www.hz.de Open in urlscan Pro
46.245.182.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heidenheim.com/
Effective URL:
https://www.hz.de/
Submission: On March 12 via manual (March 12th 2020, 5:12:31 pm UTC) from US

Summary HTTP 144 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 38 IPs in 9 countries across 34 domains to perform 144 HTTP transactions. The main IP is 46.245.182.43, located in Germany and belongs to MIVITEC-AS, DE. The main domain is www.hz.de.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on October 25th 2019. Valid for: 2 years.

This is the only time www.hz.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	62.152.182.7 62.152.182.7	29252 (NETCOM-TS...) (NETCOM-TSG-AS)
1 1	62.152.180.41 62.152.180.41	29252 (NETCOM-TS...) (NETCOM-TSG-AS)
1 32	46.245.182.43 46.245.182.43	41412 (MIVITEC-AS) (MIVITEC-AS)
2	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
1	143.204.97.36 143.204.97.36	16509 (AMAZON-02) (AMAZON-02)
3	176.9.67.12 176.9.67.12	24940 (HETZNER-AS) (HETZNER-AS)
10	46.16.74.252 46.16.74.252	51862 (PROFITBRI...) (PROFITBRICKS-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:21f... 2600:9000:21f3:c00:12:6213:9cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:5000:1f:a1b:34c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	89.163.159.106 89.163.159.106	24961 (MYLOC-AS) (MYLOC-AS)
3	92.123.7.102 92.123.7.102	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.194.143.80 54.194.143.80	16509 (AMAZON-02) (AMAZON-02)
2	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE)
2 5	52.58.42.46 52.58.42.46	16509 (AMAZON-02) (AMAZON-02)
3 10	23.37.53.21 23.37.53.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
2	2600:9000:21f... 2600:9000:21f3:c600:1d:c2dd:3c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10:... 2a02:26f0:10:28e::5f76	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:8c00:1c:8c89:a300:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
9	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	92.122.254.186 92.122.254.186	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	54.154.128.203 54.154.128.203	16509 (AMAZON-02) (AMAZON-02)
10	136.243.33.79 136.243.33.79	24940 (HETZNER-AS) (HETZNER-AS)
11	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	34.252.24.237 34.252.24.237	16509 (AMAZON-02) (AMAZON-02)
1	185.33.223.80 185.33.223.80	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	92.123.31.39 92.123.31.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1	85.215.5.31 85.215.5.31	6724 (STRATO ST...) (STRATO STRATO AG)
10	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	62.168.44.118 62.168.44.118	5588 (GTSCE GTS...) (GTSCE GTS Central Europe / Antel Germany)
1	2600:9000:20e... 2600:9000:20eb:5600:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.73.39 13.225.73.39	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:5800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
144	38

2 62.152.182.7 (Aalen, Germany) 2 redirects

ASN29252 (NETCOM-TSG-AS, DE)
PTR: newstanley.hz-online.de

heidenheim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heidenheim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.152.180.41 (Marktoberdorf, Germany) 1 redirects

ASN29252 (NETCOM-TSG-AS, DE)
PTR: srv25.local-host.de

www.hz-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 46.245.182.43 (Germany) 1 redirects

ASN41412 (MIVITEC-AS, DE)
PTR: 46-245-182-43.static.mivitec.net

hz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-36.fra50.r.cloudfront.net

www.video.oms.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.67.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.67.9.176.clients.your-server.de

pp.lp4.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.16.74.252 (Germany)

ASN51862 (PROFITBRICKS-AS, DE)
PTR: ip46-16-74-252.pbiaas.com

freude.hz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trauer.hz.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:c00:12:6213:9cc0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

oms.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
si.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:5000:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

nugmw.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.159.106 (Cloppenburg, Germany)

ASN24961 (MYLOC-AS, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 92.123.7.102 (France)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-7-102.deploy.static.akamaitechnologies.com

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.143.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-143-80.eu-west-1.compute.amazonaws.com

ups.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.238.175 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com

de-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.42.46 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-42-46.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.37.53.21 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-21.deploy.static.akamaitechnologies.com

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:c600:1d:c2dd:3c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.yumpu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10:28e::5f76 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.stroeerdigitalgroup.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8c00:1c:8c89:a300:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.emetriq.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.254.186 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-186.deploy.static.akamaitechnologies.com

s400.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s385.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.128.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-128-203.eu-west-1.compute.amazonaws.com

cdn.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 136.243.33.79 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h380.meetrics.de

lb82.s400.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.24.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-24-237.eu-west-1.compute.amazonaws.com

adstax-match.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.80 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.31.39 (France)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-31-39.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6724 (STRATO STRATO AG, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.168.44.118 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
PTR: cdn2.bbmedia.cz

bbcdn-bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5600:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-39.fra2.r.cloudfront.net

sak.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	hz.de 1 redirects hz.de www.hz.de freude.hz.de trauer.hz.de	4 MB
19	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	248 KB
15	doubleclick.net 4 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	112 KB
11	m6r.eu 3 redirects tracking.m6r.eu cdn.m6r.eu	7 KB
10	meetrics.net lb82.s400.meetrics.net	3 KB
7	googletagservices.com www.googletagservices.com	192 KB
7	adscale.de 2 redirects js.adscale.de ih.adscale.de	7 KB
4	google.com 2 redirects www.google.com adservice.google.com	881 B
3	google.de www.google.de adservice.google.de	389 B
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	xplosion.de ups.xplosion.de	6 KB
3	userreport.com nugmw.userreport.com sak.userreport.com	25 KB
3	lp4.io pp.lp4.io	18 KB
3	ioam.de 1 redirects script.ioam.de de.ioam.de	11 KB
2	agkn.com js.agkn.com d.agkn.com	3 KB
2	adrtx.net cdn.adrtx.net adstax-match.adrtx.net	849 B
2	mxcdn.net s400.mxcdn.net s385.mxcdn.net	50 KB
2	emetriq.de cdn.emetriq.de	5 KB
2	yumpu.com img.yumpu.com	122 KB
2	mookie1.com de-gmtdmp.mookie1.com	945 B
2	theadex.com dmp.theadex.com	28 KB
2	nuggad.net 2 redirects oms.nuggad.net si.nuggad.net	950 B
2	cookiebot.com consent.cookiebot.com	63 KB
2	heidenheim.com 2 redirects heidenheim.com www.heidenheim.com	588 B
1	ibillboard.com bbcdn-bbnaut.ibillboard.com	316 B
1	adform.net track.adform.net	494 B
1	twiago.com a.twiago.com
1	yieldlab.net ad.yieldlab.net	360 B
1	adnxs.com ib.adnxs.com	590 B
1	google.nl adservice.google.nl	171 B
1	stroeerdigitalgroup.de cdn.stroeerdigitalgroup.de	60 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	oms.eu www.video.oms.eu	10 KB
1	hz-online.de 1 redirects www.hz-online.de	248 B
144	34

	Domain	Requested by
31	www.hz.de	www.hz.de consent.cookiebot.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	lb82.s400.meetrics.net	www.hz.de
10	tracking.m6r.eu	3 redirects www.hz.de cdn.stroeerdigitalgroup.de cdn.m6r.eu
9	securepubads.g.doubleclick.net	cdn.stroeerdigitalgroup.de securepubads.g.doubleclick.net www.hz.de
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com www.hz.de
7	www.googletagservices.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	ih.adscale.de	2 redirects www.hz.de js.adscale.de
5	trauer.hz.de	www.hz.de
5	freude.hz.de	www.hz.de
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.hz.de
3	ups.xplosion.de	www.video.oms.eu cdn.emetriq.de cdn.stroeerdigitalgroup.de
3	pp.lp4.io	www.hz.de pp.lp4.io
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cm.g.doubleclick.net	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google.de	www.hz.de
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	cdn.emetriq.de	ups.xplosion.de
2	img.yumpu.com	www.hz.de
2	de.ioam.de	1 redirects www.hz.de
2	de-gmtdmp.mookie1.com	www.hz.de
2	js.adscale.de	www.video.oms.eu cdn.stroeerdigitalgroup.de
2	dmp.theadex.com	www.video.oms.eu cdn.stroeerdigitalgroup.de
2	nugmw.userreport.com	www.hz.de
2	consent.cookiebot.com	www.hz.de consent.cookiebot.com
1	d.agkn.com	js.agkn.com
1	sak.userreport.com	nugmw.userreport.com
1	js.agkn.com	cdn.stroeerdigitalgroup.de
1	bbcdn-bbnaut.ibillboard.com	cdn.stroeerdigitalgroup.de
1	track.adform.net	cdn.stroeerdigitalgroup.de
1	adservice.google.de	pagead2.googlesyndication.com
1	a.twiago.com	securepubads.g.doubleclick.net
1	ad.yieldlab.net	www.hz.de
1	ib.adnxs.com	www.hz.de
1	adstax-match.adrtx.net	cdn.adrtx.net
1	cdn.m6r.eu	cdn.stroeerdigitalgroup.de
1	cdn.adrtx.net	www.hz.de
1	adservice.google.nl	securepubads.g.doubleclick.net
1	s385.mxcdn.net	cdn.stroeerdigitalgroup.de
1	si.nuggad.net	1 redirects
1	s400.mxcdn.net	cdn.stroeerdigitalgroup.de
1	cdn.stroeerdigitalgroup.de	www.hz.de
1	oms.nuggad.net	1 redirects
1	www.googletagmanager.com	www.hz.de
1	www.video.oms.eu	www.hz.de
1	script.ioam.de	www.hz.de
1	hz.de	1 redirects
1	www.hz-online.de	1 redirects
1	www.heidenheim.com	1 redirects
1	heidenheim.com	1 redirects
144	52

This site contains links to these domains. Also see Links.

Domain
4finance.com
www.admedo.com
www.bidswitch.com
www.clearstream.tv
www.internedservices.nl
www.programattik.com
www.optomaton.com
adsniper.ru
crimtan.com
www.fupa.net
www.cookiebot.com
www.media.net
freewheel.tv
betweendigital.ru
privacy.userreport.com
policies.google.com
knightlab.northwestern.edu
www.digitru.st
infogram.com
www.infonline.de
www.scorecardresearch.com
www.improvedigital.com
site.adform.com
www.criteo.com
www.amobee.com
getintent.com
www.adition.com
www.appnexus.com
www.stroeer.de
www.thetradedesk.com
www.home.neustar
www.facebook.com
avocet.io
www.mediamath.com
www.bidtheatre.com
www.blis.com
www.easy-media.de
casalemedia.com
www.adobe.com
us.dynadmic.com
orcinternational.com
theadex.com
www.ibillboard.com
adelphic.com
www.salesforce.com
www.sovrn.com
www.xaxis.com
www.meetrics.com
www.ignitionone.com
www.nugg.ad
www.openx.com
www.plista.com
pubmatic.com
www.quantcast.com
rocketfuel.com
pomoc.nazwa.pl
segmento.ru
platform-cdn.sharethrough.com
smartadserver.com
www.emetriq.com
sonobi.com
www.spotx.tv
www.stackadapt.com
teads.tv
videologygroup.com
www.twiago.com
twitter.com
www.dataxu.com
policies.yahoo.com
www.zemanta.com
privacy.adtriba.com
www.simpli.fi
www.videmob.com
www.heidenheimer-zeitung.de
service.hz.de
www.swp.de
marktplatz.hz.de
veranstaltungen.hz.de
www.yumpu.com
www.unsere-hilfe-zaehlt.de
freude.hz.de
trauer.hz.de
www.pressehaus-heidenheim.de
www.interred.de

Subject Issuer	Validity	Valid
*.hz.de Starfield Secure Certificate Authority - G2	`2019-10-25` - `2021-11-24`	2 years	crt.sh
consent.cookiebot.com Go Daddy Secure Certificate Authority - G2	`2019-01-14` - `2021-01-08`	2 years	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
www.video.oms.eu Amazon	`2019-09-25` - `2020-10-25`	a year	crt.sh
*.lp4.io Go Daddy Secure Certificate Authority - G2	`2018-12-19` - `2021-02-15`	2 years	crt.sh
freude.hz.de Let's Encrypt Authority X3	`2020-02-16` - `2020-05-16`	3 months	crt.sh
trauer.hz.de Let's Encrypt Authority X3	`2020-02-16` - `2020-05-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.userreport.com RapidSSL RSA CA 2018	`2019-01-10` - `2021-03-10`	2 years	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
cat.adscale.de DigiCert SHA2 Secure Server CA	`2019-07-29` - `2020-10-27`	a year	crt.sh
*.xplosion.de Thawte RSA CA 2018	`2020-01-08` - `2021-03-08`	a year	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.adscale.de Amazon	`2019-07-03` - `2020-08-03`	a year	crt.sh
yumpu.com Amazon	`2019-11-23` - `2020-12-23`	a year	crt.sh
cdn.stroeerdigitalgroup.de DigiCert Secure Site ECC CA-1	`2020-02-13` - `2021-04-13`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.emetriq.de RapidSSL RSA CA 2018	`2020-02-13` - `2022-04-13`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2019-11-04` - `2021-02-02`	a year	crt.sh
*.adrtx.net GeoTrust TLS RSA CA G1	`2018-09-05` - `2020-11-03`	2 years	crt.sh
meetrics.net Let's Encrypt Authority X3	`2020-03-05` - `2020-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2021-05-05`	a year	crt.sh
*.twiago.com Sectigo RSA Organization Validation Secure Server CA	`2019-08-12` - `2020-11-09`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.ibillboard.com Thawte RSA CA 2018	`2018-05-21` - `2020-06-21`	2 years	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh

This page contains 14 frames:

Primary Page: https://www.hz.de/
Frame ID: 56E2879D0F60A75E2AD6D6E9BC4CBDAF
Requests: 114 HTTP requests in this frame

Frame: https://ih.adscale.de/map?ssl=1&format=video&nut&uu=de3228e5905847d39b6d210d9b9c8b7e
Frame ID: F933026C61C2C71067704120CB210628
Requests: 1 HTTP requests in this frame

Frame: https://adstax-match.adrtx.net/activation?receiverId=adaud
Frame ID: 1669B5531BB13C7DE8A494BF76E0C3AB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9AK-s5IQsQKdfZoYa8pe_mprbWjh_yAOPmi8Szo2bEqWASOUCbphcylbbnAmZcSgjnJKqzTAfYAmW6V2U239602XsEpdVd6eqTu2tkMSNU7_WpyTHTg69XFtIJBDqXoQ-AfpJ6SHhK4oyhl-n1_HXrKt34SFWySiBmeJ8407CEaRctHMz_LdfjS-SL-isqeZ5rXBDtwrRj2BZOAOtWdIJyi_5V6gRaanzSlyRXoCPm5SPxE1yoCHLgeiKs2zicS5apCsjOzb_ErgelYDe4JBm&sai=AMfl-YS8tx5L25WYFgXVU3ehCLYrwXMIxttCI7NUeP0Rqa5ddPRcaxzFX_TwQg_Q7pexR7-EH7C9zrsEVPBstPukR0OVlwJBTLZFopQn3-2hrQ&sig=Cg0ArKJSzBgFjuxCaQTKEAE&adurl=
Frame ID: F57BC2FB0BED5114F8454BA630861304
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse2MeOlvSaiHbKHcJtlfBf5TYdgf72ia8Giz2hYf56ZzNEyUsxUIbnH_G9nO5PB9c2g9NGp2PGHQbSMDwjwLPpm4nZocPxXt1-oqMFWomW8MaZP8VfxwjEDp4d4LJ88h9bDY8mzgH6jCPYUNw2RWD0tqQHjPdkvXIuQtq0NxCEG_S1HWcMZsJZVpXW6z2h65GnMHJuHCo1cuhW9cHeflE6k46OVM1-ogQsQDTT2ROvHvBY4IgQqRabGXnN3LatlPgLXn1imz8EGzIboWqCKM0&sai=AMfl-YQDwRBCl5r2JnvQGu8-hMLBlx6Wqyg7cAT5OixU91XbxH9KzWTzwrQ5_2edWOfn7Vo9i5PLsQM4LMrezGVGFWp4TbO3pQBfPCRAq9Rhqw&sig=Cg0ArKJSzDzAkUrR5rGoEAE&urlfix=1&adurl=
Frame ID: 307B07A49B35B25E655E4B851ACD1243
Requests: 3 HTTP requests in this frame

Frame: https://a.twiago.com/adframe.php?pid=4990&ord=1527724277
Frame ID: A25EC554942BBB744DE6149B0AE5E6F9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFnWp_oTC7ylnmnGG29TpeJzfbkNKPjvmlvmrQK2Ex8jTotfr3-_yVe6leVQGuRkzPQM6nBxk0fd5tZF3a2QsbukupLNDQXGsLRFV04CZp-ZMBzkdTM_Jsuuxyioj0Nn70TkrYJEaFNVKjkV5h-1HpBXAQlDQb0vV2ndtoyCQ6qUyzPgn7FK3g0s2Q5V2KhwbKmroHN_Nfd6EocE2KW3iG61f1CEfQUYbbC-VoGLczjljUdKPIPcNtp0gXE3YLwEr9ZByrPGWE5IZwZ2I&sai=AMfl-YR9NoKv0vH9x5lxIHHWCvocRdiEbhQPvLDelendlePF5q-QnJTmjrywA3xl30jAYQ-xPWMH3Z_8jy6bm-qzvpgpUlt2Qirc-49PHhzZFA&sig=Cg0ArKJSzOasR-zQ4tSIEAE&urlfix=1&adurl=
Frame ID: B5E2B782FD700EDC6AAFF300718BB897
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur2UOb8ZJteBa_BjbuC9Rx2EJ_J_6BoRlJltwNvU9WEEIBtQ-UPfugi4FROFH2a9GvtqiEUh5UMlZNeMrXCfG4_wHv1I_JM46w4rIb4jX6K_Qamn44XBQuq0rJSophlCmeIKnU7o_UM40gR2IamPZ1Qfjz7JF74csZQey5oDZmZAD3Cx6emu-1guYpGDy4QDnQkQS-zx8ABG4kVMZkhA37mXx-Q-t8lI3-ZHZ95lRQ83MvMoQCf2YLnp4xLtLxfF8sSDFWIRj9ys9YtN6kvjaQ&sai=AMfl-YSmLdcpxqyO6zJd7X4kiVaD91IxCJytjTKGWe05EIcT8XjhTrooLZitOvHx4pxKR7ERorYNAqSygX3OmkQVnF3JLhUSZK8hm4NkXMDSOA&sig=Cg0ArKJSzMowUv1uzGISEAE&adurl=
Frame ID: 03C9CD677D93CEBAE1C98A1D654FC9CB
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR4XzrqTWNrnro1w9htDwC4FkvrcxG6o-gUAwAeZ6LBzNn647g8IJpAH2DqpxK_QctqQw2rXRhFTzBQNxRvCnLK0rMwxprAV8nFRnBD--6_29JVzunzQF7dNHCCV7enUQjhbVPNbe5NZUFY32dgm83ymmAXQeoBkqiHDdqsw614sjLSfO0JD3in4JniHnJ-6VBC0R8XEdqwy6TI0s8-fDWP3cRQmcu5AviFApSjnRjMaaYSKRVtZwMuE6teZwcFHv65ijjtYhQKfV2liIb8OKS&sai=AMfl-YQptP8Iih6s7L9E03zu8G3bR-YFPok9BzIEj_fHEGU3K2KpWjiupixELrPXIQtuo1OY6P4jdYpIPviPlzC-GqG505_Ui5sOWYXFM9i-zQ&sig=Cg0ArKJSzEsd-XvvHPC0EAE&adurl=
Frame ID: 71AFD79560BF5EEAE7F4CEAF3D9C9D26
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200305/r20190131/zrt_lookup.html
Frame ID: 47E793931AC98AD3D7DCF7C04403E6E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8813347375005258&output=html&h=250&slotname=3216207121&adk=3917598079&adf=816031634&w=301&image_size=300x250&guci=1.2.0.0.2.2.0.0&us_privacy=1YYY&url=https%3A%2F%2Fwww.hz.de%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1584033132719&bpp=17&bdt=95&fdt=97&idt=97&shv=r20200305&cbv=r20190131&ptt=5&saldr=sa&correlator=5163958245623&frm=23&ife=4&pv=2&ga_vid=1471606722.1584033133&ga_sid=1584033133&ga_hid=2016778207&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=543&ady=6049&biw=1588&bih=1200&isw=301&ish=250&ifk=3479309648&scr_x=0&scr_y=0&oid=3&pvsid=3957575967937755&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C301%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.k5x5z5n69rhq&btvi=1&fsb=1&dtd=118
Frame ID: F92023DDBB37C824239825855F5F98CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C33A8F88918A5F08CE1245178F7807D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: D20EBB5DB6D8FB6EBB4904742E4E1092
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=717290832&gdpr=&gdpr_consent=&ref=&bpid=stroeer&c=%7B%22bpid%22%3A%22stroeer%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.hz.de%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: CC848B5B3E5002D7B22F0A64EB8DAE84
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://heidenheim.com/ HTTP 302
http://www.heidenheim.com/ HTTP 302
http://www.hz-online.de/ HTTP 301
https://hz.de/ HTTP 301
https://www.hz.de/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

