GpxYX2jZstcvAHVKZKtIQKbI=
last-modified: Mon, 27 Mar 2023 14:27:43 GMT
server: ECS (amb/6B83)
etag: "66704ffec01c0a05020997e7776a8b76+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 13 Jan 2024 15:28:42 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 2DF2 7 KB
4 KB 15ms
15ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 60633
x-amz-request-id: P4KPAGQCJ0GQHY2X
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: 0nKSOV2zsPnu0ntAl0h4DHwHm8FX7KcJFBu3JWs62Pt40LGKKEif1YGVYa9K+weWU5BcItDDLLE=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 13 Jan 2024 15:28:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6CFE 17 KB
6 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:28:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB5A 0
28 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-14AqVqhZan1NuXYx_AP0NWliA8AAAAAOAHgBAI&bg=!JySlJGvNAAaumcC-jpk7ADQBe5WfOP21S-YOYZZjxToxPHgBMFxjV39iwyazCjESGGLXj9eaOo2XqFF3WTKLLNdOajKkAgAAALVSAAAAA2gBB5kDDn4KQ6LmgeGXxKD2qwFUsWwWj7yxlC59Fz5MJxhtZdX3TrhfAOaQd9K7godzOSiv68bN3LXtgjByv59FdbBymXHOywZsVFs-k69xt6hitXhm2mZ-fFcpGfwWSB-zqjgJNDH1SN9t2CZO2gskWkTVro4J1YYa2aoY7Vll_EXJMVpHlrZtNMa0BV8Z1VXj0Mf1f8cmejX5aBstFobi9uF4BsODmL2x97rmUbvxzyWpyJOyAsH9iFmoRFaq-sB0zicg1IbmlZ_qUdTgpNvk6BRqv6vHXBg943KrN8V6uWCTMZnb_AWKiE9HKkZMDp3EEKlOAhYbbduJNFZP_R1pkSWmnwwBON-_UfYGskEUuAgoBzBE8dR7exzCqtY2bvLDd1ER7CaLNz4WM5OsW0MGAng9dKSQFZwaprDBQ2xkF5KtT0M1iFU5TnZZQEW6icnyvqhQRXBAWvCKwllsI8OiRvkgYFUTLnfi_nYRe-Y9DWHVvRmX7vQ1iY76ACc3kArFzSdsVd6sUp4dZHQzv56ShreaA-ub4jbg8Ic2iAXOLIUc-HYf6fcIEAiAnv1ip_y7bVupMNDQNxHmfk-ZR7P_QMji0Y98U668J2ctYI9rjMpISVtYQrcahwNZCflbmZXOUU_LafqMOoZtt_7lYYbsVk3alQySQQQN2Y5Or2HU5_NMnPe3-i-N3h_rIYIuFRzaYxNhXOYDQrUHKPUWHJhQhU9Ot0r30jlK6_oj5Z5gMU8GZPPrVjk8uhrZTbq2x79E7P2H_aZnDF0D3fjkiDBPvX_qnLireigFQme7HCMk2uehJ68iTkvheGUV1tXdlpqNLnGR4K4nVmshB6FUA5wQ7sN6GPaM8s8pgBmhW7RziZYclO38ncA_nbJgXQLgc0qJVrlzH610gXXXaJifdm3fem5nlEi7gZBTGGzNpmQUO3ObTtjVV-ExoiFetMghJb_RdnjanfPsZSf2kNsaoJI-qtRAfzkQPVfKu6NDWbe2tnNvIWJv9dT7SWonqDpjXGn_kLIKziOAgYOMK0_MD7BqfaAv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17AC 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviHu2bjxNyxYPhWGJt2i_BAMRwlRDrTWBrZru-KbXrx7cEZX51bJjesEqIVcApdqjopazo5eSN8xpsariGKJxaqEzwsDjfC6WSygXBCZVcVISr1rQqT6A_SOs_-v8HvFlth_D-oUQ_aYv9y1yhVunClPvt&sai=AMfl-YQEADrPwGLMUt3NbzRVpj07trYZkIbNwgWLG9wZ8wfnr_bsKeab0oAVUe4FChicDvdW5eT0oEIF8jgzavVajoWQI4GhJvi1nvFTLByGQn-66RP_VckLwBDnw9A&sig=Cg0ArKJSzLiMSs8Id8GpEAE&cid=CAQSOwAvHhf_cnLF__vPgLqkuw_TPB8AEewQh6kMyOcrZKyOgBQgQj7Bdhqm1IJHufI4SzwMvO6iUBf7SiiQGAE&id=lidar2&mcvt=1021&p=862,1132,1112,1432&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3064630007&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705073321263&rpt=267&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame E5BC 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 12:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 12:26:06 GMT

GET
H2 200 e43f01b682144badbef95545e05fbb6e.jpg
img01.ztat.net/article/spp-media-p1/c9051188966345c896a4994478a32c96/ Frame 2DF2 11 KB
12 KB 61ms
11ms Image
image/webp 2600:9000:206f:a800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/c9051188966345c896a4994478a32c96/e43f01b682144badbef95545e05fbb6e.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 85077c953bf7b15ecd2b8296467ad988c1c614a396d87454190937b7fc3a4c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:08 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server: Skipper
age: 1009714
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3VPvy6gO83jb1BDu-kB9lStSsN5OV3eZZl5uCNexYwEGrMiOerVY5g==

GET
H2 200 39a782380dc54c1481790f04b5bfe89c.jpg
img01.ztat.net/article/spp-media-p1/5c6345406ad144e696ffea94d3bcf452/ Frame 2DF2 6 KB
6 KB 59ms
10ms Image
image/webp 2600:9000:206f:a800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/5c6345406ad144e696ffea94d3bcf452/39a782380dc54c1481790f04b5bfe89c.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9790dfa230c18e1029e9ea9ff5dcc319a5fc3a9c982abac4b933dd7b8f94b357

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:09 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
age: 1009714
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5922
x-amz-expiration: expiry-date="Sat, 03 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Wed, 25 Oct 2023 18:19:45 GMT
server: AmazonS3
etag: "92ffac25b23ef22e608b8c4cf4445e68"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 7i76GUrJPJxfNb9Sq2DmhJE3Oe2fJihQkIPCXm1_GyIpjwkFiZyj3Q==

GET
H2 200 f109c8ec1bb349a286055e535d98afd6.jpg
img01.ztat.net/article/spp-media-p1/83d9ae40016d407891d13f984663dea0/ Frame 2DF2 10 KB
10 KB 66ms
16ms Image
image/webp 2600:9000:206f:a800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/83d9ae40016d407891d13f984663dea0/f109c8ec1bb349a286055e535d98afd6.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 20ddd5b467f20d07a56c850d7c5cca9e1ffe8bffd377601cbb4e64a58b10f89c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:05 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server: Skipper
age: 1009717
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M0a5xZAxBH2BhBDefMiH_F1g27gFOK97cyf1Za3hzJAAhttYtavhCw==

GET
H2 200 1798e58bc5e7432981801a9c89f3ef0f.jpg
img01.ztat.net/article/spp-media-p1/2b324f9fbacf49ba9713f7af2d6f07a3/ Frame 2DF2 17 KB
17 KB 62ms
13ms Image
image/webp 2600:9000:206f:a800:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/2b324f9fbacf49ba9713f7af2d6f07a3/1798e58bc5e7432981801a9c89f3ef0f.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 266ca56421d5e4386ea0c638d078662b44af67c715aa1156dc115abc61dedaf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:03 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server: Skipper
age: 1009719
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZzLOqtx8Wet2k8SNZZVQBWJ7H1KgqPSfMc6x76sM0l4t-IJg2yhsCQ==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2AA 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsto72VNQQNeFUFt32RgsxmwnlO56b6VjYZn5jNdXp8CSpMcotF7_Pxu0XSufxNO5qCBo7tKko8qZ3pGMdQEmfu8aS5D_pIxZupTP0TJHpfNIUFvrkqQpTSP-I6IEzoTjxWXTM75D9f-JI8shc_DwBRWWfXE&sai=AMfl-YTNMsSi-cleIpY9G9O6dnxegsm2rYxHv0TvY85mnRvxMzcmy1MrV5o5MjwU7EjRrgycCYs3ZpcApzIUZ_yZlCrgthxIrAcEol8-8yeI5JhDqL91eJEpbtp-A2w&sig=Cg0ArKJSzCPjjKZrGh4uEAE&cid=CAQSOwAvHhf_vNGyvTeEV5IHpINvPz3NFiNTxCLgQ8ySENruoXwkRYQtoB1h2rmnFAYY1YOb8_89ZlV2snAEGAE&id=lidar2&mcvt=1021&p=84,315,334,1285&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2115072069&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705073321665&rpt=360&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: yahoo.com
URL: https://yahoo.com/?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2AA 0
28 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3078608547562&version=m202309260101&ct=76&x=1&cor=2490200916699272700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1A1 0
28 B 49ms
48ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8545027703537&version=m202309260101&ct=77&x=1&cor=14020637837031230000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:28:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnKhT0gIaOqF9V-3ox_jIAnI3omSV318s4sbWfj3SeayO5BpB3DluIAI5dim1bFQof_r7KUuggVT0A06CuC8D_VbAcDQnYvYZoI62dIu9vB7FukClsK08xj7GdTIvYgJSSZ9k0X_acfWFCTk9nzICKq4ZT&sig=Cg0ArKJSzHAUcFmOXnJ3EAE&id=lidartos&mcvt=21281&p=572,1132,822,1432&mtos=21281,21281,21281,21281,21281&tos=21281,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=3&adk=1481106528&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1705073298450&rpt=513&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGFy_oNZyNxlvp5XCaCBP9E&google_cver=1&google_push=AXcoOmTUqQTUjhAZIHbj719hw_bO8IxTO1Z-hyEkvvlJkP6aGnzpzBFZhu0f9lTXZT5am7LS_MxmjBNAsAnHaqu1DtP9Q5dcCfUDIw

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK1WE4sGr532sgXqqGAcSXXwO14OfKoJJCTG1SL3NI2QdGY47Nep3tKkrZcsew6E38FM4bHE1ssi1Mhc_mD5xOCDmeJUxLXbUIIFQmscCCry4CR7NgjzcLFpUJHz4xT-AHW0PnDD3Q2bWqDo85GrQOesQD&sai=AMfl-YQgf-11qMDPIprDXzSuDGUoHL3Y2N9CwipJkBtpovDbWFyPnyRhOlqc8DP805u9k60_vCKpyCMIUCT_t-NjiCIbpI91r7yQiZCDEAw9p7veODlWdXree5hZA9ZPwKijZvYh8pt7yXRekVpcjV5s&sig=Cg0ArKJSzDCEyOrlOD9cEAE&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&id=lidartos&mcvt=21711&p=84,315,334,1285&mtos=21711,21711,21711,21711,21711&tos=21711,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3690920304&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1705073298504&rpt=894&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0du-gpXYgwMVRfQRCB1ArAMjEAAYACDPhphYQhMImIzxgZXYgwMVh_8RCB0ZIAeK;dc_eps=AHas8cBFTYjssVu6p-NToDURMu2NtXsy5ItlsPTztEdpz3asvjYNWHv4Jf0MjFfb-n__XMMJHpV4MeLdrw;met=1;&timestamp=1705073321119;eid1=2;ecn1=0;etm1=1;