144
Requests

100 %
HTTPS

40 %
IPv6

34
Domains

52
Subdomains

38
IPs

9
Countries

5225 kB
Transfer

7462 kB
Size

5
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: https://4finance.com/ad-choices-opt-out/interest-based-advertising-policy-and-opt-out/
Title: 4finance

Search URL Search Domain Scan URL

URL: https://www.admedo.com/privacy-policy
Title: Admedo

Search URL Search Domain Scan URL

URL: http://www.bidswitch.com/privacy-policy/
Title: Bidswitch

Search URL Search Domain Scan URL

URL: https://www.clearstream.tv/privacy-policy
Title: Clearstream

Search URL Search Domain Scan URL

URL: https://www.internedservices.nl/disclaimer-privacy-policy/
Title: KPN

Search URL Search Domain Scan URL

URL: http://www.programattik.com/gizlilik-politikasi.aspx
Title: Programattik

Search URL Search Domain Scan URL

URL: http://www.optomaton.com/privacy.html
Title: Optomaton

Search URL Search Domain Scan URL

URL: http://adsniper.ru/docs/policy_adsniper.pdf
Title: Adsniper

Search URL Search Domain Scan URL

URL: https://crimtan.com/privacy/
Title: Crimtan

Search URL Search Domain Scan URL

URL: https://www.fupa.net/datenschutz.html
Title: FuPa

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.media.net/en/privacy-policy
Title: Media.net

Search URL Search Domain Scan URL

URL: http://freewheel.tv/privacy-policy/?noredirect
Title: Freewheel

Search URL Search Domain Scan URL

URL: http://betweendigital.ru/privacy-policy
Title: Between

Search URL Search Domain Scan URL

URL: https://privacy.userreport.com/for-users/privacy-policy/
Title: Userreport

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google Tag Manager

Search URL Search Domain Scan URL

URL: https://knightlab.northwestern.edu/
Title: Knight Lab

Search URL Search Domain Scan URL

URL: http://www.digitru.st/privacy-policy/
Title: Digitrust

Search URL Search Domain Scan URL

URL: https://infogram.com/privacy
Title: Infogram

Search URL Search Domain Scan URL

URL: https://www.infonline.de/datenschutz/
Title: Infonline

Search URL Search Domain Scan URL

URL: http://www.scorecardresearch.com/privacy.aspx?newlanguage=1
Title: Scorecardresearch

Search URL Search Domain Scan URL

URL: https://www.improvedigital.com/privacy-policy/
Title: Improve Digital

Search URL Search Domain Scan URL

URL: http://site.adform.com/privacy-policy-opt-out/
Title: Adform

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/
Title: Criteo

Search URL Search Domain Scan URL

URL: https://www.amobee.com/trust/privacy-guidelines
Title: Amobee

Search URL Search Domain Scan URL

URL: https://getintent.com/privacy/
Title: Getintent

Search URL Search Domain Scan URL

URL: https://www.adition.com/kontakt/datenschutz/
Title: Adition

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/en/company/privacy-policy
Title: Appnexus

Search URL Search Domain Scan URL

URL: https://www.stroeer.de/service/datenschutz.html
Title: Ströer

Search URL Search Domain Scan URL

URL: https://www.thetradedesk.com/general/privacy-policy
Title: The Trade Desk

Search URL Search Domain Scan URL

URL: https://www.home.neustar/privacy
Title: Neustar

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies/cookies/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://avocet.io/privacy-policy
Title: Avocet

Search URL Search Domain Scan URL

URL: http://www.mediamath.com/privacy-policy/
Title: Mediamath

Search URL Search Domain Scan URL

URL: https://www.bidtheatre.com/privacy-policy/#contact
Title: Bidtheatre

Search URL Search Domain Scan URL

URL: http://www.blis.com/privacy/
Title: Blis

Search URL Search Domain Scan URL

URL: https://www.easy-media.de/datenschutz.php
Title: Easymedia

Search URL Search Domain Scan URL

URL: http://casalemedia.com/
Title: Casalemedia

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy.html
Title: Adobe Inc

Search URL Search Domain Scan URL

URL: http://us.dynadmic.com/privacy-policy/
Title: Dynadmic

Search URL Search Domain Scan URL

URL: https://orcinternational.com/privacy/
Title: ORC

Search URL Search Domain Scan URL

URL: http://theadex.com/
Title: Adex

Search URL Search Domain Scan URL

URL: http://www.ibillboard.com/soukromi-cookies/
Title: Ibillboard

Search URL Search Domain Scan URL

URL: https://adelphic.com/privacy-policy/
Title: Adelphic

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/company/privacy/
Title: Salesforce

Search URL Search Domain Scan URL

URL: https://www.sovrn.com/privacy-policy-eu/
Title: Sovrn

Search URL Search Domain Scan URL

URL: https://www.xaxis.com/privacy-policy/
Title: Xaxis

Search URL Search Domain Scan URL

URL: https://www.meetrics.com/datenschutz/
Title: Meetrics

Search URL Search Domain Scan URL

URL: https://www.ignitionone.com/privacy-policy/
Title: Ignitionone

Search URL Search Domain Scan URL

URL: https://www.nugg.ad/en/privacy/general-information.html
Title: Nugg.Ad

Search URL Search Domain Scan URL

URL: https://www.openx.com/legal/privacy-policy/
Title: Openx

Search URL Search Domain Scan URL

URL: https://www.plista.com/about/privacy/
Title: Plista

Search URL Search Domain Scan URL

URL: https://pubmatic.com/legal/privacy-policy/
Title: Pubmatic

Search URL Search Domain Scan URL

URL: https://www.quantcast.com/privacy/
Title: Quantcast

Search URL Search Domain Scan URL

URL: http://rocketfuel.com/se/old/privacy-policy
Title: Rocketfuel

Search URL Search Domain Scan URL

URL: https://pomoc.nazwa.pl/pomoc/konfiguracja/polityka-prywatnosci/
Title: Nazwa.pl

Search URL Search Domain Scan URL

URL: https://segmento.ru/
Title: Segmento

Search URL Search Domain Scan URL

URL: https://platform-cdn.sharethrough.com/privacy-policy
Title: Sharethrough

Search URL Search Domain Scan URL

URL: http://smartadserver.com/company/privacy-policy/
Title: Smart Adserver

Search URL Search Domain Scan URL

URL: https://www.emetriq.com/datenschutz/
Title: Emetriq

Search URL Search Domain Scan URL

URL: http://sonobi.com/privacy-policy/
Title: Sonobi

Search URL Search Domain Scan URL

URL: https://www.spotx.tv/privacy-policy/
Title: Spotx

Search URL Search Domain Scan URL

URL: https://www.stackadapt.com/privacy
Title: Stackadapt

Search URL Search Domain Scan URL

URL: https://teads.tv/privacy-policy/
Title: Teads

Search URL Search Domain Scan URL

URL: https://videologygroup.com/en/privacy-policy
Title: Videology

Search URL Search Domain Scan URL

URL: https://www.twiago.com/datenschutz/
Title: Twiago

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.dataxu.com/about-us/privacy/data-collection-platform/
Title: Dataxu

Search URL Search Domain Scan URL

URL: https://policies.yahoo.com/us/en/yahoo/privacy/index.htm
Title: Yahoo

Search URL Search Domain Scan URL

URL: http://www.zemanta.com/legal/privacy/
Title: Zemanta

Search URL Search Domain Scan URL

URL: https://privacy.adtriba.com/
Title: Atriba

Search URL Search Domain Scan URL

URL: https://www.simpli.fi/site-privacy-policy2/
Title: Simpli.fi

Search URL Search Domain Scan URL

URL: http://www.videmob.com/privacy.html
Title: Videmob

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://www.heidenheimer-zeitung.de/
Title: eZeitung

Search URL Search Domain Scan URL

URL: https://service.hz.de/WebAd3Heidenheim/de-de/1/Menue/NeueAboAenderung?aboArt=AboAuftrag
Title: Abo

Search URL Search Domain Scan URL

URL: https://www.swp.de/
Title:

Search URL Search Domain Scan URL

URL: https://marktplatz.hz.de/
Title: Marktplatz

Search URL Search Domain Scan URL

URL: https://veranstaltungen.hz.de/
Title: Veranstaltungen

Search URL Search Domain Scan URL

URL: http://www.yumpu.com/de/document/view/62797106/handel-handwerk-service
Title:

Search URL Search Domain Scan URL

URL: http://www.yumpu.com/de/document/view/62771256/next-step-2019
Title:

Search URL Search Domain Scan URL

URL: http://www.unsere-hilfe-zaehlt.de/
Title:

Search URL Search Domain Scan URL

URL: https://freude.hz.de/
Title: Weitere Freudeanzeigen

Search URL Search Domain Scan URL

URL: https://freude.hz.de/glueckwunschseite/christine--1-01010001
Title:

Search URL Search Domain Scan URL

URL: https://freude.hz.de/glueckwunschseite/karl-scheufler
Title:

Search URL Search Domain Scan URL

URL: https://freude.hz.de/glueckwunschseite/michael--1-fe56ef37-b37f-4bbf-aa25-4e68bcde8ff2
Title:

Search URL Search Domain Scan URL

URL: https://freude.hz.de/glueckwunschseite/jan--1-e083b7fd-619e-400c-a086-783f84ef81b8
Title:

Search URL Search Domain Scan URL

URL: https://freude.hz.de/glueckwunschseite/uli--1-9046a7bd-56ce-48ec-96d8-4b23cda5aa40
Title:

Search URL Search Domain Scan URL

URL: https://trauer.hz.de/
Title: Weitere Traueranzeigen

Search URL Search Domain Scan URL

URL: https://trauer.hz.de/traueranzeige/maria-gaessler
Title:

Search URL Search Domain Scan URL

URL: https://trauer.hz.de/traueranzeige/wilhelm-stegmeier
Title:

Search URL Search Domain Scan URL

URL: https://trauer.hz.de/traueranzeige/martin-schaeufele
Title:

Search URL Search Domain Scan URL

URL: https://trauer.hz.de/traueranzeige/christianeugen-prinzing
Title:

Search URL Search Domain Scan URL

URL: https://trauer.hz.de/traueranzeige/erika-aigle
Title:

Search URL Search Domain Scan URL

URL: https://www.pressehaus-heidenheim.de/
Title: © Heidenheimer Zeitung 2020

Search URL Search Domain Scan URL

URL: https://www.interred.de/
Title: Content Management von

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heidenheim.com/ HTTP 302
http://www.heidenheim.com/ HTTP 302
http://www.hz-online.de/ HTTP 301
https://hz.de/ HTTP 301
https://www.hz.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://oms.nuggad.net/rc?nuggn=1615459509&nuggtg=homepage HTTP 302
https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/oms.nuggad.net/nuggad?nuggn=1615459509&nuggtg=homepage

Request Chain 41

https://tracking.m6r.eu/sync/dmp HTTP 302
https://tracking.m6r.eu/sync/dmp?checkcookies=true

Request Chain 45

https://de.ioam.de/tx.io?st=swpresse&cp=hz_home&sv=ke&mc=&co=DESKTOP&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.hz.de&xy=1600x1200x24&lo=NL%2Fn.a.&cb=0009&i2=0009e2fb6a5ec99cd5e6a6d6b&ep=1606492484&vr=416&id=sxnjyl&i3=0009e2fb6a5ec99cd5e6a6d6b%3A1611767531607%3A1584033131607%3A.hz.de%3A1%3Aswpresse%3Ahz_home%3Anoevent%3A1584033131607&n1=1&dntt=0&lt=1584033131608&ev=&cs=8sdunx&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=swpresse&cp=hz_home&sv=ke&mc=&co=DESKTOP&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.hz.de&xy=1600x1200x24&lo=NL%2Fn.a.&cb=0009&i2=0009e2fb6a5ec99cd5e6a6d6b&ep=1606492484&vr=416&id=sxnjyl&i3=0009e2fb6a5ec99cd5e6a6d6b%3A1611767531607%3A1584033131607%3A.hz.de%3A1%3Aswpresse%3Ahz_home%3Anoevent%3A1584033131607&n1=1&dntt=0&lt=1584033131608&ev=&cs=8sdunx&mo=1&sr=71

Request Chain 59

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&gjid=2019299227&_gid=1782552795.1584033132&_u=YGBAgEAB~&z=1410917258 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&_v=j81&z=1410917258 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&_v=j81&z=1410917258&slf_rd=1&random=2175906813

Request Chain 70

https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1471574734&nuggtg=&nuggrid=https%3A%2F%2Fwww.hz.de%2F HTTP 302
https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1471574734&nuggtg=&nuggrid=https%3A%2F%2Fwww.hz.de%2F

Request Chain 72

https://ih.adscale.de/map?ssl=1&format=video HTTP 302
https://ih.adscale.de/map?ssl=1&format=video&nut&uu=de3228e5905847d39b6d210d9b9c8b7e

Request Chain 87

https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=ac580abcb08f075bb94ae427acc2ec11&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dac580abcb08f075bb94ae427acc2ec11%26userId%3Dadscale-user%3A__ADSCALE_USER_ID__ HTTP 307
https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=ac580abcb08f075bb94ae427acc2ec11&userId=adscale-user:de3228e5905847d39b6d210d9b9c8b7e

Request Chain 88

https://tracking.m6r.eu/sync/appnexusRedirect HTTP 302
https://ib.adnxs.com/setuid?entity=197&code=ac580abcb08f075bb94ae427acc2ec11

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=rFgKvLCPB1u5SuQnrMLsEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=rFgKvLCPB1u5SuQnrMLsEQ&google_tc= HTTP 302
https://tracking.m6r.eu/sync/adxSyncDone?google_ula=158217889,0

Request Chain 90

https://tracking.m6r.eu/sync/yieldlabRedirect HTTP 302
https://ad.yieldlab.net/m?dt_id=36356&ext_id=ac580abcb08f075bb94ae427acc2ec11

Request Chain 136

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1546268121&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.hz.de%2F&ul=en-us&de=UTF-8&dt=Aktuelle%20Nachrichten%20%7C%20Heidenheimer%20Zeitung&sd=24-bit&sr=1600x1200&vp=1588x1200&je=0&ec=Client%20ID&ea=Pageview&el=1523776194.1584033132&_u=aHhAAEAB~&jid=1264795226&gjid=1618554549&cid=1523776194.1584033132&tid=UA-143495151-1&_gid=2140099645.1584033133&_r=1&gtm=2wg340P5KNPVQ&cd1=1523776194.1584033132&cd2=k7p0fg3c.jgm5&cd3=2020-03-12T18%3A12%3A13.368%2B01%3A00&cd4=&cd5=anonymous&cd6=homepage&cd7=&cd8=Startseite&cd9=&cd10=2020-03-12&cm1=&z=594968666 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_gid=2140099645.1584033133&gjid=1618554549&_v=j81&z=594968666 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_v=j81&z=594968666 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_v=j81&z=594968666&slf_rd=1&random=3728728992

144 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hz.de/
Redirect Chain

http://heidenheim.com/
http://www.heidenheim.com/
http://www.hz-online.de/
https://hz.de/
https://www.hz.de/

254 KB
42 KB

509ms
452ms

Document
text/html

46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

af1afa379843538283c6ef285316b1c7521cc07afa5c9a3f0dc0d53f7f1d155f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.hz.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:10 GMT
server: Apache
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
set-cookie: PHPSESSID=301gi4uetd54os5c63cv58dvro; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,Origin
content-encoding: gzip
content-length: 42824
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000

Redirect headers

date: Thu, 12 Mar 2020 17:12:10 GMT
server: Apache
access-control-allow-methods: GET
location: https://www.hz.de/
content-length: 226
content-type: text/html; charset=iso-8859-1
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK roboto-v18-latin-700.woff
www.hz.de/fonts/ 19 KB
20 KB 82ms
28ms Font
application/font-woff 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/fonts/roboto-v18-latin-700.woff

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

468e579fe1210fa55525b1c470ed2d1958404512a2dd4fb972cac5ce0ff00b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 25 Apr 2019 05:15:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "4db0-58753e9314cb6"
vary: Origin
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: https://www.hz.de
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 19888

GET
H/1.1 200
OK roboto-v18-latin-regular.woff
www.hz.de/fonts/ 19 KB
20 KB 81ms
28ms Font
application/font-woff 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/fonts/roboto-v18-latin-regular.woff

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 25 Apr 2019 05:15:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "4d70-58753e9314cb6"
vary: Origin
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: https://www.hz.de
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 19824

GET
H/1.1 200
OK roboto-v18-latin-700.woff2
www.hz.de/fonts/ 15 KB
15 KB 97ms
41ms Font
application/octet-stream 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/fonts/roboto-v18-latin-700.woff2

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 25 Apr 2019 05:15:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3c4c-58753e9314cb6"
vary: Origin
access-control-allow-methods: GET
access-control-allow-origin: https://www.hz.de
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 15436

GET
H/1.1 200
OK roboto-v18-latin-regular.woff2
www.hz.de/fonts/ 15 KB
15 KB 98ms
42ms Font
application/octet-stream 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/fonts/roboto-v18-latin-regular.woff2

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 25 Apr 2019 05:15:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3bf0-58753e9314cb6"
vary: Origin
access-control-allow-methods: GET
access-control-allow-origin: https://www.hz.de
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 15344