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5qUOVOa-SQqyBRzXL9VD79X6AzkryQynLdJW25AhQ592DHgcvkzkEJMUUAWnoOOP0BjOTjoFrB4srNLdCPxFoi2a-aXoJFMm02j8vo6X9fLSirko7bASRmj4rH2qwHbw6y0Dm9mxMKAs&sai=AMfl-YRxSofovfVV4HnQpnSTEaLgHdJvCs_cYk-0FwEjNLGcXPpo9frCSY50GZqLZyWymQ_sDBFnTrxUYCoxtZNdCZ__4ffTCCLJCurQBOjMvM77dgBPjL4gH-IItpL2ljMrnci9Hzq0pxiagDlMe6NM&sig=Cg0ArKJSzOo4Pz3wTTqEEAE&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&id=lidartos&mcvt=21933&p=862,1132,1112,1432&mtos=21933,21933,21933,21933,21933&tos=21933,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3064630007&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1705073298477&rpt=756&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEKrEQu5opSDLdaQslI8-PLrYv0arGSmseZrlCuLGkLvNrM4fyl6LhJzbDmvH1hXvWZwgDSFXywkGJksBUdH3wUrP5Bh4ge52NIEK4GJYM_WrHKwMWYo3aycgaWDWzv4KuCuZuZoL5snk&sai=AMfl-YTn6N1N3pGZBFelF067iZfegTohXItcnfo9p4rr1n9_cBThn64iE2_lIH00N75uZCw7w40GnAp3OSCwgrvuuqZJLZIxtnx6RaqF8GEHBoZaJScpIoUTWfSx8eHUggZFE6T0TgK1dscgfKm7iRK5&sig=Cg0ArKJSzOiCZwmUXUeqEAE&cid=CAQSTgAvHhf_aycQzDkmf42Rn93oi_008VeejnpL_lt5Z14MFu1-2tBqkFiUL_fO1VcZJ_xYQU78R_b-2mI-vjtNjs8j_EeXiuQcNUGId0VWGhgB&id=lidartos&mcvt=0&p=1132,1132,1382,1432&mtos=0,0,0,0,21790&tos=0,0,0,0,21790&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.27&if=1&app=0&itpl=20&adk=3845938001&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1705073298529&rpt=938&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:21:05	Name: userId Value: wgFJhFPrul0_Fdn5Ask3_lG2SioB9elW
.yahoo.com/	1970-01-21 02:23:50	Name: A1 Value: d=AQABBJFaoWUCEOezRvDK7fhTsc_ggEHPncYFEgABAf-eomWqZeANyiMAAAAAgA&S=AQAAAq2V-wF2I4JKQ4KaZmMgKlw
.yahoo.com/	1970-01-21 02:23:50	Name: A3 Value: d=AQABBJFaoWUCEOezRvDK7fhTsc_ggEHPncYFEgABAf-eomWqZeANyiMAAAAAgA&S=AQAAAq2V-wF2I4JKQ4KaZmMgKlw
.yahoo.com/	1969-12-31 23:59:59	Name: A1S Value: d=AQABBJFaoWUCEOezRvDK7fhTsc_ggEHPncYFEgABAf-eomWqZeANyiMAAAAAgA&S=AQAAAq2V-wF2I4JKQ4KaZmMgKlw
.yahoo.com/	1970-01-21 02:59:29	Name: __gads Value: ID=039ed57b44e917f1:T=1705073297:RT=1705073297:S=ALNI_MZxDT0290qg0DGBz0x0Cm3GP9tyJQ
.yahoo.com/	1970-01-21 02:59:29	Name: __gpi Value: UID=00000d3fda9264f2:T=1705073297:RT=1705073297:S=ALNI_MYIeMaZKIhP-VN3d_asiJ7JcXwi9A
.doubleclick.net/	1970-01-21 02:59:29	Name: IDE Value: AHWqTUlUIlHFER5yq2MtODI5k1PJ_oBY5QZ64VWt4G-SXKDW6nbNW2E2yEnZ_zFW
.casalemedia.com/	1970-01-20 19:47:29	Name: CMPS Value: 1123
.casalemedia.com/	1970-01-21 02:23:29	Name: CMID Value: ZaFakngeaQzMdCR5goDCdgAA
.casalemedia.com/	1970-01-20 19:47:29	Name: CMPRO Value: 5274
.doubleclick.net/	1970-01-20 21:57:05	Name: APC Value: AfxxVi56n5Pb5bIl47r-9H6d4o6aRn5Q24Y2mGwovH5FYv5pBbRyXg
.doubleclick.net/	1970-01-20 18:21:05	Name: ar_debug Value: 1
.demdex.net/	1970-01-20 21:57:05	Name: demdex Value: 64987555773272751850334054012316808912
.skydeutschland.demdex.net/	1970-01-20 21:57:05	Name: skydeutschland Value: 64987555773272751850334054012316808912
.hb.yahoo.net/	1970-01-20 21:57:05	Name: visitor-id Value: 3480748991491574000V10
.ppro.de/	1970-01-20 22:05:43	Name: v_307dnAdQ1 Value: 2%3De1JZ.1Rojsg.b25laWQ0cjRmRWY1ZlhWYjdoR0h4dHh1ekNEV1d0YlNwVHpnVTNSTTVvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:05:43	Name: v_307dnAed2 Value: 2%3De1JZ.1Rojsg.b25laWQyYjlGNmZxZlJkWFZUVkg2dFp1OHRBRUVDeFM3VFFSYzU3NFBvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:05:43	Name: v_307dnAfg1 Value: 2%3De1JZ.1Rojsg.b25laWQ0cjRmRWY1ZlhWYjdoR0h4dHh1ekNEV1d0YlNwVHpnVTNSTTVvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.ppro.de/	1970-01-20 22:05:43	Name: v_307dnAhP2 Value: 2%3De1JZ.1Rojsg.b25laWQyYjlGNmZxZlJkWFZUVkg2dFp1OHRBRUVDeFM3VFFSYzU3NFBvbmVpZF9fZGJtUHJvc19TaW5nbGVzaXRl.0