GET
H/1.1 200
OK main.min.css
www.hz.de/css/ 192 KB
28 KB 62ms
38ms Stylesheet
text/css 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/css/main.min.css?ts=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

9266b9bab62e78a4bf542c0b74ae986a7f4af80b2334e916ded3df9b0ba73531

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
last-modified: Tue, 12 Nov 2019 08:07:30 GMT
server: Apache
etag: "2ff42-59721bd6296cf-gzip"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 27870

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 63 KB
21 KB 24ms
8ms Script
application/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 54b3f4116230d19374a88a2d81cfa57b10f08b8c8c4abe34adf42f522c993ceb

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:10 GMT
content-encoding: gzip
last-modified: Sat, 07 Mar 2020 17:47:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "aefba73a8f4d51:0"
vary: Accept-Encoding
x-cache: TCP_HIT
content-type: application/javascript
status: 200
cache-control: public,max-age=1200
x-azure-ref: 0a21qXgAAAADt673E1sqxQryoYwiCEw29RlJBRURHRTEwMDkAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
x-azure-ref-originshield: 05GxqXgAAAAA91o51upK6SpIdhcWZD73YQU1TRURHRTA0MjIAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
accept-ranges: bytes
content-length: 21261

GET
H/1.1 200
OK main.min.js Show response
www.hz.de/js/ 477 KB
99 KB 107ms
52ms Script
application/javascript 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/js/main.min.js?ts=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

4ca5cf47184c37a8c6d8096b58ae1d7c8e9be2b55438201357bcd6b1b1116a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
last-modified: Tue, 22 Oct 2019 10:44:41 GMT
server: Apache
etag: "7745a-5957d7cd3175f-gzip"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
transfer-encoding: chunked
strict-transport-security: max-age=15768000
accept-ranges: bytes

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 24 KB
9 KB 79ms
26ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js?m=1
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.12 0009
Resource Hash: d2b2911702d18aec01dd57b1888571319c00c048e05757f480753ecd6c2e33ff

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 17:12:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Mar 2020 17:12:11 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.12 0009
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Thu, 12 Mar 2020 19:12:11 GMT

GET
H2 200 omsv_container_151.js Show response
www.video.oms.eu/ada/cloud/ 10 KB
10 KB 67ms
21ms Script
application/javascript 143.204.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.video.oms.eu/ada/cloud/omsv_container_151.js
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-36.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed8e1501e2f8ee76a6348c39014e87a6cd8ebc106683f14b6c0e149c09c2761b

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 14:18:53 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified: Wed, 04 Dec 2019 10:00:55 GMT
server: AmazonS3
age: 10429
etag: "f54ce50aceb5247250eec4fef1eab18f"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10043
x-amz-cf-id: il1i32OimQCsD4N9WJ5epMJhbvweZBXIqze33GmXS36iYMUDLg5bfA==

GET
H2 200 5d1c69bee45a1d9a686cd066.js Show response
pp.lp4.io/app/5d/1c/69/ 56 KB
18 KB 78ms
26ms Script
application/javascript 176.9.67.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/app/5d/1c/69/5d1c69bee45a1d9a686cd066.js
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.67.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.67.9.176.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5194a83f3fd38dd04b2cfa10f71e4af113954e046ecd9536fea197fdf7a8b8a2

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 11:52:13 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "e0e3-59fddd16ccb24-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
accept-ranges: bytes
content-length: 17985
expires: Thu, 12 Mar 2020 17:42:11 GMT

GET
H/1.1 200
OK Logo_SWP_Small-b6bd2884454e7b94.svg
www.hz.de/imgs/20/4/2/2/8/5/5/1/2/ 2 KB
2 KB 29ms
29ms Image
image/svg+xml 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/20/4/2/2/8/5/5/1/2/Logo_SWP_Small-b6bd2884454e7b94.svg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

63ef1f93c2373f962fbbd45e007b08393f1a57ef28e2e6c9963540fecba194d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Fri, 26 Jul 2019 06:56:05 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "73b-58e90093d4b40"
vary: Origin
access-control-allow-methods: GET
content-type: image/svg+xml
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de>;rel="canonical"
content-length: 1851

GET
H/1.1 200
OK Logo_HeidenheimerZeitung.IRSWPPROD_M3DHB_1_-d19f19441f7609f2.svg
www.hz.de/imgs/20/4/2/2/8/5/5/1/2/ 17 KB
18 KB 28ms
28ms Image
image/svg+xml 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/20/4/2/2/8/5/5/1/2/Logo_HeidenheimerZeitung.IRSWPPROD_M3DHB_1_-d19f19441f7609f2.svg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

2ef89aa0325e9af6d7b61d78d86bc494d34f63a38f6c2a8dfeb9c635dc7b77b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 26 Dec 2019 21:40:34 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "44b8-59aa23a1e5880"
vary: Origin
access-control-allow-methods: GET
content-type: image/svg+xml
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de>;rel="canonical"
content-length: 17592

GET
H/1.1 200
OK w800_h450_x750_y500_ac0d158fb5df5e9d.jpeg
www.hz.de/imgs/21/6/3/1/6/6/0/4/2/tok_50ad46cec1a56180ab97832fe9632cd8/ 308 KB
308 KB 29ms
29ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/1/6/6/0/4/2/tok_50ad46cec1a56180ab97832fe9632cd8/w800_h450_x750_y500_ac0d158fb5df5e9d.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

c1c0a00b4354b137e69b2292ea908e44175654664fb34672dd38b3417779bd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Fri, 06 Mar 2020 22:42:22 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "4cf2d-5a0375de05a8a"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/1/6/6/0/4/2/ac0d158fb5df5e9d.jpeg>;rel="canonical"
content-length: 315181

GET
H/1.1 200
OK w800_h450_x750_y605_5c79455091c435a9.jpeg
www.hz.de/imgs/21/6/3/3/7/0/1/2/0/tok_6ad6d632b59248c88d82b0bf5193fa7e/ 212 KB
212 KB 28ms
28ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/3/7/0/1/2/0/tok_6ad6d632b59248c88d82b0bf5193fa7e/w800_h450_x750_y605_5c79455091c435a9.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

a4b0439d1257a7e2ecf3260ac3ae203d8c71bd1f0d7aee4b1af8aed087e0a4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Sun, 08 Mar 2020 15:52:47 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "34f8b-5a059e0c6193c"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/3/7/0/1/2/0/5c79455091c435a9.jpeg>;rel="canonical"
content-length: 216971

GET
H/1.1 200
OK w800_h450_x750_y500_6a7742fa4c764f91.jpeg
www.hz.de/imgs/21/6/3/3/8/5/3/2/8/tok_8e7fb4230a61cfa970c29d6069605b12/ 242 KB
242 KB 29ms
29ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/3/8/5/3/2/8/tok_8e7fb4230a61cfa970c29d6069605b12/w800_h450_x750_y500_6a7742fa4c764f91.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

a5d5ca451b9052d724a8be08d047ce0ccda4d216ec09b31f9ce0c8c13fbc39c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Sun, 08 Mar 2020 19:05:37 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3c765-5a05c927116f8"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/3/8/5/3/2/8/6a7742fa4c764f91.jpeg>;rel="canonical"
content-length: 247653

GET
H/1.1 200
OK w800_h450_x750_y500_9d5ab11cabcd79ad.jpeg
www.hz.de/imgs/21/6/3/3/8/4/7/9/8/tok_0fc404e23c8b361fc60f6e63eac0b42f/ 241 KB
242 KB 29ms
29ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/3/8/4/7/9/8/tok_0fc404e23c8b361fc60f6e63eac0b42f/w800_h450_x750_y500_9d5ab11cabcd79ad.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

2ca94ca98430e4f5db2855de27ab3ac49c34b91017637730678bd0c0111f4612

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Sun, 08 Mar 2020 19:36:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3c5e6-5a05d01b438c8"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/3/8/4/7/9/8/9d5ab11cabcd79ad.jpeg>;rel="canonical"
content-length: 247270

GET
H/1.1 200
OK w800_h450_x750_y525_88d1accf84865ad6.jpeg
www.hz.de/imgs/21/6/3/3/6/9/3/8/4/tok_c3052f7e5b722c114ce8e7592743d6a6/ 277 KB
278 KB 33ms
30ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/3/6/9/3/8/4/tok_c3052f7e5b722c114ce8e7592743d6a6/w800_h450_x750_y525_88d1accf84865ad6.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

7a4bba92b5bb60dd1355649ec56e2dbaac5ecb07d202a743574efa32ea9d8d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Sun, 08 Mar 2020 15:46:11 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "45489-5a059c92a4123"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/3/6/9/3/8/4/88d1accf84865ad6.jpeg>;rel="canonical"
content-length: 283785

GET
H/1.1 200
OK w800_h450_x2736_y1824_02317327_02316384-6536aab45e58669c.JPG
www.hz.de/imgs/21/6/3/2/9/5/8/7/4/tok_5132a408536f13f68e2dfeba48083f0b/ 104 KB
105 KB 32ms
29ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/2/9/5/8/7/4/tok_5132a408536f13f68e2dfeba48083f0b/w800_h450_x2736_y1824_02317327_02316384-6536aab45e58669c.JPG

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

ee3a56478867b2f1d92b2fc50518621573597e664e4dafca36623e9395a19ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Fri, 06 Mar 2020 18:09:57 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1a0a6-5a0338fa422ff"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/2/9/5/8/7/4/02317327_02316384-6536aab45e58669c.JPG>;rel="canonical"
content-length: 106662

GET
H/1.1 200
OK w800_h450_x750_y499_ce17aa68d06ad936.jpeg
www.hz.de/imgs/21/6/3/3/5/1/9/7/6/tok_f27d0a3d4ce23d72b597e25d67c827ae/ 183 KB
184 KB 33ms
30ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/3/5/1/9/7/6/tok_f27d0a3d4ce23d72b597e25d67c827ae/w800_h450_x750_y499_ce17aa68d06ad936.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

175e471b966568b574d92a96c16b520a96fc594e6a487c51d30207f368cc3c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Sat, 07 Mar 2020 14:30:38 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2dcc2-5a0449d25a9ed"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/3/5/1/9/7/6/ce17aa68d06ad936.jpeg>;rel="canonical"
content-length: 187586

GET
H/1.1 200
OK w800_h450_x750_y479_7c58b00a3dc32b6e.jpeg
www.hz.de/imgs/21/6/3/3/0/1/8/0/4/tok_40716d261eca0bbe0d67b16b05353421/ 212 KB
212 KB 38ms
34ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/3/0/1/8/0/4/tok_40716d261eca0bbe0d67b16b05353421/w800_h450_x750_y479_7c58b00a3dc32b6e.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

0e6c778872f118644fd5dffe8c2fd4898e5578afa57b2c323f5651a1c2bc2d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Fri, 06 Mar 2020 19:13:25 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "34fa9-5a034729b5e9e"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/3/0/1/8/0/4/7c58b00a3dc32b6e.jpeg>;rel="canonical"
content-length: 217001

GET
H/1.1 200
OK w800_h450_x755_y425_kulturtipps-4622d9cbf9a23aa1.png
www.hz.de/imgs/20/4/6/4/2/9/2/6/4/tok_5a1dee0f9a2d69e89daeca07b32009dd/ 143 KB
143 KB 30ms
29ms Image
image/png 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/20/4/6/4/2/9/2/6/4/tok_5a1dee0f9a2d69e89daeca07b32009dd/w800_h450_x755_y425_kulturtipps-4622d9cbf9a23aa1.png

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

afd5c94cf7ad2a5f98f9a47ffd3c223c3a3057d48f6412dec422fa0b3ab211c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Tue, 05 Nov 2019 09:25:57 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "23a7c-59696050edf3a"
vary: Origin
access-control-allow-methods: GET
content-type: image/png
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/20/4/6/4/2/9/2/6/4/kulturtipps-4622d9cbf9a23aa1.png>;rel="canonical"
content-length: 146044

GET
H/1.1 200
OK w800_h450_x869_y425_Unterm_Dach_Bild_online-b808c3847640aaf6.jpg
www.hz.de/imgs/20/4/6/4/2/9/2/6/4/tok_fa3acaf33eb29ad099e574b6b567568e/ 168 KB
169 KB 31ms
30ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/20/4/6/4/2/9/2/6/4/tok_fa3acaf33eb29ad099e574b6b567568e/w800_h450_x869_y425_Unterm_Dach_Bild_online-b808c3847640aaf6.jpg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

70ce2380be7b2d51cdeb71708d287476506d0a774d2ac164a30a7babf4ec0d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Wed, 28 Aug 2019 09:46:10 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2a049-5912a4247ef48"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/20/4/6/4/2/9/2/6/4/Unterm_Dach_Bild_online-b808c3847640aaf6.jpg>;rel="canonical"
content-length: 172105

GET
H/1.1 200
OK w460_h300_x230_y150_1180475949_3a8ca2f057-c47b01c0fbd67d03.png
www.hz.de/imgs/20/4/6/4/2/9/2/6/4/tok_75663fe989b6287af0f0e1a537749ffc/ 57 KB
58 KB 28ms
28ms Image
image/png 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/20/4/6/4/2/9/2/6/4/tok_75663fe989b6287af0f0e1a537749ffc/w460_h300_x230_y150_1180475949_3a8ca2f057-c47b01c0fbd67d03.png

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

6e4619f24281e10a9097f2c1229ed707dfb14746c0c2a5871ec809f9edfcc150

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Wed, 28 Aug 2019 09:46:10 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "e544-5912a4246a728"
vary: Origin
access-control-allow-methods: GET
content-type: image/png
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/20/4/6/4/2/9/2/6/4/1180475949_3a8ca2f057-c47b01c0fbd67d03.png>;rel="canonical"
content-length: 58692

GET
H/1.1 200
OK 4386e4db-635b-452b-8b81-25b1c6266c53.jpg
freude.hz.de/MEDIASERVER/content/LH168/obi_new/2019_12/ 216 KB
217 KB 175ms
54ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freude.hz.de/MEDIASERVER/content/LH168/obi_new/2019_12/4386e4db-635b-452b-8b81-25b1c6266c53.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6b6936f383b178aacd79fc9d2097312211fa08cd49da688e2fb743d42ffa7752

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "0c9db4a7ebfd51:0"
Last-Modified: Tue, 31 Dec 2019 02:02:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 221387

GET
H/1.1 200
OK 4d082ce3-bf14-40ed-96f0-5e65dc767065.jpg
freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/ 151 KB
152 KB 170ms
46ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/4d082ce3-bf14-40ed-96f0-5e65dc767065.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 91024fa7ff210fef97c73facd03401f0029b6c77508cf9492d56bf5ec6b0210d

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "0f6ca3912f8d51:0"
Last-Modified: Thu, 12 Mar 2020 02:02:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 155079

GET
H/1.1 200
OK 07d315cf-6353-454c-9ee2-d36735f9f10f.jpg
freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/ 87 KB
88 KB 186ms
60ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/07d315cf-6353-454c-9ee2-d36735f9f10f.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a690d6df12f2f046b37e32381f03316f509a7e21a1301810e3433c2dc642a763

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "0a1a6449f7d51:0"
Last-Modified: Wed, 11 Mar 2020 02:01:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 89423

GET
H/1.1 200
OK cfb444c9-77c5-40f6-9ecf-62e7b28700b8.jpg
freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/ 104 KB
104 KB 186ms
59ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/cfb444c9-77c5-40f6-9ecf-62e7b28700b8.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9d993b31bcdb8316b1338b5e49261d37020227bbf0732e784cc4c22d3ffe9514

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "07475349f7d51:0"
Last-Modified: Wed, 11 Mar 2020 02:01:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 106621

GET
H/1.1 200
OK 96bb0684-5552-4404-a27b-51b092ea55f7.jpg
freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/ 231 KB
231 KB 126ms
54ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freude.hz.de/MEDIASERVER/content/LH168/obi_new/2020_3/96bb0684-5552-4404-a27b-51b092ea55f7.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 022b12f4b6aed8014084405a3e4e3ddde595fc8e09bd9194a5ae9b2a386a8c05

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "80dddc249f7d51:0"
Last-Modified: Wed, 11 Mar 2020 02:01:43 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 236643

GET
H/1.1 200
OK e15d641e-38a4-44de-b8e1-7fcdb284d0d2.jpg
trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/ 34 KB
34 KB 134ms
39ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/e15d641e-38a4-44de-b8e1-7fcdb284d0d2.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 110662eba692faaec22bcdbf8468f8698e0a276e22bb71a50092e3dc976d0175

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "80595eb48f7d51:0"
Last-Modified: Wed, 11 Mar 2020 02:01:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 34710

GET
H/1.1 200
OK f9c1d816-ebca-4910-833d-a6cef8fa516c.jpg
trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/ 104 KB
104 KB 132ms
40ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/f9c1d816-ebca-4910-833d-a6cef8fa516c.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ea63d54a19b5502e1d4e7c1f3303ec4e257b900bddeaf97726448dd4a1b48597

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "0c36cea48f7d51:0"
Last-Modified: Wed, 11 Mar 2020 02:01:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 106273

GET
H/1.1 200
OK e74d0c9e-d4ba-499d-8301-499a81608bd3.jpg
trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/ 177 KB
178 KB 139ms
48ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/e74d0c9e-d4ba-499d-8301-499a81608bd3.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3ec691a2f8e078a3ebb499db16343a729eefbac8fefee4381a162c8e826e86a3

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "0a9a0bd7ff6d51:0"
Last-Modified: Tue, 10 Mar 2020 02:00:58 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 181697

GET
H/1.1 200
OK 55f04443-0c30-4b54-901e-1ab52e73a108.jpg
trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/ 36 KB
37 KB 134ms
46ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/55f04443-0c30-4b54-901e-1ab52e73a108.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1798ffaac2fe1c1a5d88a16e37a85f82d9c56ab81cc7f38b51e230ea51477dc9

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "0f09deb48f7d51:0"
Last-Modified: Wed, 11 Mar 2020 02:01:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 37181

GET
H/1.1 200
OK 23a3c300-2c74-4137-9165-ee23d400b803.jpg
trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/ 36 KB
37 KB 124ms
39ms Image
image/jpeg 46.16.74.252
PROFITBRICKS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trauer.hz.de/MEDIASERVER/content/LH167/obi_new/2020_3/23a3c300-2c74-4137-9165-ee23d400b803.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.16.74.252 , Germany, ASN51862 (PROFITBRICKS-AS, DE),
Reverse DNS: ip46-16-74-252.pbiaas.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cb6c83d2b912b39edee2c56af48c321dbcb9ae4c0b0e97655b96bc6151eccb4d

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:10 GMT
ETag: "033c07ff6d51:0"
Last-Modified: Tue, 10 Mar 2020 02:01:02 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 37274

GET
H/1.1 200
OK iframeResizer.min.js Show response
www.hz.de/js/ 13 KB
5 KB 29ms
29ms Script
application/javascript 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/js/iframeResizer.min.js?ts=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

6987f4159196a8eb8a34f2781e49a731978e0e08f70d5b259d87fef1d08df7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
last-modified: Tue, 24 Sep 2019 12:57:03 GMT
server: Apache
etag: "3398-5934c12ae2053-gzip"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 5204

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
35 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5KNPVQ

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a602a851ebefacd81450962e1ab8aa9a081900a2bc16506a94d51206ea5ee899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35260
x-xss-protection: 0
last-modified: Thu, 12 Mar 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Mar 2020 17:12:11 GMT

GET
H2

200

nuggad Show response
nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/oms.nuggad.net/
Redirect Chain

https://oms.nuggad.net/rc?nuggn=1615459509&nuggtg=homepage
https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/oms.nuggad.net/nuggad?nuggn=1615459509&nuggtg=homepage

2 KB
2 KB

42ms
26ms

Script
text/javascript

2600:9000:21f3:5000:1f:a1b:34c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/oms.nuggad.net/nuggad?nuggn=1615459509&nuggtg=homepage
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5000:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e929633ed51612855d1c03bf6fd3c4da2bc1c4a7528dcba91323b2169b37b1f0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: get, post, options
content-type: text/javascript
status: 200
cache-control: s-maxage=86400, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 1922
x-amz-cf-id: RPs4qUlEzrFSiOGRLbfozX-KU8yelSlAgj0Mp5PtiUIIp30F7lg0wA==

Redirect headers

date: Thu, 12 Mar 2020 17:12:11 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: FRA2-C2
location: https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/oms.nuggad.net/nuggad?nuggn=1615459509&nuggtg=homepage
access-control-allow-methods: get, post, options
status: 302
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 0
x-amz-cf-id: biEbl3Kb6u6_bdUw3hi439B9FarlP9TMC6HACyNhZ9dltbb1GfUnog==

GET
H2 200 adex.js Show response
dmp.theadex.com/d/285/5184/s/ 39 KB
14 KB 57ms
17ms Script
application/javascript 89.163.159.106
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.theadex.com/d/285/5184/s/adex.js
Requested by: Host: www.video.oms.eu
URL: https://www.video.oms.eu/ada/cloud/omsv_container_151.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.163.159.106 Cloppenburg, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5318e6f99439de8be22212f030c069a25e38feb81952f4fed93121eed1aef3b4

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 08:30:04 GMT
server: nginx
etag: W/"5e201f0c-9d13"
content-type: application/javascript
status: 200
cache-control: max-age=300
access-control-allow-credentials: true
expires: Thu, 12 Mar 2020 17:17:11 GMT

GET
H/1.1 200
OK map.js Show response
js.adscale.de/ 8 KB
3 KB 133ms
44ms Script
text/javascript 92.123.7.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/map.js
Requested by: Host: www.video.oms.eu
URL: https://www.video.oms.eu/ada/cloud/omsv_container_151.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.7.102 , France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-7-102.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cd35bc55a5ecd62262573cf9ccc375655037af31050180f4bf0cebbf029cb24b

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: qtZmWRBRr.Pa8PedETo_PyNfil3RjfiH
Content-Encoding: gzip
Last-Modified: Wed, 11 Mar 2020 22:16:27 GMT
Server: AmazonS3
x-amz-request-id: 98CBC0D12984F45A
ETag: "08f4f578807fb4ba2164e4880934b605"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=300
Date: Thu, 12 Mar 2020 17:12:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2644
x-amz-id-2: A8umtYKpmCqIhFAkGJ8oHrjtdS9rai3dt5VeNdU+kCMt2SXyACdE4QhuBZveeMD84iBp5wV/lKE=

GET
H2 200 default.js Show response
ups.xplosion.de/loader/69511/ 2 KB
2 KB 98ms
33ms Script
text/javascript 54.194.143.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/loader/69511/default.js
Requested by: Host: www.video.oms.eu
URL: https://www.video.oms.eu/ada/cloud/omsv_container_151.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.143.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-143-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c66d3c57676253019cfd4315afeead909efc06b27b54a85a6debce549fb1f53e

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Thu, 12 Mar 2020 17:12:11 GMT
cache-control: must-revalidate,no-cache,no-store
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"
content-length: 1711
content-type: text/javascript

GET
H2 200 learn
de-gmtdmp.mookie1.com/t/v2/ 43 B
581 B 53ms
20ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_343&src.rand=155159490128&src.id=OMS
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.238.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nuggad
ih.adscale.de/ 49 B
283 B 68ms
21ms Image
image/gif 52.58.42.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/nuggad?/nvars/d7=1&d10=2&d2=4&d4=0&d11=2&d8=1&d9=2&d12=5&d1=1&d3=1
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.42.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-42-46.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 12 Mar 2020 17:12:11 GMT
server: Apache-Coyote/1.1
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

GET
H/1.1

302
Moved Temporarily

dmp Show response
tracking.m6r.eu/sync/
Redirect Chain

https://tracking.m6r.eu/sync/dmp
https://tracking.m6r.eu/sync/dmp?checkcookies=true

0
-1 B

95ms
49ms

XHR
text/plain

23.37.53.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.m6r.eu/sync/dmp?checkcookies=true
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.21 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 17:12:11 GMT
Server: nginx
Location: https://tracking.m6r.eu/sync/dmp?checkcookies=true
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.hz.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 72

Redirect headers

Date: Thu, 12 Mar 2020 17:12:11 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.hz.de
Content-Type: text/plain; charset=utf-8
Location: https://tracking.m6r.eu/sync/dmp?checkcookies=true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 72

GET
H/1.1 200
OK loader.svg
www.hz.de/img/ 1 KB
2 KB 28ms
28ms Image
image/svg+xml 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/img/loader.svg

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

19dd2d1d0e822b0b122938a8425ed65769e3b2d243464b72745be9081f76745b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/css/main.min.css?ts=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Tue, 14 May 2019 11:58:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "5b7-588d7c02b1df1"
vary: Origin
access-control-allow-methods: GET
content-type: image/svg+xml
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 1463

GET
H/1.1 200
OK HZplus_Logo.png
www.hz.de/img/ 9 KB
9 KB 31ms
30ms Image
image/png 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/img/HZplus_Logo.png

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

03afd0d978603bf51d514848be61839ef6644e8498b30390136a1ab0a35313de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/css/main.min.css?ts=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Tue, 14 May 2019 11:58:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "22d7-588d7c02b1df1"
vary: Origin
access-control-allow-methods: GET
content-type: image/png
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 8919

POST
H2 204 p
pp.lp4.io/ 0
69 B 26ms
25ms Other
text/plain 176.9.67.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/p?i=5d1c69bee45a1d9a686cd066&r=&sr=&mt=Aktuelle%20Nachrichten&ma=-1&tg=-1&ctg=-1&mp=-1&mu=-1&mi=https%3A%2F%2Fwww.hz.de%2Fimg%2Fr12%2Fstatic%2Flogos%2Fhz_facebook.png&md=&or=-1&wc=-1&pw=&pwu=0&co=0&il=&hv=&sc=-1&p=https%3A%2F%2Fwww.hz.de%2F&c=desktop&t=homepage&s=%2F&_r=1584033131553:4.7.14:20200302-125151&_m=beacon
Requested by: Host: pp.lp4.io
URL: https://pp.lp4.io/app/5d/1c/69/5d1c69bee45a1d9a686cd066.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.67.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.67.9.176.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Thu, 12 Mar 2020 17:12:11 GMT
server: Apache/2.4.29 (Ubuntu)

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=swpresse&cp=hz_home&sv=ke&mc=&co=DESKTOP&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.hz.de&xy=1600x1200x24&lo=NL%2Fn.a.&cb=0009&i2=0009e2fb6a5ec99cd5e6a6d6b&ep=1606492484&...
https://de.ioam.de/tx.io?st=swpresse&cp=hz_home&sv=ke&mc=&co=DESKTOP&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.hz.de&xy=1600x1200x24&lo=NL%2Fn.a.&cb=0009&i2=0009e2fb6a5ec99cd5e6a6d6b&ep=1606492484&...

0
694 B

25ms
25ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=swpresse&cp=hz_home&sv=ke&mc=&co=DESKTOP&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.hz.de&xy=1600x1200x24&lo=NL%2Fn.a.&cb=0009&i2=0009e2fb6a5ec99cd5e6a6d6b&ep=1606492484&vr=416&id=sxnjyl&i3=0009e2fb6a5ec99cd5e6a6d6b%3A1611767531607%3A1584033131607%3A.hz.de%3A1%3Aswpresse%3Ahz_home%3Anoevent%3A1584033131607&n1=1&dntt=0&lt=1584033131608&ev=&cs=8sdunx&mo=1&sr=71
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 002a
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 17:12:11 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 002a
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Thu, 12 Mar 2020 17:12:11 GMT
X-Powered-By: BLACKBIRD-RCV v1.06.2 002a
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Thu, 12 Mar 2020 17:12:11 GMT
Server: nginx
Location: /tx.io?st=swpresse&cp=hz_home&sv=ke&mc=&co=DESKTOP&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.hz.de&xy=1600x1200x24&lo=NL%2Fn.a.&cb=0009&i2=0009e2fb6a5ec99cd5e6a6d6b&ep=1606492484&vr=416&id=sxnjyl&i3=0009e2fb6a5ec99cd5e6a6d6b%3A1611767531607%3A1584033131607%3A.hz.de%3A1%3Aswpresse%3Ahz_home%3Anoevent%3A1584033131607&n1=1&dntt=0&lt=1584033131608&ev=&cs=8sdunx&mo=1&sr=71
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Tue, 12 Mar 2019 17:12:11 GMT

GET
H/1.1 200
OK dmp Show response
tracking.m6r.eu/sync/ 97 B
619 B 58ms
57ms XHR
application/json 23.37.53.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.m6r.eu/sync/dmp?checkcookies=true
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.21 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1a42db53bcb1d8bc8854ae77000ff27911c8f14605adb8ed61fa9cd1650a0075

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 17:12:11 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.hz.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 107

GET
H/1.1 200
OK ajax_widget_controller_30892416.php Show response
www.hz.de/includes/ 2 KB
953 B 35ms
34ms XHR
text/html 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hz.de/includes/ajax_widget_controller_30892416.php?classname=IRElementWidgetBlaetterkatalog&containerid=32131548&token=028cc3232a11e3d32e603100004adc4ff1488ca6557f81ac8c&treenode_yumpu=35032&min_amount=1&max_amount=8

Requested by

Host: www.hz.de
URL: https://www.hz.de/js/main.min.js?ts=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

6bb9c6380bff0e0eef855841ca01d1ab907bcb81a5b3ce40485193a7a72f7f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.hz.de/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
server: Apache
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=15768000
content-length: 548
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/8ab9c37e-eee8-4a68-beab-50d923078660/ 161 KB
42 KB 104ms
103ms Script
application/x-javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/8ab9c37e-eee8-4a68-beab-50d923078660/cc.js?renew=false&referer=www.hz.de&dnt=false&forceshow=false&cbid=8ab9c37e-eee8-4a68-beab-50d923078660&whitelabel=false&brandid=Cookiebot&framework=
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: a207c8ed74ce232b0a823c5cebdf4fb5d24fdc4e1ed1dff3496750f5109e26de

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
last-modified: Thu, 12 Mar 2020 17:12:11 GMT
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=7200
x-azure-ref: 0a21qXgAAAACt/e3lcqL/RZ/WX9mxK7nURlJBRURHRTEwMDkAMzRmYzcyNzUtYmE5My00YmMzLWI3YTUtMjZmYWVhNTkwOTM1
access-control-allow-headers: cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, bustcache
content-length: 42540

GET
H2 200 hhs-18-19-web.jpg
img.yumpu.com/62797106/1/452x640/ 33 KB
31 KB 29ms
8ms Image
image/jpeg 2600:9000:21f3:c600:1d:c2dd:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.yumpu.com/62797106/1/452x640/hhs-18-19-web.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c600:1d:c2dd:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.2.34 (Amazon) / PHP/5.3.29
Resource Hash: 1aa7547423c038a8b5bd95e668d9ce0bb543935670252e39144f8cf8a6fa30b2

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 06:13:50 GMT
content-encoding: gzip
age: 2285901
x-powered-by: PHP/5.3.29
x-yumpu-re-server: 172.30.0.22
x-yumpu-re-rendering: 0.3624529838562
status: 200
x-cache: Hit from cloudfront
content-length: 31439
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
server: Apache/2.2.34 (Amazon)
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Yumpu-RE-Rendering, X-Yumpu-RE-PDFDownload, X-Yumpu-RE-Server, X-Yumpu-RE-Error
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
x-yumpu-re-pdfdownload: 0.03693413734436s
x-amz-cf-id: pMPB44wqMSLDZrzi26syO1z2Zc2__-KfBovQsp_dxwtVnNTh4V_4og==

GET
H2 200 2019-next-step.jpg
img.yumpu.com/62771256/1/452x640/ 90 KB
90 KB 34ms
14ms Image
image/jpeg 2600:9000:21f3:c600:1d:c2dd:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.yumpu.com/62771256/1/452x640/2019-next-step.jpg
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c600:1d:c2dd:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.2.34 (Amazon) / PHP/5.3.29
Resource Hash: 08c8a619f46423a7fd5e5ee19a459b7162c16d3291577c0c146304d5452a8fc0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Sep 2019 00:30:30 GMT
content-encoding: gzip
age: 15093700
x-powered-by: PHP/5.3.29
x-yumpu-re-server: 172.30.0.68
x-yumpu-re-rendering: 0.21628999710083
status: 200
x-cache: Hit from cloudfront
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
server: Apache/2.2.34 (Amazon)
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Yumpu-RE-Rendering, X-Yumpu-RE-PDFDownload, X-Yumpu-RE-Server, X-Yumpu-RE-Error
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
x-yumpu-re-pdfdownload: 0.087529897689819s
x-amz-cf-id: Qzy46aRadoHWKi73xiceBePDc5wrInXO2rOGP1OSpfa_kg4YCIAVeg==

GET
H2 200 metaTag.min.js Show response
cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/ 269 KB
60 KB 26ms
7ms Script
application/javascript 2a02:26f0:10:28e::5f76
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10:28e::5f76 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: KONICHIWA/1.0 /
Resource Hash: 8699503f89e118c9e827dca1338a849e65918d37040693d34ab02e8877f35c5f

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
x-amz-request-id: 7B2B3C6E981ABC41
status: 200
access-control-max-age: 86400
content-length: 61258
x-amz-id-2: mIcgnPDk1pzYGGmGlqRFwypCFZOsSCYAGRBMQZxF2QIT41MMJ//Lm0xYJpMaOmvAWvX4w7MvdJw=
last-modified: Thu, 12 Mar 2020 15:05:23 GMT
server: KONICHIWA/1.0
etag: "43d8275d1529bef2c173a2e8c94d47d8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=784
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5KNPVQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2320
date: Thu, 12 Mar 2020 16:33:31 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 12 Mar 2020 18:33:31 GMT

GET
H2 200 p.min.js Show response
cdn.emetriq.de/adp/profiling/0.2.25/ 5 KB
2 KB 27ms
6ms Script
application/javascript 2600:9000:2156:8c00:1c:8c89:a300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.emetriq.de/adp/profiling/0.2.25/p.min.js
Requested by: Host: ups.xplosion.de
URL: https://ups.xplosion.de/loader/69511/default.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:8c00:1c:8c89:a300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fda97ec20907646eef81309463a8f352dd07cb189eabb717c66fc1757c8c6f3f

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 07:46:10 GMT
content-encoding: gzip
last-modified: Fri, 21 Feb 2020 07:34:56 GMT
server: AmazonS3
age: 1761962
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 5FyQWcxtGpTx80dn9lJhhCWeIQOZ27ta
status: 200
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YRajC6scWJxkL35F7mLs6entzx5Ay0ElPwU1opmIyRDwIOVgX_bLJQ==
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ 888 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61d3e89b720ed75fb8f33c874df76cbcf4bc0a104f111d79e9fb9a86109efbd5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 964 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 collect
www.google-analytics.com/ 35 B
124 B 6ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=1546268121&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hz.de%2F&ul=en-us&de=UTF-8&dt=Aktuelle%20Nachrichten%20%7C%20Heidenheimer%20Zeitung&sd=24-bit&sr=1600x1200&vp=1588x1200&je=0&_u=YGBAgEAB~&jid=1775155887&gjid=2019299227&cid=1523776194.1584033132&tid=UA-143495151-1&_gid=1782552795.1584033132&gtm=2wg340P5KNPVQ&cd1=false&cd2=k7p0fevz.237&cd3=2020-03-12T18%3A12%3A11.807%2B01%3A00&cd4=&cd5=anonymous&cd6=homepage&cd7=&cd8=Startseite&cd9=&cd10=2020-03-12&cm1=&z=1043207662

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 11 Mar 2020 19:47:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77065
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&gjid=2019299227&_gid=1782552795.1584033132&_u=YGBAgEAB~&z=1410917258
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&_v=j81&z=1410917258
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&_v=j81&z=1410917258&slf_rd=1&random=2175906813

42 B
109 B

23ms
21ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&_v=j81&z=1410917258&slf_rd=1&random=2175906813

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1775155887&_v=j81&z=1410917258&slf_rd=1&random=2175906813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK w575_h323_x646_y479_da320de592b8c533.jpeg
www.hz.de/imgs/21/6/3/6/3/0/9/6/2/tok_cbc99a6ed0dd23e01e9f2ec8b8606b85/ 144 KB
144 KB 31ms
31ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/6/3/0/9/6/2/tok_cbc99a6ed0dd23e01e9f2ec8b8606b85/w575_h323_x646_y479_da320de592b8c533.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

71dbb739e4911ebaae6bbe1e250f5abf286d7db0d8888d250a33651135aa0745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 12 Mar 2020 17:01:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "23e97-5a0ab4f004d97"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/6/3/0/9/6/2/da320de592b8c533.jpeg>;rel="canonical"
content-length: 147095

GET
H/1.1 200
OK w400_h225_x750_y381_63f39531ce2442cf.jpeg
www.hz.de/imgs/21/6/3/6/3/1/5/5/8/tok_d1ee0db89f0803053bb4ec66f29d70da/ 32 KB
32 KB 29ms
29ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/6/3/1/5/5/8/tok_d1ee0db89f0803053bb4ec66f29d70da/w400_h225_x750_y381_63f39531ce2442cf.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

a0a652ec41996add13df8edca0cfa492fc02251d17ef7be544a70e530386b737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 12 Mar 2020 17:02:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "7ef9-5a0ab508bef3f"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/6/3/1/5/5/8/63f39531ce2442cf.jpeg>;rel="canonical"
content-length: 32505

GET
H/1.1 200
OK w400_h225_x769_y249_149a67ffd1675b49.jpeg
www.hz.de/imgs/21/6/3/5/3/7/9/5/4/tok_c1cbe575cf2d256791d886e065fc8fd9/ 112 KB
112 KB 30ms
29ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/5/3/7/9/5/4/tok_c1cbe575cf2d256791d886e065fc8fd9/w400_h225_x769_y249_149a67ffd1675b49.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

b9f8b13d2bc74cf78f279a42342df5fc27a7f668af5bf2632bcdaa79c3a591b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 12 Mar 2020 16:22:24 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1be67-5a0aac20e9db6"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/5/3/7/9/5/4/149a67ffd1675b49.jpeg>;rel="canonical"
content-length: 114279