.freenet-mobilfunk.de/	1970-01-20 17:47:58	Name: VPCommission Value: 41100000
.freenet-mobilfunk.de/	1970-01-20 17:47:58	Name: eventid Value: d1IzSVBXbDlvZTBBT1F6NS82K3RmbXVpNlpxMW5UWFgvSWlDNjBPUUIyVVNUcHBLbHZWbmNhcFFQYzUyOVlhbDBnSndkVXBWd2RDYjkyTEsvcEZBdGk0VkNBN3FGL29zOWNWTTFVR1gxaW5QYWpHb2N6SDZ4SVhneTZCWGRHL3FUT2xGK0xpNFBvZz0.2.
.freenet-mobilfunk.de/	1970-01-20 17:47:58	Name: subvpid Value: 97683241
.freenet-mobilfunk.de/	1970-01-20 17:37:55	Name: __cf_bm Value: gktUSzkvPpB2v.xsE1dmWBR._2zjKtwDXJM_5_Pyo98-1705073300-1-AdzWOs2pPX5tlY83JmcAafEWs8/8y8G+hqzsqQlCH5P0rIUHbsQVC+jUm2L6Ahps2sbhMLMdf8cTkc8aYFAjsuk=
.freenet-mobilfunk.de/	1969-12-31 23:59:59	Name: _cfuvid Value: 9zTR4NIdHD.6T3VfwzWA9lhtEUxyIjJg5ODs1q9ch7Q-1705073300475-0-604800000
.mazda.de/	1970-01-20 19:47:29	Name: jvxsync Value: u1a9Ta8VATLG
.linkedin.com/	1970-01-21 02:23:29	Name: bcookie Value: "v=2&07c78351-b2c7-41d1-8329-d68cd7d8c488"
.linkedin.com/	1970-01-20 21:57:05	Name: li_gc Value: MTswOzE3MDUwNzMzMjA7MjswMjETAyvdnmLJRdGjUbi/4k7xw1eZI+mq7FcYQvwnX6kGzQ==
.linkedin.com/	1970-01-20 17:39:19	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2838:u=1:x=1:i=1705073321:t=1705159721:v=2:sig=AQHyjGy5_ZMQ3EF5fAm2X70hp8eE1-qG"
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85150\|ZaFar
.zemanta.com/	1970-01-21 02:23:29	Name: zuid Value: 43gJV1_7pgJEcLkKhl0d
.adnxs.com/	1970-01-20 19:47:29	Name: uuid2 Value: 323942851659189912
.uuidksinc.net/	1970-01-21 02:23:29	Name: jcsuuid Value: XaPas9TY3HnoKAjIv63J
.openx.net/	1970-01-21 02:23:29	Name: i Value: fdb3c23d-282a-4bdd-9ad9-a05eacfbe138\|1705073321
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.lijit.com/	1970-01-21 02:23:29	Name: ljt_reader Value: H-sgAGZHYRlCP0A6R46JXCHb
.adform.net/	1970-01-20 18:22:31	Name: C Value: 1
.adnxs.com/	1970-01-20 19:47:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?f@W(kH!@wnfH8K6pQK`!5=E<L5?%M-2C8Zj4b#pgmF$ja3/d3A-D0B`_`Ik!X@/%nugO%v4VB%no0r63FX
.adx.opera.com/	1970-01-21 02:23:29	Name: UID Value: OPUc3a576990f374176b0316ebeb4fb8ef1
.gonet-ads.com/	1970-01-21 02:24:55	Name: pid Value: NjlhNDZmZDYyZmUzNzEwNg
.adform.net/	1970-01-20 19:04:17	Name: uid Value: 4254055069553900978
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129cuKcCzxzPTyCjDLjCrPyNc1jYwwDwUAa5f7Hh4AAAA
.rfihub.com/	1970-01-21 02:59:29	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129cuKcCzxzPTyCjDLjCrPyNc1jYwwDw3iNTQ3MDUwNzY2MrQwN3zFiMI3AgBS9xxhPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjIztTAyMTYwsDCzsDA0MDc0MRLiM9Q1KIj0SSkIMU1ODioHAIuEoi8lAAAA
.rfihub.com/	1970-01-21 02:59:29	Name: rud Value: H4sIAAAAAAAA_-MSNjIztTAyMTYwsDCzsDA0MDc0MRLiM9Q1KIj0SSkIMU1ODioHAIuEoi8lAAAA
.media.net/	1970-01-21 02:23:29	Name: visitor-id Value: 3480749211491500000V10
.yieldmo.com/	1970-01-21 02:23:29	Name: yieldmo_id Value: VEz_7ccQQYcHydDIawDp%7C1705017600000%7C0
.revjet.com/	1970-01-21 03:13:53	Name: trx Value: 5110160631442057187
.revjet.com/	1970-01-20 17:39:19	Name: ads Value: 597ce992f8e8e866afbbe8253c1a0f28
.adnxs.com/	1970-01-21 03:13:53	Name: XANDR_PANID Value: OaHTwSZSYbwqGlcKamapKCVLaAUtDlIm81NYFqyhddh_9y3jgUe24QXim8lNIn-cgEEyHBmVOZCfIbC8RqYh3Q2O5-hFawAKN9pSX0mlyDc.
.adsby.bidtheatre.com/	1970-01-20 17:47:58	Name: __kuid Value: cc14e788-f1f9-4ba9-b91f-492fed1c2295.474287322
pixel.rubiconproject.com/	1970-01-20 19:47:29	Name: receive-cookie-deprecation Value: 1
.adfarm1.adition.com/	1970-01-20 19:47:29	Name: UserID1 Value: 7323234155275548811
.ctnsnet.com/	1970-01-21 02:23:29	Name: cid_8e336196349b4fada04203cb5724765b Value: 1
.ctnsnet.com/	1970-01-21 02:23:29	Name: gid_CAESEDFKTydRY7nwZHa7bcmY14k Value: 1