GET
H/1.1 200
OK w400_h225_x842_y459_40d17a3bd06fdb71.jpeg
www.hz.de/imgs/21/6/3/5/3/7/3/7/6/tok_40fd24e387b6472e2ffb2ef84d1ed311/ 124 KB
124 KB 31ms
31ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/5/3/7/3/7/6/tok_40fd24e387b6472e2ffb2ef84d1ed311/w400_h225_x842_y459_40d17a3bd06fdb71.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

1c14fbf3a12da88db695dc76ac6f641603c51e31c1e418ed423e2e15ea6afb5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 12 Mar 2020 12:01:38 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1ee2d-5a0a71d7cdeae"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/5/3/7/3/7/6/40d17a3bd06fdb71.jpeg>;rel="canonical"
content-length: 126509

GET
H/1.1 200
OK w400_h225_x750_y500_3a02e2e611f8e215.jpeg
www.hz.de/imgs/21/6/3/5/6/6/1/2/6/tok_b8f70bb9bf33a24921f4de70ea0e2036/ 56 KB
56 KB 31ms
31ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/5/6/6/1/2/6/tok_b8f70bb9bf33a24921f4de70ea0e2036/w400_h225_x750_y500_3a02e2e611f8e215.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

f886e3e291b58abc659e29b4764adbd0d395a5d4528b69bf0f46f40a5abf5758

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 12 Mar 2020 01:02:28 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "ded7-5a09de81ecaf4"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/5/6/6/1/2/6/3a02e2e611f8e215.jpeg>;rel="canonical"
content-length: 57047

GET
H/1.1 200
OK w400_h225_x720_y524_a6500afc988dfdd2.jpeg
www.hz.de/imgs/21/6/3/5/5/0/2/7/4/tok_2298e2bb8fecb7672dce19c975d1d99f/ 59 KB
59 KB 35ms
34ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/5/5/0/2/7/4/tok_2298e2bb8fecb7672dce19c975d1d99f/w400_h225_x720_y524_a6500afc988dfdd2.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

10fcfa15532f86ff685c9ad8494008d1d7346d2db0edaf47c6143bd24c79ed2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 12 Mar 2020 13:07:45 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "eb67-5a0a809f1fc95"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/5/5/0/2/7/4/a6500afc988dfdd2.jpeg>;rel="canonical"
content-length: 60263

GET
H/1.1 200
OK w370_h518_x750_y500_f9b19009ecd91837.jpeg
www.hz.de/imgs/21/6/3/6/0/5/9/0/0/tok_6d9c1c99d60f24177f97c7da6c34d8c7/ 65 KB
65 KB 28ms
28ms Image
image/jpeg 46.245.182.43
MIVITEC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hz.de/imgs/21/6/3/6/0/5/9/0/0/tok_6d9c1c99d60f24177f97c7da6c34d8c7/w370_h518_x750_y500_f9b19009ecd91837.jpeg

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

46.245.182.43 , Germany, ASN41412 (MIVITEC-AS, DE),

Reverse DNS

46-245-182-43.static.mivitec.net

Software

Apache /

Resource Hash

89d1a0b65293feb61eea22bffa56cb8babe56999d28c6d8683a74974c643dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
last-modified: Thu, 12 Mar 2020 11:14:18 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "10421-5a0a6743a0602"
vary: Origin
access-control-allow-methods: GET
content-type: image/jpeg
strict-transport-security: max-age=15768000
accept-ranges: bytes
link: <https://www.hz.de/imgs/21/6/3/6/0/5/9/0/0/f9b19009ecd91837.jpeg>;rel="canonical"
content-length: 66593

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
14 KB 33ms
33ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

4c6181abb989ad36e39d03cdd0423f95c3903eb34f894783b9eb8e501fdbe26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "453 / 757 of 1000 / last-modified: 1584029937"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:11 GMT

GET
H/1.1 200
OK mtrcs_679600.js Show response
s400.mxcdn.net/bb-mx/serve/ 126 KB
49 KB 88ms
53ms Script
text/javascript 92.122.254.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s400.mxcdn.net/bb-mx/serve/mtrcs_679600.js
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.186 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b1719c56cbcf138e4ebd26dbe62e34b2f58760f0e77ec01eee6e18624c344926

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 17:12:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 49772
Expires: Thu, 12 Mar 2020 19:12:12 GMT

GET
H/1.1 200
OK dmp Show response
tracking.m6r.eu/sync/ 97 B
619 B 36ms
36ms XHR
application/json 23.37.53.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.m6r.eu/sync/dmp
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.21 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1a42db53bcb1d8bc8854ae77000ff27911c8f14605adb8ed61fa9cd1650a0075

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 17:12:11 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.hz.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 107

GET
H2

200

nuggad Show response
nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/si.nuggad.net/
Redirect Chain

https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1471574734&nuggtg=&nuggrid=https%3A%2F%2Fwww.hz.de%2F
https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1471574734&nuggtg=&nuggrid=https%3A%2F%2Fwww.hz.de%2F

2 KB
2 KB

45ms
44ms

Script
text/javascript

2600:9000:21f3:5000:1f:a1b:34c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1471574734&nuggtg=&nuggrid=https%3A%2F%2Fwww.hz.de%2F
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5000:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: b92aa30c986abe00da381bc243e3e99362a670551304ab8cfc253b936c98cc26

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: get, post, options
content-type: text/javascript
status: 200
cache-control: s-maxage=86400, max-age=0
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 2002
x-amz-cf-id: pGfzrdZaReBFJIvQv5jp1spYHGxI4riivUjhtHMGebmB_bfI-IzTMA==

Redirect headers

date: Thu, 12 Mar 2020 17:12:11 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: FRA2-C2
location: https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1471574734&nuggtg=&nuggrid=https%3A%2F%2Fwww.hz.de%2F
access-control-allow-methods: get, post, options
content-type: text/html
status: 302
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: accept
content-length: 161
x-amz-cf-id: zO0SzKvO-IVYXh-_WAgX8l7eh4J0wn5zCSwx6IsqDpm_ctSgjyO29Q==

GET
H/1.1 200
OK %2F4444%2Fdisp_tzk_oms_hz.de_sd%2Fhomepage%2Fbanner,%2F4444%2Fdisp_tzk_oms_hz.de_sd%2Fhomepage%2Frectangle,%2F4444%2Fdisp_tzk_oms_hz.de_sd%2Fhomepage%2Fsky Show response
s385.mxcdn.net/679600/ 934 B
1 KB 73ms
34ms XHR
application/json 92.122.254.186
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s385.mxcdn.net/679600/%2F4444%2Fdisp_tzk_oms_hz.de_sd%2Fhomepage%2Fbanner,%2F4444%2Fdisp_tzk_oms_hz.de_sd%2Fhomepage%2Frectangle,%2F4444%2Fdisp_tzk_oms_hz.de_sd%2Fhomepage%2Fsky
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.186 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-186.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 /
Resource Hash: 4d0a4a9dd2e813d04db9b60056bb7b71fb6846831c382d36c78bd4e912cfaafe

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx/1.10.3
Content-Type: application/json
Access-Control-Allow-Origin: https://www.hz.de
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Cache-Control: max-age=39655
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 934
Expires: Fri, 13 Mar 2020 04:13:07 GMT

GET
H2

200

map
ih.adscale.de/ Frame F933
Redirect Chain

https://ih.adscale.de/map?ssl=1&format=video
https://ih.adscale.de/map?ssl=1&format=video&nut&uu=de3228e5905847d39b6d210d9b9c8b7e

0
0

36ms
36ms

Document
text/html

52.58.42.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?ssl=1&format=video&nut&uu=de3228e5905847d39b6d210d9b9c8b7e
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/map.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.42.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-42-46.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

:method: GET
:authority: ih.adscale.de
:scheme: https
:path: /map?ssl=1&format=video&nut&uu=de3228e5905847d39b6d210d9b9c8b7e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.hz.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ng=2#3579586948#26400552#0#d7~1&d10~2&d2~4&d4~0&d11~2&d8~1&d9~2&d12~5&d1~1&d3~1; uu=de3228e5905847d39b6d210d9b9c8b7e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

status: 200
date: Thu, 12 Mar 2020 17:12:12 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2214
server: Apache-Coyote/1.1
set-cookie: tu=4#3776586298#101~~440009~440009~1#38~~440009~440009~1#72~~440009~440009~1#42~~440009~440009~1#75~~440009~440009~1#60~~440009~440009~1#108~~440009~440009~1#63~~440009~440009~1; Max-Age=2592000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None

Redirect headers

status: 302
date: Thu, 12 Mar 2020 17:12:12 GMT
content-length: 0
location: https://ih.adscale.de/map?ssl=1&format=video&nut&uu=de3228e5905847d39b6d210d9b9c8b7e
server: Apache-Coyote/1.1
set-cookie: uu=de3228e5905847d39b6d210d9b9c8b7e; Domain=.adscale.de; Expires=Wed, 10-Mar-2021 09:38:52 GMT; Path=/

GET
H2 200 data Show response
ups.xplosion.de/ 3 KB
2 KB 41ms
40ms Script
text/javascript 54.194.143.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/data?title=Aktuelle%20Nachrichten%20%7C%20Heidenheimer%20Zeitung&hostSiteUrl=https%3A%2F%2Fwww.hz.de%2F&userAgent=5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&userLang=en-US&color=24&os=Linux%20x86_64&timezone=-1&screen=1200x1600&event_id=page_view&_sid=69511&_ver=0.2.25&_seg=jsonp&_=941655185561
Requested by: Host: cdn.emetriq.de
URL: https://cdn.emetriq.de/adp/profiling/0.2.25/p.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.143.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-143-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 00e55928cc2411c7cd9b0bf3995a8d03c14b72d554e2243ea9cd2a2123c03fb4

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
access-control-allow-origin: *
vary: accept-encoding
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"
status: 200
cache-control: must-revalidate,no-cache,no-store
content-type: text/javascript

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.hz.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 122 B
186 B 16ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hz.de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4581046df9299cb9884126d0949d13b42011265cc72005bdab67998a53bb2a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 119
x-xss-protection: 0

GET
H2 200 pubads_impl_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 165 KB
60 KB 27ms
27ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61481
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H/1.1 200
OK adrtxtag.min.js Show response
cdn.adrtx.net/ 840 B
849 B 137ms
40ms Script
application/javascript 54.154.128.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adrtx.net/adrtxtag.min.js
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.128.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-128-203.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: 760e4b5d62fd40555e5378e6216c0d4bec64c26bd39d3418b59e14c46ad0aa08

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 11 Mar 2020 06:26:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Mar 2020 06:26:18 GMT
Server: akka-http/10.1.11
ETag: "8fda08a34733677008755479a59fa669"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=86400, must-revalidate
Connection: keep-alive
Content-Length: 509

GET
H/1.1 200
OK submit
lb82.s400.meetrics.net/bb-mx/ 43 B
291 B 108ms
25ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/bb-mx/submit?/WhnhBRAAAxwhFo0F0wFz6BvvA33F3uBo6FukElvBfpyF+k2FoywAx5AtxAxtAy1AtxAx6Aw4At2A35A2wAwtAyuAxxA1uAytAkzB0zAlkFimFL2wFBLl1FC/2xFZCylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgBjzFzfF3lFirFp0FgjEw1FfxB2gAyhFtfF4BEOprFw6lCOqwFw6lClqwF23A52AwwALkmFBTkzFsFAAAAAAAZwS07EPAAAAAAAAAOAAAAGBAAAAAAZwS07EBRksFAQtjF8gatSA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Thu, 12 Mar 2020 17:12:11 GMT

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 110ms
26ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhCRAAATkzFARksFAQtjFEwJNSA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:11 GMT

GET
H2 200 nuggad
ih.adscale.de/ 49 B
282 B 33ms
33ms Image
image/gif 52.58.42.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/nuggad?/nvars/d7=2&d10=3&d2=4&d4=0&d11=1&d8=1&d9=2&d12=3&d1=1&d3=1
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.42.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-42-46.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 12 Mar 2020 17:12:12 GMT
server: Apache-Coyote/1.1
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

GET
H/1.1 200
OK api Show response
cdn.m6r.eu/sync/ 1 KB
1 KB 182ms
45ms Script
application/javascript 92.123.7.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.m6r.eu/sync/api
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.7.102 , France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-7-102.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 12eab7ed9516d8d3da05af9f6af5f31f280da236929d76b0a135cf7cce47ea82

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 17:12:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Mar 2020 19:36:54 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: max-age=86400
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 654
Expires: Fri, 13 Mar 2020 17:12:12 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
11 KB 397ms
397ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3159896489540458&correlator=1420892131385338&output=ldjh&impl=fifs&adsid=NT&jar=2020-03-12-17&eid=21065399%2C21062414%2C21062832%2C21065392&vrg=2020030501&us_privacy=1YYY&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200312&iu_parts=4444%2Cdisp_tzk_oms_hz.de_sd%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=20x10%7C30x10%7C40x10%7C80x10%7C848x90%7C968x90%7C770x250%7C800x250%7C970x250%7C728x90%7C728x180%7C31x31%2C800x250%7C955x90%7C970x250%2C10x20%7C10x10%7C300x250%7C34x31%2C300x600%7C301x600%7C301x601%2C301x250%2C302x250%2C10x40%7C10x30%7C10x20%7C500x600%7C120x600%7C160x600%7C200x600%7C300x600%7C770x200%7C33x31&prev_scp=as%3Dbanner%26adslot%3Dbanner%26af%3Dds%2Cbri%2Cf2x1%2Cf3x1%2Cf4x1%2Cf8x1%2Cwp%2Cfirepl%2Cbb%2Cleadb%2Cdleadb%2Cvidwa%2Cbrabo%2Cfufrad%2Cvto%26pc%3D1%7Cas%3Dlocal%26adslot%3Dlocal_billboard%26pc%3D1%7Cas%3Drectangle%26adslot%3Drectangle%26pc%3D1%26af%3Df1x2%2Cf1x1%2Cmrec%7Cas%3Dhpa%26adslot%3Dhpa%26pc%3D1%26af%3Dhpad%7Cas%3Dlocal%26adslot%3Dlocal_rectangle3%26pc%3D1%7Cas%3Dlocal%26adslot%3Dlocal_rectangle4%26pc%3D1%7Cas%3Dsky%26adslot%3Dsky%26af%3Dfirepl%2Cwp%2Cvidwa%2Cbri%2Cf1x4%2Cf1x3%2Cf1x2%2Cds%2Cdds%2Csky%2Chpad%2Cband%26rfree%3D200-299%26pc%3D1%26mtrcskv%3D50-1_75%2C60-1_100%2C65-1_75%2C70-1_75&cust_params=tagm%3Dmt%26browserapp%3Dchrome%26viewportWidth%3D1581-1680%26viewportHeight%3D1153-1200%26tagtype%3Dsra%26yt%3D0%26adset%3Dbrsl%26region%3Dueberregional%26flags%3Dmodularslots%252Cmodularslots%252Cmodularslots%26mbrid%3Dac580abcb08f075bb94ae427acc2ec11%26mbrseg%3Dff6482ed%252Cb3838f1f%252C78315b65%26nuggad%3Dn127-1%252Cn31-1%252Cn121-2%252Cn116-0%252Cn104-0%252Cn15-3%252Cn155-0%252Cn135-6%252Cn25-1%252Cn106-0%252Cn153-0%252Cn11-2%252Cn120-3%252Cn53-1%252Cn154-0%252Cn13-2%252Cn125-0%252Cn8-3%252Cn2-4%252Cn137-0%252Cn101-0%252Cn108-0%252Cn54-0%252Cn110-1%252Cn87-1%252Cn149-0%252Cn76-1%252Cn66-0%252Cn60-1%252Cn139-0%252Cn160-0%252Cn28-1%252Cn107-0%252Cn21-1%252Cn40-1%252Cn117-3%252Cn86-1%252Cn147-4%252Cn64-0%252Cn36-1%252Cn49-1%252Cn119-5%252Cn22-1%252Cn18-1%252Cn161-0%252Cn126-0%252Cn92-3%252Cn62-1%252Cn57-1%252Cn77-0%252Cn83-1%252Cn34-2%252Cn102-0%252Cn105-0%252Cn159-0%252Cn20-1%252Cn80-1%252Cn12-0%252Cn141-0%252Cn157-0%252Cn99-1%252Cn128-1%252Cn73-1%252Cn118-7%252Cn85-0%252Cn9-1%252Cn23-1%252Cn6-1%252Cn63-0%252Cn58-1%252Cn138-0%252Cn140-0%252Cn94-2%252Cn111-0%252Cn136-0%252Cn16-1%252Cn79-0%252Cn93-4%252Cn90-0%252Cn55-1%252Cn142-0%252Cn7-2%252Cn103-1%252Cn158-0%252Cn124-0%252Cn75-1%252Cn61-2%252Cn91-0%252Cn46-1%252Cn114-0%252Cn69-0%252Cn47-1%252Cn65-2%252Cn10-3%252Cn3-1%252Cn50-1%252Cn82-1%252Cn33-1%252Cn59-1%252Cn84-1%252Cn5-1%252Cn48-1%252Cn109-1%252Cn122-2%252Cn32-2%252Cn67-2%252Cn115-0%252Cn89-2%252Cn123-2%252Cn78-0%252Cn41-1%252Cn81-1%252Cn88-0%252Cn156-1%252Cn148-0%252Cn133-1%26keywords%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1584033132&dt=1584033132182&dlt=1584033131243&idt=920&frm=20&biw=1588&bih=1200&oid=3&adxs=704%2C314%2C709%2C161%2C564%2C563%2C1334&adys=0%2C1131%2C1851%2C2241%2C6206%2C7846%2C24&adks=3238048636%2C167355162%2C1445490649%2C1433498834%2C1142147501%2C1884256230%2C378769205&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hz.de%2F&dssz=37&icsg=51539640995&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=20x10%7C830x250%7C40x20%7C330x600%7C331x250%7C332x250%7C10x40&msz=20x10%7C800x250%7C10x20%7C300x600%7C301x250%7C302x250%7C10x40&ga_vid=1523776194.1584033132&ga_sid=1584033132&ga_hid=1546268121&fws=0%2C4%2C4%2C4%2C4%2C4%2C0&ohw=0%2C1240%2C1240%2C1240%2C1240%2C1240%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

db78bca678e30b488ed36bc43b9817e3fa5071638cdc1bbec7b9e356eec450e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11197
x-xss-protection: 0
google-lineitem-id: 5304144865,-2,5322941216,-2,1560193015,5271209221,5271838692
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303496376,-2,138306063814,-2,103472241775,138300395664,138291613628
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hz.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ 69 KB
25 KB 28ms
27ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25689
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H/1.1 200
OK activation
adstax-match.adrtx.net/ Frame 1669 0
0 139ms
37ms Document
text/html 34.252.24.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adstax-match.adrtx.net/activation?receiverId=adaud
Requested by: Host: cdn.adrtx.net
URL: https://cdn.adrtx.net/adrtxtag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.24.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-24-237.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash

Request headers

Host: adstax-match.adrtx.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.hz.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Thu, 12 Mar 2020 17:12:12 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: akka-http/10.1.11
X-Error-Reason: Missing UserId
Content-Length: 39
Connection: keep-alive