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://guce.yahoo.com/v1/consentRecord?consentTypes=iab%2CiabCCPA%2Cgpp%2CgppSid Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	URL: https://yahoo.com/? Message: Refused to execute script from 'https://yahoo.com/__rapid-worker-1.2.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://www.yahoo.com/px.gif?ch=1&rn=8.39333285063016 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.yahoo.com/px.gif?ch=2&rn=8.39333285063016 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yahoo.com/fp_ms/_rcv/remote?ctrl=WeatherPreviewRefresh&lang=en-US&m_id=react-wafer-weather&m_mode=json&region=US&rid=fssMH6Pv&site=fp&apptype=default&instance_id=weather&_evtSrc=deferLoad Message: Failed to load resource: the server responded with a status of 999 ()
network	error	URL: https://yahoo.com/fp_ms/_rcv/remote?ctrl=ScoresRefresh&lang=en-US&m_id=react-wafer-scores&m_mode=json&region=US&rid=fssMH6Pv&site=fp&apptype=default&instance_id=scores&_evtSrc=deferLoad Message: Failed to load resource: the server responded with a status of 999 ()
network	error	URL: https://yahoo.com/fp_ms/_rcv/remote?ctrl=HoroscopeGridRefresh&lang=en-US&m_id=react-wafer-horoscope&m_mode=json&region=US&rid=fssMH6Pv&site=fp&apptype=default&instance_id=horoscope&_evtSrc=deferLoad Message: Failed to load resource: the server responded with a status of 999 ()
network	error	Message: The script has an unsupported MIME type ('text/html').
security	error	URL: https://yahoo.com/? Message: Refused to execute script from 'https://yahoo.com/__rapid-worker-1.2.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	warning	URL: https://s.yimg.com/aaq/f10d509c/d1ccw66oyq8ex2.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://s.yimg.com/cv/apiv2/default/error.m3u8 Message: Failed to load resource: the server responded with a status of 416 ()
network	error	URL: https://yahoo.com/_td_api/beacon/error?beaconSrc=HomepagePWA&bucket=900,seamless&eventName=svcWkrRegError&message=SecurityError:%20Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https://yahoo.com/%27)%20with%20script%20(%27https://yahoo.com/service-worker.js%27):%20The%20script%20has%20an%20unsupported%20MIME%20type%20(%27text/html%27).&rid=fssMH6Pv Message: Failed to load resource: the server responded with a status of 999 ()
network	error	URL: https://yahoo.com/_td_api/beacon/error?beaconSrc=HomepagePWA&bucket=900,seamless&eventName=svcWkrRegError&message=SecurityError:%20Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https://yahoo.com/%27)%20with%20script%20(%27https://yahoo.com/service-worker.js%27):%20The%20script%20has%20an%20unsupported%20MIME%20type%20(%27text/html%27).&rid=fssMH6Pv Message: Failed to load resource: the server responded with a status of 999 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
ad.doubleclick.net
ad4m.at
ade.googlesyndication.com
ads.revjet.com
ads.yieldmo.com
ap.lijit.com
as.ad4m.at
as.euw1.jivox.com
assets.euw1.jivox.com
b1sync.zemanta.com
bats.video.yahoo.com
c1.adform.net
cdn.euw1.jivox.com
cdn.revjet.com
cdnjs.cloudflare.com
cerebro.edna.yahoo.net
cm.g.doubleclick.net
cs.media.net
csi.gstatic.com
csync.loopme.me
d7be5cddcdb46bc24b4cdd37066e9f9e.safeframe.googlesyndication.com
dns-2mx9qn46p.sombrero.yahoo.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
edge-mcdn.secure.yahoo.com
evs.euw1.jivox.com
fsbcn.fp.yahoo.com
gamadshub.com
gcm.ctnsnet.com
geo.yahoo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
guce.yahoo.com
hb.yahoo.net
i.clean.gg
ib.adnxs.com
imasdk.googleapis.com
img01.ztat.net
jvxas.dco.mazda.de
lg1.hb.yahoo.net
match.adsby.bidtheatre.com
match.adsrvr.org
metrics.brightcove.com
ndirect.ppro.de
noa.yahoo.com
onetag-sys.com
opus.analytics.yahoo.com
pagead2.googlesyndication.com
partners.tremorhub.com
pix.revjet.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
playercdn.jivox.com
players.brightcove.net
pvx.freenet-mobilfunk.de
px.ads.linkedin.com
rtb.openx.net
s.uuidksinc.net
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
static.adsafeprotected.com
sync.go.sonobi.com
sync.gonet-ads.com
sync.teads.tv
t.adx.opera.com
tpc.googlesyndication.com
udc.yahoo.com
us-u.openx.net
v-aygcg5qee5.wc.yahoodns.net
v-bul65jas6h.wc.yahoodns.net
v-c9n6fcob9a.wc.yahoodns.net
video-api.yql.yahoo.com
www.google.com
www.googletagservices.com
www.yahoo.com
x.bidswitch.net
yahoo.com
ybar-aygcg5qee5report.wc.yahoodns.net
ybar-bul65jas6hreport.wc.yahoodns.net
ybar-c9n6fcob9areport.wc.yahoodns.net
ybar-mcdn-report.wc.yahoodns.net
ade.googlesyndication.com
csync.loopme.me
pagead2.googlesyndication.com
108.128.252.65
108.138.7.108
142.250.184.226
142.250.185.130
142.250.185.226
143.204.215.11
15.197.193.217
152.199.23.180
168.119.66.181
172.64.151.101
18.245.60.53
185.89.211.12
188.166.17.21
188.42.105.220
192.229.233.6
193.0.160.131
194.97.41.228
2.16.97.41
2.18.160.23
200.152.165.201
2001:4860:4802:32::3
2001:4998:1c:805::2001
2001:4998:24:120d::1:0
212.82.116.201
216.58.206.38
23.35.237.37
23.50.131.73
2406:8600:f03f:1fa::1001
2600:1f18:612b:4216:bba5:fc0b:66fa:bb51
2600:9000:206f:a800:15:157b:ff80:93a1
2600:9000:223f:d600:8:48e:53c0:93a1
2606:4700:20::681a:ad1
2606:4700:3031::ac43:9926
2606:4700:4400::ac40:9b32
2606:4700::6811:190e
2607:f350:3:2569:0:10:0:c
2620:1ec:21::14
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1288:80:807::2
2a00:1288:f032:1fa::1000
2a00:1288:f037:1fa::1000
2a00:1288:f037:1fa::1001
2a00:1450:4001:808::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
31.220.27.134
34.251.108.160
34.95.69.49
35.158.60.234
35.186.193.173
35.227.252.103
35.244.159.8
35.244.232.184
37.157.3.20
51.89.9.254
52.19.173.208
52.212.205.93
54.154.107.3
54.194.123.185
54.246.204.16
54.73.214.63
64.202.112.159
69.173.144.138
82.145.213.8
85.114.159.118
95.217.106.24
99.86.4.17
0291e42c6c243b4177e0331b6e3692a8e03e29a39852790ce81604a998872c68
04044f475eb29011291b64adae97d21de0cc6204463562500d98e7552454fabd
057db10da18fb34336431b645044e7fa19a01f377270cd0e47afcd38fddda68c
0598e13041b04bd01dc5e5849abebac0e253bbac3ec6bdc71ca62b84100717f4
05ebf094b2c700f7191cf374957ba37d140012025088816c959553dd0cfba801
06cad8b481431780afdd83822a96026e9dec8e1a86fadd79c146a6342e81826a
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
09e3b1cdb4a13769033e6545b5ce33bbbe4a1c56eedc6aff38b6d2e790e8b729
0a7ed97355cd7c9cfe72e0a72814e50496d62c17ea5ae605bce42f6804850623
0b64ef239bce8b83679dccc7fe5bfed8ba22f2b6cd8b2b15bbc145df21992103
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0e8e59c22f784ae124e2e4ea700d0361f147c5e67417abb1f845f49082190111
0ebe86a81967f62f7e2720e0282b2aa826bc6ac307995c633e9687b054b10768
0f51bdb3c07882411734303b817d888776f3a6ad58d50c923a147f8c2d65ff53
118f3052e4e343fb53cdde6732930c00e317a0e336569441a6eca64c176ba993
12234fed1c7552acbc8b14665fbf0b73c805001b0b6887d8a03b2982364ec957
1236e3d07c5be99605a2ce51cf62277390130d7e1666e31757c7182173c31f1c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
1a166ebd6c8872d71efcefb4765db513014b732e1886525c5f2d5ded87071451
1ae0492d9fbac257db08c85f493a6f37f7a1b432315b2850e8682e41fe3fd833
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
20ddd5b467f20d07a56c850d7c5cca9e1ffe8bffd377601cbb4e64a58b10f89c
2165dd788fb806053128d6faf6dde443c215da84bf12e4b69e699492cec7f9f5
218511cc421e9df747b7733fc96b66ed26748c18901527c66cf9983173bee7c9
247ce7902264dae452c29cc24deeb845c80e662b2cf961856534ddf33b572123
260a53b00d7d96a734bab50f6fa6164c0043edbff94ccbe773175302068e051d
266ca56421d5e4386ea0c638d078662b44af67c715aa1156dc115abc61dedaf6
26b0139edd76d65fca3c019b30e252add3c871ea0fd8c72cb1126f103d24401c
27c91b042b50c145ccbe32c722d890e2e13b662302c269e1c990591348d98875
283d3ab3dc017152ffa86d2353ada56f9faaec83c98e01d4a4cdcd826654fed5
287bdc817c33cf97b8e598ef498365986e2fff53eb7a08efe403f489305c74ba
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2b65a8a0b20001630e311cdde4f161655ec60bb79f59806204dd5300a476a577
2ca181f5f8781eaca01c4e8a41d1334700378302662f1bd7fe31ef9ee4c1bfde
2d56d1cc8ea5ed168b6b4250820de6dad2542bc29ae04b5f0971e642cb5191ce
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2efe839994e70533a185968fe8d17d2a4f9185faf12eff90ae41bde1bcc04ccc
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
33d8bfda78c83de19751ec84e1d7f40dc5d7c81e7fb822069f811a9030d2d459
3475e4684f17b66b538a727fcc9a92a40eaa4b23a314aed8093752dce944a41c
36eeae28af31fe42af6c3c03695665d8b0415a3d9f460c40c06bfa01d2c9ff60
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b3ccb2c3cca4d74f4a4e40215359a1573877b6eeac7035f279cc4aa353df8b4
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e
3e1bd882478ea2d53cea87b43488a5bbf1bf8302f8a3de5a2baaccf9df96a9d7
400b6eb24d3e6a125be3b1721261d9d98098d213e99d2c1daa0a84f29ca32b33
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
43fba69a9ecaca360bc7e6a57ed703aac2cdba282b864dae89fbe4a7cbac5654
45b817576adb88b7fe165a3cec26332bee830344d1453a7c77343fe4f329f7f9
46072ff450e58861395db6f972ea897ef9e4869c2779aed03527b5b0f994bbb5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c02423e821a94a7baa11da62a973d2f9f0390916965af874a2e28747b57e47
46d4d1ee2e209f4cc75482672364c596eaeac1a9cefacfeda61ccec57b7025bf
48723c58d2524d7d5c47c2ddcab4a44ca757a689c5faaf90d37dfbbdfc808b39
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4a49828993f5623cb08e4fdac5b714c4f7edfabee23f4af4a5256817c6bc891f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4c90e71ec608ca4ca20ac8427d99ac415a8ca762b9bf807c7e7254866f0c9698
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f06d94cb6038f42f5c8d59d369ab21c3c54643a544b0824582cb00ebb61dfb8
4fa81a2babd7ac6c723e36071474fdd0f043616d012053410a6afaec2d96513b
5295df199cf6f192ce4a602f501d57f9867c68d807ccd1622dcc582c04bbad1c
543abf25cf873829e6035fe50d2c251fc1f33e550cb0e85fc51a1fb19bf28235
5448674d9c501af62f8516de42d5efff4b6f25b02f7e081c924dc290efdc7d39
54488723c384fee5fb9a583a3ccd59e6bb5506b8e556ab3befac9c930a2380ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c064a05e65ae6adbe04a6efcbc0d366998ba7daacfe0dea327dd70bba8d92a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a62a154265ceec7cc05527261d14f0fe97e61a8d40ceddc2158e29613992deb