GET
H/1.1 200
OK container Show response
tracking.m6r.eu/pixel/ 3 KB
2 KB 40ms
39ms Script
text/javascript 23.37.53.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.m6r.eu/pixel/container?pixelId=eaa843f7-840a-4a36-8fdd-3b79df0d4fa0&n127=1&n31=1&n121=2&n116=0&n104=0&n15=3&n155=0&n135=6&n25=1&n106=0&n153=0&n11=2&n120=3&n53=1&n154=0&n13=2&n125=0&n8=3&n2=4&n137=0&n101=0&n108=0&n54=0&n110=1&n87=1&n149=0&n76=1&n66=0&n60=1&n139=0&n160=0&n28=1&n107=0&n21=1&n40=1&n117=3&n86=1&n147=4&n64=0&n36=1&n49=1&n119=5&n22=1&n18=1&n161=0&n126=0&n92=3&n62=1&n57=1&n77=0&n83=1&n34=2&n102=0&n105=0&n159=0&n20=1&n80=1&n12=0&n141=0&n157=0&n99=1&n128=1&n73=1&n118=7&n85=0&n9=1&n23=1&n6=1&n63=0&n58=1&n138=0&n140=0&n94=2&n111=0&n136=0&n16=1&n79=0&n93=4&n90=0&n55=1&n142=0&n7=2&n103=1&n158=0&n124=0&n75=1&n61=2&n91=0&n46=1&n114=0&n69=0&n47=1&n65=2&n10=3&n3=1&n50=1&n82=1&n33=1&n59=1&n84=1&n5=1&n48=1&n109=1&n122=2&n32=2&n67=2&n115=0&n89=2&n123=2&n78=0&n41=1&n81=1&n88=0&n156=1&n148=0&n133=1
Requested by: Host: cdn.m6r.eu
URL: https://cdn.m6r.eu/sync/api
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.21 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 914888442ee5303f30488757e06e42ba91a81f034aa65f4ddcc70a0cbb9f50de

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 17:12:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 1514

GET
H/1.1

200
OK

adscaleSyncDone
tracking.m6r.eu/sync/
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=ac580abcb08f075bb94ae427acc2ec11&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dac580abcb08f075bb94ae427acc2ec11%2...
https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=ac580abcb08f075bb94ae427acc2ec11&userId=adscale-user:de3228e5905847d39b6d210d9b9c8b7e

44 B
574 B

50ms
33ms

Image
image/gif

23.37.53.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=ac580abcb08f075bb94ae427acc2ec11&userId=adscale-user:de3228e5905847d39b6d210d9b9c8b7e
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.21 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 17:12:12 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 44
Content-Type: image/gif

Redirect headers

status: 307
date: Thu, 12 Mar 2020 17:12:12 GMT
server: Apache-Coyote/1.1
content-length: 0
location: https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=ac580abcb08f075bb94ae427acc2ec11&userId=adscale-user:de3228e5905847d39b6d210d9b9c8b7e
p3p: CP=NOI PSA OUR

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://tracking.m6r.eu/sync/appnexusRedirect
https://ib.adnxs.com/setuid?entity=197&code=ac580abcb08f075bb94ae427acc2ec11

0
590 B

56ms
27ms

Image
text/html

185.33.223.80
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=197&code=ac580abcb08f075bb94ae427acc2ec11

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:14 GMT
AN-X-Request-Uuid: 53fe1913-7077-4403-94bf-a24ab5f7b405
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 85.159.237.65; 85.159.237.65; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.164:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Location: https://ib.adnxs.com/setuid?entity=197&code=ac580abcb08f075bb94ae427acc2ec11
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Connection: keep-alive
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 98
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

adxSyncDone
tracking.m6r.eu/sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=rFgKvLCPB1u5SuQnrMLsEQ
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=rFgKvLCPB1u5SuQnrMLsEQ&google_tc=
https://tracking.m6r.eu/sync/adxSyncDone?google_ula=158217889,0

44 B
569 B

35ms
34ms

Image
image/gif

23.37.53.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.m6r.eu/sync/adxSyncDone?google_ula=158217889,0
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.21 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 12 Mar 2020 17:12:12 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 44
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:12 GMT
server: HTTP server (unknown)
location: https://tracking.m6r.eu/sync/adxSyncDone?google_ula=158217889,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/
Redirect Chain

https://tracking.m6r.eu/sync/yieldlabRedirect
https://ad.yieldlab.net/m?dt_id=36356&ext_id=ac580abcb08f075bb94ae427acc2ec11

0
360 B

159ms
66ms

Image
text/plain

92.123.31.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=36356&ext_id=ac580abcb08f075bb94ae427acc2ec11

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.123.31.39 , France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-31-39.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 11 Mar 2020 17:12:12 GMT

Redirect headers

Location: https://ad.yieldlab.net/m?dt_id=36356&ext_id=ac580abcb08f075bb94ae427acc2ec11
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Connection: keep-alive
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 99
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK pixel
tracking.m6r.eu/consent/ 44 B
209 B 32ms
31ms Image
image/gif 23.37.53.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.m6r.eu/consent/pixel?nocookie=true&nosync=true&consent=true
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.21 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 12 Mar 2020 17:12:12 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F57B 0
0 31ms
30ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9AK-s5IQsQKdfZoYa8pe_mprbWjh_yAOPmi8Szo2bEqWASOUCbphcylbbnAmZcSgjnJKqzTAfYAmW6V2U239602XsEpdVd6eqTu2tkMSNU7_WpyTHTg69XFtIJBDqXoQ-AfpJ6SHhK4oyhl-n1_HXrKt34SFWySiBmeJ8407CEaRctHMz_LdfjS-SL-isqeZ5rXBDtwrRj2BZOAOtWdIJyi_5V6gRaanzSlyRXoCPm5SPxE1yoCHLgeiKs2zicS5apCsjOzb_ErgelYDe4JBm&sai=AMfl-YS8tx5L25WYFgXVU3ehCLYrwXMIxttCI7NUeP0Rqa5ddPRcaxzFX_TwQg_Q7pexR7-EH7C9zrsEVPBstPukR0OVlwJBTLZFopQn3-2hrQ&sig=Cg0ArKJSzBgFjuxCaQTKEAE&adurl=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200305/r20110914/client/ Frame F57B 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200305/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0a556e0975784e00d56bb4b5ccea4ca10e03f6bc1ff88ad56e903c937689db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 19:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1050
x-xss-protection: 0
server: cafe
etag: 8346891053275810791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Mar 2020 19:19:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F57B 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2176460e4f99c473eeb1eae76a52f66f9b0d06254f003e4b96b39f6e9e78ae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583960025657856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28084
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 10912222811304232642
tpc.googlesyndication.com/simgad/ Frame F57B 68 KB
69 KB 7ms
7ms Image
image/gif 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10912222811304232642

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7aa2ce1fffbd060d8a2c321a9336d7978c3d002f919284662abff465fd0654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 23:03:39 GMT
x-content-type-options: nosniff
age: 65313
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 70124
x-xss-protection: 0
last-modified: Wed, 18 Dec 2019 10:48:03 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Mar 2021 23:03:39 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9876c8c8bbe2d52581e1a42d5b440e4f776769a90f24f1d8d847a2d09b0609bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583960025657856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27560
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 307B 0
0 31ms
30ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse2MeOlvSaiHbKHcJtlfBf5TYdgf72ia8Giz2hYf56ZzNEyUsxUIbnH_G9nO5PB9c2g9NGp2PGHQbSMDwjwLPpm4nZocPxXt1-oqMFWomW8MaZP8VfxwjEDp4d4LJ88h9bDY8mzgH6jCPYUNw2RWD0tqQHjPdkvXIuQtq0NxCEG_S1HWcMZsJZVpXW6z2h65GnMHJuHCo1cuhW9cHeflE6k46OVM1-ogQsQDTT2ROvHvBY4IgQqRabGXnN3LatlPgLXn1imz8EGzIboWqCKM0&sai=AMfl-YQDwRBCl5r2JnvQGu8-hMLBlx6Wqyg7cAT5OixU91XbxH9KzWTzwrQ5_2edWOfn7Vo9i5PLsQM4LMrezGVGFWp4TbO3pQBfPCRAq9Rhqw&sig=Cg0ArKJSzDzAkUrR5rGoEAE&urlfix=1&adurl=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H/1.1 200
OK adframe.php
a.twiago.com/ Frame A25E 0
0 140ms
52ms Document
text/html 85.215.5.31
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://a.twiago.com/adframe.php?pid=4990&ord=1527724277

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.5.31 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: a.twiago.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.hz.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
server: Apache
last-modified: Thu, 12 Mar 2020 17:12:12 GMT
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
set-cookie: deuxesse_uxid=9fa1260dd37fffe63c68e17ed73a6d07e98363ef3a7816078fb5c21fdcde2bf0; Expires=Sat, 11-Apr-2020 17:12:12 GMT; Domain=.twiago.com; Path=/; SameSite=None; Secure
content-length: 2673
content-type: text/html; charset=ISO-8859-1
connection: close

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 307B 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2176460e4f99c473eeb1eae76a52f66f9b0d06254f003e4b96b39f6e9e78ae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583960025657856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28084
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5E2 0
0 30ms
30ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFnWp_oTC7ylnmnGG29TpeJzfbkNKPjvmlvmrQK2Ex8jTotfr3-_yVe6leVQGuRkzPQM6nBxk0fd5tZF3a2QsbukupLNDQXGsLRFV04CZp-ZMBzkdTM_Jsuuxyioj0Nn70TkrYJEaFNVKjkV5h-1HpBXAQlDQb0vV2ndtoyCQ6qUyzPgn7FK3g0s2Q5V2KhwbKmroHN_Nfd6EocE2KW3iG61f1CEfQUYbbC-VoGLczjljUdKPIPcNtp0gXE3YLwEr9ZByrPGWE5IZwZ2I&sai=AMfl-YR9NoKv0vH9x5lxIHHWCvocRdiEbhQPvLDelendlePF5q-QnJTmjrywA3xl30jAYQ-xPWMH3Z_8jy6bm-qzvpgpUlt2Qirc-49PHhzZFA&sig=Cg0ArKJSzOasR-zQ4tSIEAE&urlfix=1&adurl=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B5E2 80 KB
29 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551ded00391faf0aaf177f61ba38c63fce32bb4136460182831bdb95b33685f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29894
x-xss-protection: 0
server: cafe
etag: 15057879887190375924
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5E2 73 KB
28 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2176460e4f99c473eeb1eae76a52f66f9b0d06254f003e4b96b39f6e9e78ae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583960025657856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28084
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03C9 0
0 32ms
30ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur2UOb8ZJteBa_BjbuC9Rx2EJ_J_6BoRlJltwNvU9WEEIBtQ-UPfugi4FROFH2a9GvtqiEUh5UMlZNeMrXCfG4_wHv1I_JM46w4rIb4jX6K_Qamn44XBQuq0rJSophlCmeIKnU7o_UM40gR2IamPZ1Qfjz7JF74csZQey5oDZmZAD3Cx6emu-1guYpGDy4QDnQkQS-zx8ABG4kVMZkhA37mXx-Q-t8lI3-ZHZ95lRQ83MvMoQCf2YLnp4xLtLxfF8sSDFWIRj9ys9YtN6kvjaQ&sai=AMfl-YSmLdcpxqyO6zJd7X4kiVaD91IxCJytjTKGWe05EIcT8XjhTrooLZitOvHx4pxKR7ERorYNAqSygX3OmkQVnF3JLhUSZK8hm4NkXMDSOA&sig=Cg0ArKJSzMowUv1uzGISEAE&adurl=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200305/r20110914/client/ Frame 03C9 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200305/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0a556e0975784e00d56bb4b5ccea4ca10e03f6bc1ff88ad56e903c937689db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 19:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1050
x-xss-protection: 0
server: cafe
etag: 8346891053275810791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Mar 2020 19:19:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03C9 73 KB
28 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2176460e4f99c473eeb1eae76a52f66f9b0d06254f003e4b96b39f6e9e78ae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583960025657856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28084
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 9807940824268709645
tpc.googlesyndication.com/simgad/ Frame 03C9 27 KB
27 KB 11ms
9ms Image
image/gif 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9807940824268709645

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6b814001d1b126fbbfb1ba7a19fee135c2c23d9fb2f835259068dd74789b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 02 Mar 2020 13:14:48 GMT
x-content-type-options: nosniff
age: 878244
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27992
x-xss-protection: 0
last-modified: Wed, 15 Jan 2020 09:12:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Mar 2021 13:14:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 71AF 0
0 31ms
30ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR4XzrqTWNrnro1w9htDwC4FkvrcxG6o-gUAwAeZ6LBzNn647g8IJpAH2DqpxK_QctqQw2rXRhFTzBQNxRvCnLK0rMwxprAV8nFRnBD--6_29JVzunzQF7dNHCCV7enUQjhbVPNbe5NZUFY32dgm83ymmAXQeoBkqiHDdqsw614sjLSfO0JD3in4JniHnJ-6VBC0R8XEdqwy6TI0s8-fDWP3cRQmcu5AviFApSjnRjMaaYSKRVtZwMuE6teZwcFHv65ijjtYhQKfV2liIb8OKS&sai=AMfl-YQptP8Iih6s7L9E03zu8G3bR-YFPok9BzIEj_fHEGU3K2KpWjiupixELrPXIQtuo1OY6P4jdYpIPviPlzC-GqG505_Ui5sOWYXFM9i-zQ&sig=Cg0ArKJSzEsd-XvvHPC0EAE&adurl=

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200305/r20110914/client/ Frame 71AF 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200305/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0a556e0975784e00d56bb4b5ccea4ca10e03f6bc1ff88ad56e903c937689db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 05 Mar 2020 19:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1050
x-xss-protection: 0
server: cafe
etag: 8346891053275810791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Mar 2020 19:19:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71AF 73 KB
28 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2176460e4f99c473eeb1eae76a52f66f9b0d06254f003e4b96b39f6e9e78ae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583960025657856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28084
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 13517285855198693578
tpc.googlesyndication.com/simgad/ Frame 71AF 14 KB
14 KB 8ms
8ms Image
image/gif 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13517285855198693578

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1339b63145aa574871257e4761f5053652aa924ea734ba825a5c2ab100dbc5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 11 Mar 2020 23:03:39 GMT
x-content-type-options: nosniff
age: 65313
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14582
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 15:02:24 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Mar 2021 23:03:39 GMT

GET
DATA 200
OK truncated
/ Frame F57B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 208df81c70292a58b40287d90a2a3e55f9ce276061dfd91e6254a7ae935662f3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 307B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37a96a47c421d79779f4f2866e394f1f508bc746054d9b24780f6d2262b05ab7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B5E2 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hz.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B5E2 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hz.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/ Frame B5E2 222 KB
83 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a94735f3a0e915a85bd8e216702c3146e1ffd2f6395276c8e5baee1249baaf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84919
x-xss-protection: 0
server: cafe
etag: 4312303881591303584
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200305/r20190131/ Frame 47E7 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200305/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200305/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.hz.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 06 Mar 2020 00:52:06 GMT
expires: Fri, 20 Mar 2020 00:52:06 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 577206
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame B5E2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c263cbe7f4efe0f63946ba1bf9072fe9bdd93fec23c4f3c73245e9bf937b79

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 03C9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bbf70a860aae0f37a4a708e3de8b10f17b007af2e95ed7700d09d5941feccdc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 29ms
28ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhDsKAAKktFLkqFFlqwF23A52AwwA/k0FTEmvFytFh0FjvFklF9TE1wFlyFChFuuFlyFmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91AzwA0xA00A42A1mAjpFk9BxzA4zAwzA05A2zA32AmzEp6Fl9B3yA44E5wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9iEhuFulFymBhwFj9B1zAw0Ax0A04A21AmhEwkF91AzwA0xA00A42A1mAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGiFhuFulFymBhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA3wA4BELlnFBUkzFnBPiJAAAAAAABYP7APBAAFAAYP7TYeNAPAAAeFAAAABYeNAZBAAOA55A55A85B55A58E55A55AGAy0Ay2A04ArYeNAPBBAeFAAAAHYeNASksFkFjAAAAAAAAAAAAEAAAYP7AAAAAAAHAklFzrF0vFwBFIAovFtlFwhFnlFVAkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkBFGA3yA44E5wAMAxzA4zAwzA05A2zA32AGAkpFylFj0FAAAAKA03A3zAw0Az0Aw0AKA1zAw0Ax0A04A21AGAihFuuFlyFKA1zAw0Ax0A04A21AKA1zAw0Ax0A04A21AzAlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGiFhuFulFyBFdeFAAAAYLAaBAFAAAYeNAAAAALAT1FwlFyCFhuFulFyBFAAAAAAAAAAAAAAAAQtjFPz7RUA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:11 GMT

GET
DATA 200
OK truncated
/ Frame 71AF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f9e81c16c86c15fda91b947a759f4844b046b0f4f18d2c0958cd35d896d16f5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 24ms
23ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhE8KAA/k0F/ImvFytFh0FjvFklF9TE1wFlyFChFuuFlyFmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91AzwA0xA00A42A1mAjpFk9BxzA4zAwzA05A2zA32AmzEp6Fl9B3yA44E5wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9iEhuFulFymBhwFj9B1zAw0Ax0A04A21AmhEwkF91AzwA0xA00A42A1mAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGiFhuFulFymBhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA3wA4mEvyFthF0jFvkFl9BNlFkpF1tFSlFj0FhuFnsFlmBhkF29B03A3zAw0Az0Aw0AmjEwpFk9BklFzrF0vFwmBhwFh9B1yA3xAywA5yAyxAmjEpkF9xAz4AzwAwzA51A22A0mAzpF6lF9zAwwA4yB1wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9sEvjFhsFfyFljF0hFunFslF0mAhwFj9B1yA3xAywA5yAyxAmhEwkF91Ay3AxyAw5AyyAxmAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGsFvjFhsFfyFljF0hFunFslF0mAhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA34AxBELlnFCUkzFYBPGAAAAAAAABn8MAPBAAFAAn8MTl5/APAAAgIAD4BBl5/AZAAAOA55A55A85B55A58E55A55AFA1zAwzAxBErl5/ASksFLGjAAAAAAAAAAAAEAAAn8MAAAAAAAHAklFzrF0vFwBFIAovFtlFwhFnlFVAkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkBFHAzwAw4Ey1AwBEMAxzA4zAwwAz5A12A20AGAkpFylFj0FAAAAKA03A3zAw0Az0Aw0AKA1yA3xAywA5yAyxAQAsvFjhFsfFylFj0FhuFnsFl0BKA1yA3xAywA5yAyxAKA1yA3xAywA5yAyxA9AlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGsFvjFhsFfyFljF0hFunFslF0BEdgIAD4BsEA6DAFAAAl5/AAAAAPANlFkpF1tFSlFj0FhuFnsFlBFAAAAAAAAAAAAAAAAQtjFO4d+WA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:11 GMT