5cb2b348029a5c8cad5342d73f5f78ac09ad0cf6ebde80b5a1ed069f08332ddc
5d3da40c817053ac4a638c787507ca72835553a1bc27d2d21090dcc6759c13d8
5df38664779ae737ba7e379597410ae785f40b41914f8e912b48e76259b88935
5ec914f3ecabd8480fed9df3ea1b4a3b4c06b9cab1a86c9dc0e82e5b1d3e1d61
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60159e9de8ca359fa7bfe53d8f4b2bbba92ad4432a6569a5f74ea33d55be3f15
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623e67256353332b24a2074d8816abd4362594a04aa07cfebfc346a190bc710d
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63678162cb830afba8013a29be9148c72c3dd90561f1b0e7a3cdfbfd883912d6
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
671672d5fb51ada783e99b16b5b961f30ca3bd1b7e4d0ec1723c7a680b0d6394
678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd
691c8125db8d0901eb4fc2623493dbf9f7169d3107e86be3231b5baa1f925e8d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b64c80b04cff2dc73a2bd8e0eae63e60e4c0168cb01f431f5031edeec71a2fb
6c37378afaf5fbe133642f8f335f50b3924fbaac4599815cc3f7a7dc561be606
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6db8feafd6af3d4d57cf32077151974db17993016ec90953d027f08ca0a8198e
6ffba9d8f919018c1f2a41022da48350174a5a9887ca317d37bc8e2ecd17399f
70f9852c77cf4fd86deeda8b875157eeb324a3951a759f6e07775986b42a7cac
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
74e39b60c6f9cf4a0e89e4de15fa00ef99c221b75401b28e89e05723ff310730
752512dbc73f3176ed30fdcb62888bd233bae9d65e792176057f52921f730543
75799b61c8d93b46365ae3a603ef508acee921adbf2abf4ada583fc4e0e4bb82
7593240bc1e57ebc09a1a550d91c67481784b8de8e9208ba96a6b38a0251a675
77f8f7e55983ea912cfa3e701aad7b9c48042a40625c42d11d25a804781df413
78a1f9d8fd52b7ff5b712a20c6b297c3d7cb0be9fcb873c5449716e632bec36e
78cccbbc170772adea62503d527562217c744233c7520ddd7bda8ccb513aad09
78e2be88a99ff165973155495727eaef0d94449d04269fe9096ad0c4f188f7b8
7900f06ebc33d9f9c64f1cc1f92cb19e54bc2bfe2dbd3ec8cc3a0cbb8420014f
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79d954b80c39513a18ee1e0143d931ba9222b4c4794438f7bad23f9e0380cdc8
79de39502b10f052460efec133b798596c4ea73661805e0baa3f3f6fe7ee480e
7a18441e184306e7f51c5493c0c17f676c73e12f518dc468dcb565b25d90fc41
7c1af6813d45b6da4e89afef9a402d7ad6dd66131055a1be90424fcdf99d401c
7c5bf1c17637f87d3c94a2fd2d57e9e5903cefb4fc696fcd2cf4bb0087754b76
805a6388e192758244bc457af625d56ad46bdf224e4886502fce4cb169b6c941
80819880082b2da6970a20108373fbeb7a2eeded83bf90a7c95d6f3d2346443d
809f9bfbbdd4e9b0491fe90380ba9f980dde984cd8c3e59499ac018ab8bd4273
811d87f7db9634defcfe8ce58c03b5ab23bacc7270a1443a62aac0e68b8d1b58
8219c20c8deccb08fed718fe1d28a7c3e0c2a3714e50f0444831f3cb727f843c
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
85077c953bf7b15ecd2b8296467ad988c1c614a396d87454190937b7fc3a4c63
86145e56e9b4bd3a42e3ddf6b7cb6bc8e9372891aa5bae35ea0f3facda3c99aa
88ffb46d0fcb09d01a737787da36ba38187f75c653b7b4fb8f92d9a01d87e762
892e2f5e07fef6de0428e4dcb284201b3d110c0a6f2d8ef899cd2cd2c61eb546
89d538c36cf602eba0a7634d92b4ba8fe05a79bbd7c2721f490bcf993ba3ebf6
89d64f8363e9fe274098d3a8744fc70607e0482d5cb955b65a4753d04673bef4
89facefb7a1029d9990ff5f8aac3ea72dbc48b8c7e6615d1b727c1fa8169cfe3
8a128348b11b44b62a0ac044780b00fb6257645f02448b2e402353bb9faedf86
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d968224acd90ff526419597fc9128e8214a87080f4daffd56099f4fa08990d0
8e988e5817d9b91c0c080bfc6541fd46a55a587a0eff29e0b667b519c50bd046
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90cd37b7ee25284b847f912ffe44555ca87e770cbd7f25cdefd1476e581235f7
92f12de52759f50ec0a45249158d4ae2fcade757a5d968637e510f4d03c3135b
95fb5a5390afda7b7734b303c9f724039fda305313ce9517aa5f7a544a208af0
9700914e6e866ee5c282895e9d78cf38f67e112eba1f6de5fc55b96c9f72f294
9790dfa230c18e1029e9ea9ff5dcc319a5fc3a9c982abac4b933dd7b8f94b357
9918b112c822f1b87c4dcd544b693ad69d466fcb97333a46552bdc409bb944db
99b85a68a8877bb1bb0d093d56dbd5863f69c659f4c25e7a69acce4c0df6189f
9a7394871abbfc5eaf0a8d34dbd3db6eb06ab1595ca124d31f640a6e9c77a90d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9ca89731319743aabedc04e5fd134edb79ef0b3e761587958acbd9ba21d0093b
9db46f19ad4dcb500e6f64d48871b1bde4cf41bdda18b3e36346041699d14caf
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e518be317653620dc026a249493e19adb3ee4bf6d8d7747b7ac12d10c1837f6
a03f9a37e34771c42cf7930b2f466ea2077d149f6dba0e81982e7715a87dd8ef
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a11ea647f95a0f0afed52714b759929c5c8cbfd789a4f1b6b55d7d75a46433e3
a50cd765dc960512d033632139cd57336ac7e8db767ff7eec30c5355c75dc68e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8036a2cf90d66f01fd22a9f4c7e5001776b505fc295c1dd89a8915544c2688b
a8cfff8b46b24821491229f762c3c57f19868b2eb2835f385a0823cb721c9a58
ab6531364fe9673e8043d58d965d6207de47971dbc78675f8f1e2e6a3ca42842
abbb933058b67363dc536b89d6d50ece7d2ed4b8324d3c5104f5c53ec4cf2f0b
acf529f550f2fdaad913c10e6972344e43e07eae8d5aa57b96fa30ed7c07acc1
aee882bd9116cfa3b8514408bb1725a830c0bcbb2a0c185078bcb876e86f7203
b0d19f181f824e4c9908464ff2dd83d9579e2a917177c5008c63194fbb1112c1
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b168be397ac36dbca02b07547dad2a928427e765df9b49a931f05db057f3a83c
b1b69126902be4d29d6506312471c95a2ce1a7fe10d409b5b90ac913e6e1d73a
b3395510d2bef53e87b963da4321117796e85faefd7edc25b9eecbe203248177
b36764faf17f2803c4ef3a5ea18b0187dc9ae66b13ec253c71ddb3178d2ccf52
b39773b31bd6055e7913146773b90be87f11b993b51f86ad5c408df4d79d1ed4
b3f5f787daf156fa19c2916470f4ea8bdbf9e5828b3990c33c04810fa74ed084
b6ed330c928c37a797890179b4d748d07e650955ef512fd03ea552f4b05481d0
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b909597e009efac6b1a92dcf104832dea3956c7f4902ef9eecae095b743e707c
baa52e8ac769d702e14fd1fa5a4363a1fc7e6462115ab6bcdbb317ce0e99da8b
be671385d8f14d0361021e284605f515c7c049cf9953d0d8b50cfcd2ab62ab9b
be6b2025e99620fec98afa6dea4dc05421edcc5c2449827f249cdc3165dc4aac
c16f58e3315b6df337b13f450bac668d458e94fab61559ff159371a69cda8d16
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6d2343a147111e4f3881e468facc72da4582c6aaeff475d3371df3fa2576bee
c77ac0aa1aa3c9715cacb1fc76feaf226e30927a9636e5c75c4dfeb75c0f8f98
c8314c13a4169e9da8d1f45b768b65a08f029094c4cae63a7ac685861a4509a7
c8de53891633ecc5cb4cb6615e90af1358e813aded05d534a5e6060476df3a2a
c9a99fe813a45146726ec3465d0dd5d2fea8ae5a6fb417e40a76faaa677c8ec0
c9cdbf8b12197789d4470435cd71c56ed718507a566c17a2d46bc8397e0e2810
ca9998a600267dc2431abc077f8cf7a5476a46ee1e82d0c6f12bb17e512c3fe8
cbeee7da6cc21d0d3394c55fab07c9005d10405a505117cb41c2a1b013773b97
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa6522e0ac537a9155811bafefeae7f345f8a112e3434695a6a6917b49f5e21
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d28b9ecc5c4d8d812a36f111a07f6d31516c1eb2fa89045be9da02aa4c73bcd7
d436e95611ee934483a02006c6c51b6602f1f69324de97034afffad8ef0f91b5
d4c7500eba2238f458a2197893270214cb2b9582edcad28d84fb711a95d24ab0
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6dcb58b9670c33c9e65c44ada35f2fc731ece720104cc003459cc4256b65869
d77e659299c397037513aff88093b64f6ce29994b94d99256ad84a7910c0ceb3
d8d4b084a69057610b44e2d3cb98a0876c070f96f3ef2cf5977d173d3dd3adcc
d956b67e387ea2582e9929e71a3131b916eab41f0eb98d8e39efc83bde47df4f
dcda08a8d45d378df4fdeafd2529f3c7521d3e9c3a4b12daf2fe2c919940e57b
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
e02562dda3d6ab7045858f1a3260f0d9705c0195eb14d7735dd2d22b34d93d17
e1897197c32be441c5c75426c1df80241eafceb7b8a3027cd40a148a809870ff
e1e5dfe98cc72943d3a0c3ec75a441dd9d2111c27db7cb5a9ac721ee7b60abfe
e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5
e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a91db84a0f05c1d9a8781aa5d647292654695c0f59175dc192e7cd32a07282
e73abb199873f4a0ab0e9283d242341880f772323014f024b2383d33bae70881
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eaa60e5659edcb05944473f56efb72463bd3360066a062fc60424458878cb3e5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ed22526f9adcdd172c698e0dfc9fa3ee064a96a27bed3335931c4b2bddf4eee9
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee6ac88fcdda8e39410e1e291495b9f5adeb2ec3e95069fb4d50964093de53a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef70829b2e58afc016c35ce9a83e2bb60ad24d6341491686ee168ee71c40123f
efaf4ad41f657cd1dc07408a59160cafa496db36c8ed259bff15ab87d80643d5
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f109f14c04f73b5ebea512c9710702c15d7b3e0a9dc05aa050279e8f7e9e753b
f123095e67ad97806b7dbc2475cd95aa7caa1f1617ff1480077c5582c790d9bd
f233f1f498a184f1869d03aea460462110a548bc4bd8928542c561f30a51066e
f271bf73d0eefe04f56cb6390e07d7d2a4794787283d65221397b258cef040df
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f2c2013a67c8dd205e93ef40cf60da7b3bb48a075e7b649fde2b2f646b15896f
f2ee7c6b9e231911da42091ee22f509e805dea9424af2652d91505ca1db0332c
f3aea898cd059017b5cfe0fedcfa4fa32bb4f931afc227e0fa4cbc7ab3120086
f53e53aced35cbf18496eb17194bcad9689d54f514d0f5d106142f40b6f42c3a
f59452bba989e5a78e9492ae296cbf910745529c3294b49a58efa4ec7eba8d45
f6246ebe302e91d6fb04472e2b5e7aa5b75bf992fb24cbfa3a7c5b5a7bb6a037
f933d95c0e31a6f637a994c9d1190c55a62758799419dc3a464f06696017a720
f9ec62a047ea070a77925d31627f7ffd01f3daba083a6017fabb9b225bf97758
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b
faf50015de5b96281dcbf145fdf58222efc35c962759a3e915f4e95f510d7b78
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fbdbae963c3fc7df68ecd97698c63ec13cceaeb8c76519097461a74f0bb79639
fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
fd9675d041aa9e86d2435708a030c1d0d96e1074b5d7b584a82684348b2ad592

yahoo.com Open in urlscan Pro 2001:4998:24:120d::1:0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

526 Requests

91 %HTTPS

38 %IPv6

50 Domains

86 Subdomains

59 IPs

12 Countries

10307 kBTransfer

22294 kBSize

54 Cookies

295 Outgoing links

Page URL History

Redirected requests

526 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yahoo.com Open in urlscan Pro
2001:4998:24:120d::1:0 Public Scan

Screenshot
Live screenshot

Full Image

526
Requests

91 %
HTTPS

38 %
IPv6

50
Domains

86
Subdomains

59
IPs

12
Countries

10307 kB
Transfer

22294 kB
Size

54
Cookies

526 HTTP transactions
11 data transactions