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 36ms
24ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhF8KAA/k0FQNmvFytFh0FjvFklF9TE1wFlyFChFuuFlyFmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91AzwA0xA00A42A1mAjpFk9BxzA4zAwzA05A2zA32AmzEp6Fl9B3yA44E5wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9iEhuFulFymBhwFj9B1zAw0Ax0A04A21AmhEwkF91AzwA0xA00A42A1mAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGiFhuFulFymBhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA3wA4mEvyFthF0jFvkFl9BNlFkpF1tFSlFj0FhuFnsFlmBhkF29B03A3zAw0Az0Aw0AmjEwpFk9BklFzrF0vFwmBhwFh9B1yA3xAywA5yAyxAmjEpkF9xAz4AzwAwzA51A22A0mAzpF6lF9zAwwA4yB1wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9sEvjFhsFfyFljF0hFunFslF0mAhwFj9B1yA3xAywA5yAyxAmhEwkF91Ay3AxyAw5AyyAxmAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGsFvjFhsFfyFljF0hFunFslF0mAhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA34AxmEvyFthF0jFvkFl9BTrF5zFjyFhwFlyFfyBwwAmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91Ay3Ax4Az4A25AymAjpFk9BxzA4yA5xA2xAz2Ay4AmzEp6Fl9BywAw4E2wAwmAzpF0lF9kEpzFwfF06FrfFvtFzfFo6FukElfFzkFmwEshFjlF9oEvtFlwFhnFlmBhwFi9BzrF5mBhwFj9B1yA3xA4zA42A5yAmhEwkF91Ay3Ax4Az4A25AymAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGzFr5FmhEkjF9kEpyFljF0mBttFvkFl9BklFmhF1sF0mBjiF9xA14A0wAzzAxzAy3A53ALlnFDTkzFePPAAAAAAAABxHjAPAAAFAAxHjTbosASksFhEjAAAAAAAAAAAAEAAAxHjAAAAAAAHAklFzrF0vFwBFIAovFtlFwhFnlFVAkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkBFHAywAw4E2wAwBEMAxzA4yA5xA2xAz2Ay4AGAkpFylFj0FAAAAKA03A3zAw0Az0Aw0AKA1yA3xA4zA42A5yADAzrF5BFKA1yA3xA4zA42A5yAKA1yA3xA4zA42A5yAwAlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGzFr5FQtjF7x06YA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:11 GMT

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 24ms
24ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhGaLAATkzF6PBAAOUAyBABbosAZAAAOA55A55A85B55A58E55A55AGAx0Az4A13ArbosASksFABdOUAyBAIDAYJAFAAAbosAAAAAOATrF5zFjyFhwFlyFfyBwwAAAAAAAAAAAAAAAAAQtjFIdIQSA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:11 GMT

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 31ms
24ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhHaLAA/k0F6RmvFytFh0FjvFklF9TE1wFlyFChFuuFlyFmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91AzwA0xA00A42A1mAjpFk9BxzA4zAwzA05A2zA32AmzEp6Fl9B3yA44E5wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9iEhuFulFymBhwFj9B1zAw0Ax0A04A21AmhEwkF91AzwA0xA00A42A1mAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGiFhuFulFymBhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA3wA4mEvyFthF0jFvkFl9BNlFkpF1tFSlFj0FhuFnsFlmBhkF29B03A3zAw0Az0Aw0AmjEwpFk9BklFzrF0vFwmBhwFh9B1yA3xAywA5yAyxAmjEpkF9xAz4AzwAwzA51A22A0mAzpF6lF9zAwwA4yB1wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9sEvjFhsFfyFljF0hFunFslF0mAhwFj9B1yA3xAywA5yAyxAmhEwkF91Ay3AxyAw5AyyAxmAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGsFvjFhsFfyFljF0hFunFslF0mAhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA34AxmEvyFthF0jFvkFl9BTrF5zFjyFhwFlyFfyBwwAmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91Ay3Ax4Az4A25AymAjpFk9BxzA4yA5xA2xAz2Ay4AmzEp6Fl9BywAw4E2wAwmAzpF0lF9kEpzFwfF06FrfFvtFzfFo6FukElfFzkFmwEshFjlF9oEvtFlwFhnFlmBhwFi9BzrF5mBhwFj9B1yA3xA4zA42A5yAmhEwkF91Ay3Ax4Az4A25AymAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGzFr5FmhEkjF9kEpyFljF0mBttFvkFl9BklFmhF1sF0mBjiF9xA14A0wAzzAxzAy3A53AmvFytFh0FjvFklF9NElkFp1FtSFljF0hFunFslFmhEk2F9zAz3Aw5Az3A1mAjwFpkF9kElzFr0FvwFmhEwhF9xA12AwxA5zAwxA1mAjpFk9BxwAz0A3yAy0Ax3A31AmzEp6Fl9BzwAx4Ey1AwmAzpF0lF9kEpzFwfF06FrfFvtFzfFo6FukElfFzkFmwEshFjlF9oEvtFlwFhnFlmBhwFi9BsvFjhFsfFylFj0FhuFnsFlzBmhEwjF9xA12AwxA5zAwxA1mAhwFk9Bx1A2wAx5AzwAx1AmhEwlF9lAyGE00A00AlyAGkFpzFwfF06FrfFvtFzfFo6FukElfFzkFlyAGoFvtFlwFhnFllByGEsvFjhFsfFylFj0FhuFnsFlzBmhEkjF9kEpyFljF0mBttFvkFl9BklFmhF1sF0mBjiF9xA14A0wAzzAxzAy4Ay4ATkzFARksFAQtjFFKDLaA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:12 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:11 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F920 0
0 334ms
334ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8813347375005258&output=html&h=250&slotname=3216207121&adk=3917598079&adf=816031634&w=301&image_size=300x250&guci=1.2.0.0.2.2.0.0&us_privacy=1YYY&url=https%3A%2F%2Fwww.hz.de%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1584033132719&bpp=17&bdt=95&fdt=97&idt=97&shv=r20200305&cbv=r20190131&ptt=5&saldr=sa&correlator=5163958245623&frm=23&ife=4&pv=2&ga_vid=1471606722.1584033133&ga_sid=1584033133&ga_hid=2016778207&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=543&ady=6049&biw=1588&bih=1200&isw=301&ish=250&ifk=3479309648&scr_x=0&scr_y=0&oid=3&pvsid=3957575967937755&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C301%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.k5x5z5n69rhq&btvi=1&fsb=1&dtd=118

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8813347375005258&output=html&h=250&slotname=3216207121&adk=3917598079&adf=816031634&w=301&image_size=300x250&guci=1.2.0.0.2.2.0.0&us_privacy=1YYY&url=https%3A%2F%2Fwww.hz.de%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1584033132719&bpp=17&bdt=95&fdt=97&idt=97&shv=r20200305&cbv=r20190131&ptt=5&saldr=sa&correlator=5163958245623&frm=23&ife=4&pv=2&ga_vid=1471606722.1584033133&ga_sid=1584033133&ga_hid=2016778207&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=543&ady=6049&biw=1588&bih=1200&isw=301&ish=250&ifk=3479309648&scr_x=0&scr_y=0&oid=3&pvsid=3957575967937755&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C301%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.k5x5z5n69rhq&btvi=1&fsb=1&dtd=118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.hz.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlJS7lvLXJUcTiviGdhil9T-6RuuMVc29IhKiE7-Gc1ZzJAnRJP9nBFDk1W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 12 Mar 2020 17:12:13 GMT
server: cafe
content-length: 27936
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B5E2 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200305&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fccaca171f3ea415e9a1b567df03fc47e79bf06dab84fd4ccfa6af91c48b996f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5081
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5E2 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9876c8c8bbe2d52581e1a42d5b440e4f776769a90f24f1d8d847a2d09b0609bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583960025657856"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27560
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B5E2 14 KB
5 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C33A 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.hz.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 12 Mar 2020 17:04:28 GMT
expires: Fri, 12 Mar 2021 17:04:28 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 464
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5E2 0
69 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200305&jk=3957575967937755&bg=!FRalFg5YBcnAQPRa3HUCAAAAMVIAAAAJmQFb-p-Nit--PBriEDbSqT1ZcIOaJH4k08z0KJ4y-K4lnGegaPTQfzLN-cgHg6s4XzKqeMzNIu_ZIap6vfxSEokUX1AefgoywGoGYvq_2_E8pfrVJ51VWVaTpeJsCLbDGDblvT_cTymIXvrHJ6avYSuYReEt9BBZ6Mj0KMRIWYtb10-0EOQSBk1Iad9r2jDcUnXI2WakEP2A4Nk9OOtKVXJxselgCp--I-4pxbYA6jyupD-ViCoaRrEsiivVx9DV_2BLUy_SfQ0FkMU9JHK3J2fC5uVAVBeDJ9o7C_Rb_gZ0rAPDDiiT99GlKiXUcnYf6ysIXdQmnEn-EFul78XLkBiwirZPPcj6n-JceQGGX4aUoNSVhoPmLhnDOa9aUquEwupC1fQi9Gn37_2bdV8NP8IJoyDv0sbY7rov0g23MfExq_tJFH7Wmq5PqJHyE0wz8MufiQSE3tiISrfuJDA

Requested by

Host: www.hz.de
URL: https://www.hz.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 24ms
24ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhIXTAALlnFEUkzFFCPeAAAAAAAABZZPAPAAAFAAZZPTTfPAPAAAfIAheBBTfPAZAAAOA55A55A85B55A58E55A55AFA2zAw2A1BErTfPAP4DAfIAheBHTfPAPAAAOUAyBAHbosAPAAAgIAD4BHl5/ASksFIGjAAAAAAAAAAAAEAAAZZPAAAAAAAHAklFzrF0vFwBFIAovFtlFwhFnlFVAkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkBFHAzwAx4Ey1AwBEMAxwAz0A3yAy0Ax3A31AGAkpFylFj0FAAAAIAzzA3wA5zA31AKAx1A2wAx5AzwAx1AQAsvFjhFsfFylFj0FhuFnsFlzBKAx1A2wAx5AzwAx1AKAx1A2wAx5AzwAx1A9AlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGsFvjFhsFfyFljF0hFunFslFzBEdfIAheBtEA6DAFAAATfPAAAAAPANlFkpF1tFSlFj0FhuFnsFlBFAAAAAAAAAAAAAAAAQtjFvIc9SA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:13 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:12 GMT

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 24ms
23ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhJXTAA/k0FYWmvFytFh0FjvFklF9TE1wFlyFChFuuFlyFmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91AzwA0xA00A42A1mAjpFk9BxzA4zAwzA05A2zA32AmzEp6Fl9B3yA44E5wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9iEhuFulFymBhwFj9B1zAw0Ax0A04A21AmhEwkF91AzwA0xA00A42A1mAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGiFhuFulFymBhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA3wA4mEvyFthF0jFvkFl9BNlFkpF1tFSlFj0FhuFnsFlmBhkF29B03A3zAw0Az0Aw0AmjEwpFk9BklFzrF0vFwmBhwFh9B1yA3xAywA5yAyxAmjEpkF9xAz4AzwAwzA51A22A0mAzpF6lF9zAwwA4yB1wAmzEp0Fl9BkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkmBwsFhjFl9BovFtlFwhFnlFmhEwiF9sEvjFhsFfyFljF0hFunFslF0mAhwFj9B1yA3xAywA5yAyxAmhEwkF91Ay3AxyAw5AyyAxmAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGsFvjFhsFfyFljF0hFunFslF0mAhkFj9BkpFylFj0FmtEtvFklF9kElmFh1Fs0FmjEi9Bx1A40AwzAzxAzyA34AxmEvyFthF0jFvkFl9BTrF5zFjyFhwFlyFfyBwwAmhEk2F90A33AzwA0zA0wA0mAjwFpkF9kElzFr0FvwFmhEwhF91Ay3Ax4Az4A25AymAjpFk9BxzA4yA5xA2xAz2Ay4AmzEp6Fl9BywAw4E2wAwmAzpF0lF9kEpzFwfF06FrfFvtFzfFo6FukElfFzkFmwEshFjlF9oEvtFlwFhnFlmBhwFi9BzrF5mBhwFj9B1yA3xA4zA42A5yAmhEwkF91Ay3Ax4Az4A25AymAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGzFr5FmhEkjF9kEpyFljF0mBttFvkFl9BklFmhF1sF0mBjiF9xA14A0wAzzAxzAy3A53AmvFytFh0FjvFklF9NElkFp1FtSFljF0hFunFslFmhEk2F9zAz3Aw5Az3A1mAjwFpkF9kElzFr0FvwFmhEwhF9xA12AwxA5zAwxA1mAjpFk9BxwAz0A3yAy0Ax3A31AmzEp6Fl9BzwAx4Ey1AwmAzpF0lF9kEpzFwfF06FrfFvtFzfFo6FukElfFzkFmwEshFjlF9oEvtFlwFhnFlmBhwFi9BsvFjhFsfFylFj0FhuFnsFlzBmhEwjF9xA12AwxA5zAwxA1mAhwFk9Bx1A2wAx5AzwAx1AmhEwlF9lAyGE00A00AlyAGkFpzFwfF06FrfFvtFzfFo6FukElfFzkFlyAGoFvtFlwFhnFllByGEsvFjhFsfFylFj0FhuFnsFlzBmhEkjF9kEpyFljF0mBttFvkFl9BklFmhF1sF0mBjiF9xA14A0wAzzAxzAy4Ay4AmvFytFh0FjvFklF9NElkFp1FtSFljF0hFunFslFmhEk2F9xAz2A43A1wA1zA1mAjwFpkF9kElzFr0FvwFmhEwhF91AzyAy5A0xAyxA2mAjpFk9BxzA4zAw2Aw2Az4Ax0AmzEp6Fl9BzwAw4Ey1AwmAzpF0lF9kEpzFwfF06FrfFvtFzfFo6FukElfFzkFmwEshFjlF9oEvtFlwFhnFlmBhwFi9BylFj0FhuFnsFlmBhwFj9B1zAyyA50AxyAx2AmhEwkF91AzyAy5A0xAyxA2mAhwFl9BlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGyFljF0hFunFslFmhEkjF9kEpyFljF0mBttFvkFl9BklFmhF1sF0mBjiF9xA14A0wAzzAxzAzzAz2ATkzFARksFAQtjFDtdleA
Requested by: Host: www.hz.de
URL: https://www.hz.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:13 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:12 GMT

POST
H2 204 pl
pp.lp4.io/ 0
69 B 24ms
24ms Other
text/plain 176.9.67.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.lp4.io/pl?i=5d1c69bee45a1d9a686cd066&ct=2.084&rt=0.883&pt=2.967&pvr=&p=https%3A%2F%2Fwww.hz.de%2F&c=desktop&t=homepage&s=%2F&tg=-1&ctg=-1&_r=1584033133364:4.7.14:20200302-125151&_m=beacon
Requested by: Host: pp.lp4.io
URL: https://pp.lp4.io/app/5d/1c/69/5d1c69bee45a1d9a686cd066.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.67.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.67.9.176.clients.your-server.de
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Thu, 12 Mar 2020 17:12:13 GMT
server: Apache/2.4.29 (Ubuntu)

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 73 B
494 B 29ms
28ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:13 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 180
expires: -1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a192dea22b9492dce5a63cdee9727281382d1ebdb609b50300fa1b4439e8a565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
Origin: https://www.hz.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Mar 2020 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5193
x-xss-protection: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1546268121&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.hz.de%2F&ul=en-us&de=UTF-8&dt=Aktuelle%20Nachrichten%20%7C%20Heidenheimer%20Zeitung&s...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_gid=2140099645.1584033133&gjid=1618554549&_v=j81&z=594968666
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_v=j81&z=594968666
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_v=j81&z=594968666&slf_rd=1&random=3728728992

42 B
109 B

23ms
23ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_v=j81&z=594968666&slf_rd=1&random=3728728992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-143495151-1&cid=1523776194.1584033132&jid=1264795226&_v=j81&z=594968666&slf_rd=1&random=3728728992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 12 Mar 2020 17:12:13 GMT

GET
H/1.1 200
OK map.js Show response
js.adscale.de/ 8 KB
3 KB 43ms
43ms Script
text/javascript 92.123.7.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/map.js
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.7.102 , France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-7-102.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cd35bc55a5ecd62262573cf9ccc375655037af31050180f4bf0cebbf029cb24b

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: qtZmWRBRr.Pa8PedETo_PyNfil3RjfiH
Content-Encoding: gzip
Last-Modified: Wed, 11 Mar 2020 22:16:27 GMT
Server: AmazonS3
x-amz-request-id: 98CBC0D12984F45A
ETag: "08f4f578807fb4ba2164e4880934b605"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=300
Date: Thu, 12 Mar 2020 17:12:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2644
x-amz-id-2: A8umtYKpmCqIhFAkGJ8oHrjtdS9rai3dt5VeNdU+kCMt2SXyACdE4QhuBZveeMD84iBp5wV/lKE=

GET
H2 200 adex.js Show response
dmp.theadex.com/d/285/5184/s/ 39 KB
14 KB 20ms
19ms Script
application/javascript 89.163.159.106
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.theadex.com/d/285/5184/s/adex.js?ts=39680752
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.163.159.106 Cloppenburg, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5318e6f99439de8be22212f030c069a25e38feb81952f4fed93121eed1aef3b4

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 12 Mar 2020 17:12:13 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 08:30:04 GMT
server: nginx
etag: W/"5e201f0c-9d13"
content-type: application/javascript
status: 200
cache-control: max-age=300
access-control-allow-credentials: true
expires: Thu, 12 Mar 2020 17:17:13 GMT

GET
H/1.1 200
OK ibb_map.js Show response
bbcdn-bbnaut.ibillboard.com/library/ 0
316 B 189ms
43ms Script
application/javascript 62.168.44.118
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcdn-bbnaut.ibillboard.com/library/ibb_map.js
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.168.44.118 Prague, Czech Republic, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),
Reverse DNS: cdn2.bbmedia.cz
Software: ibillboard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 12 Mar 2020 17:12:13 GMT
Last-Modified: Thu, 27 Feb 2020 10:46:12 GMT
Server: ibillboard
ETag: "5e579df4-0"
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 19 Mar 2020 11:47:15 GMT

GET
H2 200 default.js Show response
ups.xplosion.de/loader/69511/ 2 KB
2 KB 31ms
30ms Script
text/javascript 54.194.143.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/loader/69511/default.js
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.143.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-143-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c66d3c57676253019cfd4315afeead909efc06b27b54a85a6debce549fb1f53e

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Thu, 12 Mar 2020 17:12:13 GMT
cache-control: must-revalidate,no-cache,no-store
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"
content-length: 1711
content-type: text/javascript

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 33ms
6ms Script
application/javascript 2600:9000:20eb:5600:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: cdn.stroeerdigitalgroup.de
URL: https://cdn.stroeerdigitalgroup.de/metatag/live/OMS_HZ/metaTag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5600:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 11 Mar 2020 18:54:07 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 80287
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: pmZMQpSgUNTJ0aGEMj57HUGfdSIxMWXlaIB_DHtZDavYHP_gp8xT_w==

GET
H2 200 learn
de-gmtdmp.mookie1.com/t/v2/ 43 B
364 B 20ms
20ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_343&src.rand=52764639&src.id=Stroeer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.238.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame D20E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.hz.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 12 Mar 2020 17:04:28 GMT
expires: Fri, 12 Mar 2021 17:04:28 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 465
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030501&jk=3159896489540458&bg=!4uGl4flYFWhO6akmaIgCAAAAO1IAAAAJmQFVPBB3_nxeivlyaVRMinEqFOc9-zNap0WzoBGHDb4wGJ24EE-Qlht-t2tr7iag9b22smbADQ43uxucipQtcJdybKvGE5ggePiDDbukYAGjAnApe9jLJespBBoeA772eB8097R7wIRlWuM8QPrifqCEVWj5t5tEge1YQpACcQUR4OYMk-hlfLvGY0UZh6IWlzFY-yQYWCVFBRp56zpYvwGpW_bN7pPYQnl8eR2IdF3Q4PXGFBlrFs2ESAfI3ipVI4eAtBdOT7GzE2TCmuDARzSyA_DmD4YHm4Tlfj2nqbvwcl7D9G893qlMVK4GKbZKLeGyYMpKosXhHY0lZsLJQXVxSTQ7wPynz0oY7ER5E-cSLdcf6eXsiGXtc0bJd-Mm1WmWVxJNL5_iHEaEKXflqme5rGerrSPMv9ysNgkTPB4pWZsRId0twXkV9q31x19DEkyfA4fjrHA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launcher.js Show response
sak.userreport.com/sdm/ 64 KB
20 KB 78ms
34ms Script
application/javascript 13.225.73.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sak.userreport.com/sdm/launcher.js
Requested by: Host: nugmw.userreport.com
URL: https://nugmw.userreport.com/rc-ap/0f8acac5-dbc0-4b7d-8750-23ab55143ba6/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1471574734&nuggtg=&nuggrid=https%3A%2F%2Fwww.hz.de%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60fa9d34d5e1b7d6bf0e337cb4aa62f40bcbd6948a2566632b82dac7f18fe5b0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: TTH5AVswmh9VIwsPLuO8uCQ7VUZecyOr
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 11:21:28 GMT
server: AmazonS3
age: 28
date: Thu, 12 Mar 2020 17:11:45 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=7200, s-maxage=60
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: DgZL36rW_JAhj5NQEbNCTM1fbUc6WXjTdDtf-Qh8CgPQOsskw7GKFA==
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)

GET
H2 200 p.min.js Show response
cdn.emetriq.de/adp/profiling/0.2.25/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2600:9000:2156:8c00:1c:8c89:a300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.emetriq.de/adp/profiling/0.2.25/p.min.js
Requested by: Host: ups.xplosion.de
URL: https://ups.xplosion.de/loader/69511/default.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:8c00:1c:8c89:a300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fda97ec20907646eef81309463a8f352dd07cb189eabb717c66fc1757c8c6f3f

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 07:46:10 GMT
content-encoding: gzip
last-modified: Fri, 21 Feb 2020 07:34:56 GMT
server: AmazonS3
age: 1761964
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 5FyQWcxtGpTx80dn9lJhhCWeIQOZ27ta
status: 200
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YgSDMd2HX1STnybibmUAy7BasHNh3cK3RSc9E_QLZ2kIZSI9kKsaBA==
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)

GET
H2 200 /
d.agkn.com/iframe/8613/ Frame CC84 0
0 9ms
9ms Document
text/html 2600:9000:20eb:5800:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=717290832&gdpr=&gdpr_consent=&ref=&bpid=stroeer&c=%7B%22bpid%22%3A%22stroeer%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.hz.de%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

:method: GET
:authority: d.agkn.com
:scheme: https
:path: /iframe/8613/?che=717290832&gdpr=&gdpr_consent=&ref=&bpid=stroeer&c=%7B%22bpid%22%3A%22stroeer%22%2C%22loc%22%3A%22https%3A%2F%2Fwww.hz.de%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.hz.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.hz.de/

Response headers

status: 200
content-type: text/html;charset=UTF-8
content-length: 481
cache-control: no-cache, must-revalidate
date: Thu, 12 Mar 2020 17:12:12 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
server: Apache-Coyote/1.1
set-cookie: ab=0001%3AK%2FUzI6XALpb1zzNtl3U5Zb24Lt%2B1PIzi;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAl_SntJf0p7QAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
x-cache: Miss from cloudfront
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dlCOKj0sHSyDekIAGUoEijGzoLBDItQy3FvrEarDzRzQ_VGX0SJXow==

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 71AF 42 B
122 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviX4n6byMYwz9g4Jpo32gH2jHLlAAUaFvkpPMNim61Yhb_HH_H3DELXgJS3Re2rHc1SBrF_0kmz5yeMIlNB81BnxnKFw5HnqBJr5kr0gw&sig=Cg0ArKJSzPCj5vkhScZhEAE&adk=378769205&tt=-1&bs=1588%2C1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&p=114,1294,714,1494&gcm=1&lcs=1&mcvt=1007&rs=0&ht=0&tfs=102&tls=1109&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1584033132660&dlt&rpt=139&isd=0&msd=0&ext&xdi=0&msp=1&ps=1588%2C20142&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1109&is=200%2C600&iframe_loc=https%3A%2F%2Fwww.hz.de%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=200x600&itpl=3&v=20200311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F57B 42 B
122 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGaKFiUVsos4KX4_gKqsZ28oMV6kyu_-bYPmMpzAIXSFF2GB_hjX_lex42fUt9h83e93ilNoso-kDguNO_Qar80eitDyVE3B47CNN_INs&sig=Cg0ArKJSzJzGcfaVa1t8EAE&adk=3238048636&tt=-1&bs=1588%2C1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&p=0,350,90,1078&gcm=1&lcs=1&mcvt=1006&rs=0&ht=0&tfs=220&tls=1226&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1584033132611&dlt&rpt=154&isd=0&msd=0&ext&xdi=0&msp=1&ps=1588%2C20142&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-6-12-12-0-0-0&tvt=1222&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.hz.de%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20200311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 12 Mar 2020 17:12:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
lb82.s400.meetrics.net/ 43 B
308 B 25ms
24ms Image
image/gif 136.243.33.79
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb82.s400.meetrics.net/data?/WhnhKJOBALlnFFLl1FDLkqFKtkyB23A52AwwA6wEylF0pFtlF2qoFx1A40AwzAzxAzwAz4A3lEwzFw5Bv0By2E2BEUkzF2BPFEAAAAAAABK1eAPAAAFAAK1eTCDTAPAAAgIAtaABCDTAZAAAOA55A55A85B55A58E55A55AGAxyA2yA4yArCDTAPnAAAZAwSAcAAAAPBAAgIAtaAHCDTASksF2FjAAAAAAAAAAAAEAAAK1eAAAAAAAHAklFzrF0vFwBFIAovFtlFwhFnlFVAkpFzwFf0F6rFfvFtzFfoF6uBklFfzFkBFHAzwAw4Ey1AwBEMAxzA4zAw2Aw2Az4Ax0AGAkpFylFj0FAAAAKAxzA24A31Aw1Az1AKA1zAyyA50AxyAx2AJAylFj0FhuFnsFlBFKA1zAyyA50AxyAx2AKA1zAyyA50AxyAx2A2AlyAG0B00A0lAyGEkpFzwFf0F6rFfvFtzFfoF6uBklFfzFklByGEovFtlFwhFnlFlyAGyFljF0hFunFslFdgIAtaAsEA6DAFAAACDTAAAAAPANlFkpF1tFSlFj0FhuFnsFlBFAAAAAAAAAAAAAAAAQtjFMjJETA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.33.79 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h380.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.hz.de/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 12 Mar 2020 17:12:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Thu, 12-Mar-20 17:12:16 GMT

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:22:09	Name: IDE Value: AHWqTUlJS7lvLXJUcTiviGdhil9T-6RuuMVc29IhKiE7-Gc1ZzJAnRJP9nBFDk1W
a.twiago.com/	1970-01-19 12:19:45	Name: twgx2 Value: 1
.twiago.com/	1970-01-19 08:43:45	Name: deuxesse_uxid Value: 9fa1260dd37fffe63c68e17ed73a6d07e98363ef3a7816078fb5c21fdcde2af0
.ih.adscale.de/	1970-01-19 08:43:45	Name: tu Value: 4#1022182036#38~CAESEHIjak_glgYuPvr0FyeWHnA~440009~0~0#108~77e85e6a-6d6c-4700-ae8f-133de36bdb30~440009~0~0#63~XmptbblQJq8AAAiCKF0AAAAp&1210~440009~0~0
.adscale.de/	1970-01-19 16:42:49	Name: uu Value: 6037e2b9c0c74bbc998d392c6372d926

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.video.oms.eu/ada/cloud/omsv_container_151.js(Line 25) Message: UTILITY: Starting to load CORS resource https://tracking.m6r.eu/sync/dmp

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
adservice.google.nl
adstax-match.adrtx.net
bbcdn-bbnaut.ibillboard.com
cdn.adrtx.net
cdn.emetriq.de
cdn.m6r.eu
cdn.stroeerdigitalgroup.de
cm.g.doubleclick.net
consent.cookiebot.com
d.agkn.com
de-gmtdmp.mookie1.com
de.ioam.de
dmp.theadex.com
freude.hz.de
googleads.g.doubleclick.net
heidenheim.com
hz.de
ib.adnxs.com
ih.adscale.de
img.yumpu.com
js.adscale.de
js.agkn.com
lb82.s400.meetrics.net
nugmw.userreport.com
oms.nuggad.net
pagead2.googlesyndication.com
pp.lp4.io
s385.mxcdn.net
s400.mxcdn.net
sak.userreport.com
script.ioam.de
securepubads.g.doubleclick.net
si.nuggad.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trauer.hz.de
ups.xplosion.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.heidenheim.com
www.hz-online.de
www.hz.de
www.video.oms.eu
13.225.73.39
136.243.33.79
143.204.97.36
172.217.18.98
176.9.67.12
185.33.223.80
216.58.206.2
23.37.53.21
2600:9000:20eb:5600:15:efbc:e300:93a1
2600:9000:20eb:5800:19:fc2c:a140:93a1
2600:9000:2156:8c00:1c:8c89:a300:93a1
2600:9000:21f3:5000:1f:a1b:34c0:93a1
2600:9000:21f3:c00:12:6213:9cc0:93a1
2600:9000:21f3:c600:1d:c2dd:3c80:93a1
2620:1ec:bdf::10
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a02:26f0:10:28e::5f76
34.252.24.237
35.186.238.175
37.157.4.24
46.16.74.252
46.245.182.43
52.58.42.46
54.154.128.203
54.194.143.80
62.152.180.41
62.152.182.7
62.168.44.118
85.215.5.31
89.163.159.106
91.215.103.64
91.215.103.65
92.122.254.186
92.123.31.39
92.123.7.102
00e55928cc2411c7cd9b0bf3995a8d03c14b72d554e2243ea9cd2a2123c03fb4
022b12f4b6aed8014084405a3e4e3ddde595fc8e09bd9194a5ae9b2a386a8c05
03afd0d978603bf51d514848be61839ef6644e8498b30390136a1ab0a35313de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08c8a619f46423a7fd5e5ee19a459b7162c16d3291577c0c146304d5452a8fc0
0e6c778872f118644fd5dffe8c2fd4898e5578afa57b2c323f5651a1c2bc2d81
10fcfa15532f86ff685c9ad8494008d1d7346d2db0edaf47c6143bd24c79ed2b
110662eba692faaec22bcdbf8468f8698e0a276e22bb71a50092e3dc976d0175
12eab7ed9516d8d3da05af9f6af5f31f280da236929d76b0a135cf7cce47ea82
1339b63145aa574871257e4761f5053652aa924ea734ba825a5c2ab100dbc5dc
1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
175e471b966568b574d92a96c16b520a96fc594e6a487c51d30207f368cc3c14
1798ffaac2fe1c1a5d88a16e37a85f82d9c56ab81cc7f38b51e230ea51477dc9
19dd2d1d0e822b0b122938a8425ed65769e3b2d243464b72745be9081f76745b
1a42db53bcb1d8bc8854ae77000ff27911c8f14605adb8ed61fa9cd1650a0075
1aa7547423c038a8b5bd95e668d9ce0bb543935670252e39144f8cf8a6fa30b2
1bbf70a860aae0f37a4a708e3de8b10f17b007af2e95ed7700d09d5941feccdc
1c14fbf3a12da88db695dc76ac6f641603c51e31c1e418ed423e2e15ea6afb5e
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
208df81c70292a58b40287d90a2a3e55f9ce276061dfd91e6254a7ae935662f3
2176460e4f99c473eeb1eae76a52f66f9b0d06254f003e4b96b39f6e9e78ae1d
2a7aa2ce1fffbd060d8a2c321a9336d7978c3d002f919284662abff465fd0654
2ca94ca98430e4f5db2855de27ab3ac49c34b91017637730678bd0c0111f4612
2ef89aa0325e9af6d7b61d78d86bc494d34f63a38f6c2a8dfeb9c635dc7b77b4
37a96a47c421d79779f4f2866e394f1f508bc746054d9b24780f6d2262b05ab7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec691a2f8e078a3ebb499db16343a729eefbac8fefee4381a162c8e826e86a3
4581046df9299cb9884126d0949d13b42011265cc72005bdab67998a53bb2a8f
468e579fe1210fa55525b1c470ed2d1958404512a2dd4fb972cac5ce0ff00b1f
4c6181abb989ad36e39d03cdd0423f95c3903eb34f894783b9eb8e501fdbe26d
4ca5cf47184c37a8c6d8096b58ae1d7c8e9be2b55438201357bcd6b1b1116a62
4d0a4a9dd2e813d04db9b60056bb7b71fb6846831c382d36c78bd4e912cfaafe
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
5194a83f3fd38dd04b2cfa10f71e4af113954e046ecd9536fea197fdf7a8b8a2
5318e6f99439de8be22212f030c069a25e38feb81952f4fed93121eed1aef3b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3f4116230d19374a88a2d81cfa57b10f08b8c8c4abe34adf42f522c993ceb
551ded00391faf0aaf177f61ba38c63fce32bb4136460182831bdb95b33685f8
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
60fa9d34d5e1b7d6bf0e337cb4aa62f40bcbd6948a2566632b82dac7f18fe5b0
61d3e89b720ed75fb8f33c874df76cbcf4bc0a104f111d79e9fb9a86109efbd5
63ef1f93c2373f962fbbd45e007b08393f1a57ef28e2e6c9963540fecba194d0
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6987f4159196a8eb8a34f2781e49a731978e0e08f70d5b259d87fef1d08df7f9
6b6936f383b178aacd79fc9d2097312211fa08cd49da688e2fb743d42ffa7752
6bb9c6380bff0e0eef855841ca01d1ab907bcb81a5b3ce40485193a7a72f7f67
6e4619f24281e10a9097f2c1229ed707dfb14746c0c2a5871ec809f9edfcc150
70ce2380be7b2d51cdeb71708d287476506d0a774d2ac164a30a7babf4ec0d8a
71dbb739e4911ebaae6bbe1e250f5abf286d7db0d8888d250a33651135aa0745
760e4b5d62fd40555e5378e6216c0d4bec64c26bd39d3418b59e14c46ad0aa08
78c263cbe7f4efe0f63946ba1bf9072fe9bdd93fec23c4f3c73245e9bf937b79
7a4bba92b5bb60dd1355649ec56e2dbaac5ecb07d202a743574efa32ea9d8d2d
7a94735f3a0e915a85bd8e216702c3146e1ffd2f6395276c8e5baee1249baaf1
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8699503f89e118c9e827dca1338a849e65918d37040693d34ab02e8877f35c5f
89d1a0b65293feb61eea22bffa56cb8babe56999d28c6d8683a74974c643dced
8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55
91024fa7ff210fef97c73facd03401f0029b6c77508cf9492d56bf5ec6b0210d
914888442ee5303f30488757e06e42ba91a81f034aa65f4ddcc70a0cbb9f50de
9266b9bab62e78a4bf542c0b74ae986a7f4af80b2334e916ded3df9b0ba73531
9876c8c8bbe2d52581e1a42d5b440e4f776769a90f24f1d8d847a2d09b0609bb
9d993b31bcdb8316b1338b5e49261d37020227bbf0732e784cc4c22d3ffe9514
9f9e81c16c86c15fda91b947a759f4844b046b0f4f18d2c0958cd35d896d16f5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a556e0975784e00d56bb4b5ccea4ca10e03f6bc1ff88ad56e903c937689db9
a0a652ec41996add13df8edca0cfa492fc02251d17ef7be544a70e530386b737
a192dea22b9492dce5a63cdee9727281382d1ebdb609b50300fa1b4439e8a565
a207c8ed74ce232b0a823c5cebdf4fb5d24fdc4e1ed1dff3496750f5109e26de
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4b0439d1257a7e2ecf3260ac3ae203d8c71bd1f0d7aee4b1af8aed087e0a4b7
a5d5ca451b9052d724a8be08d047ce0ccda4d216ec09b31f9ce0c8c13fbc39c8
a602a851ebefacd81450962e1ab8aa9a081900a2bc16506a94d51206ea5ee899
a690d6df12f2f046b37e32381f03316f509a7e21a1301810e3433c2dc642a763
af1afa379843538283c6ef285316b1c7521cc07afa5c9a3f0dc0d53f7f1d155f
afd5c94cf7ad2a5f98f9a47ffd3c223c3a3057d48f6412dec422fa0b3ab211c0
b1719c56cbcf138e4ebd26dbe62e34b2f58760f0e77ec01eee6e18624c344926
b92aa30c986abe00da381bc243e3e99362a670551304ab8cfc253b936c98cc26
b9f8b13d2bc74cf78f279a42342df5fc27a7f668af5bf2632bcdaa79c3a591b8
c1c0a00b4354b137e69b2292ea908e44175654664fb34672dd38b3417779bd76
c66d3c57676253019cfd4315afeead909efc06b27b54a85a6debce549fb1f53e
cb6c83d2b912b39edee2c56af48c321dbcb9ae4c0b0e97655b96bc6151eccb4d
cd35bc55a5ecd62262573cf9ccc375655037af31050180f4bf0cebbf029cb24b
d2b2911702d18aec01dd57b1888571319c00c048e05757f480753ecd6c2e33ff
d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1
db78bca678e30b488ed36bc43b9817e3fa5071638cdc1bbec7b9e356eec450e1
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e929633ed51612855d1c03bf6fd3c4da2bc1c4a7528dcba91323b2169b37b1f0
ea63d54a19b5502e1d4e7c1f3303ec4e257b900bddeaf97726448dd4a1b48597
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed8e1501e2f8ee76a6348c39014e87a6cd8ebc106683f14b6c0e149c09c2761b
ee3a56478867b2f1d92b2fc50518621573597e664e4dafca36623e9395a19ced
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b814001d1b126fbbfb1ba7a19fee135c2c23d9fb2f835259068dd74789b46
f886e3e291b58abc659e29b4764adbd0d395a5d4528b69bf0f46f40a5abf5758
fccaca171f3ea415e9a1b567df03fc47e79bf06dab84fd4ccfa6af91c48b996f
fda97ec20907646eef81309463a8f352dd07cb189eabb717c66fc1757c8c6f3f
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

www.hz.de Open in urlscan Pro 46.245.182.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

100 %HTTPS

40 %IPv6

34 Domains

52 Subdomains

38 IPs

9 Countries

5225 kBTransfer

7462 kBSize

5 Cookies

96 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hz.de Open in urlscan Pro
46.245.182.43 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

100 %
HTTPS

40 %
IPv6

34
Domains

52
Subdomains

38
IPs

9
Countries

5225 kB
Transfer

7462 kB
Size

5
Cookies

144 HTTP transactions
9 data transactions