businessnewsday.com Open in urlscan Pro
2606:4700:3032::ac43:c9f1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://businessnewsday.com/
Submission: On April 13 via api (April 13th 2022, 12:27:07 am UTC) from US — Scanned from DE

Summary HTTP 288 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 43 IPs in 9 countries across 36 domains to perform 288 HTTP transactions. The main IP is 2606:4700:3032::ac43:c9f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is businessnewsday.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 11th 2022. Valid for: a year.

This is the only time businessnewsday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:303... 2606:4700:3032::ac43:c9f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2 12	5.9.135.191 5.9.135.191	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.44.213.132 142.44.213.132	16276 (OVH) (OVH)
1 1	66.70.176.31 66.70.176.31	16276 (OVH) (OVH)
1 1	44.198.242.236 44.198.242.236	14618 (AMAZON-AES) (AMAZON-AES)
1 1	134.213.237.49 134.213.237.49	15395 (RACKSPACE...) (RACKSPACE-LON)
1	142.44.213.187 142.44.213.187	16276 (OVH) (OVH)
19	2a00:1450:401... 2a00:1450:4014:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
8	2600:9000:231... 2600:9000:2315:c200:15:6f87:8040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.94.85.236 185.94.85.236	56647 (FUSIONMEDIA) (FUSIONMEDIA)
5	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:ad7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:bd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.94.85.240 185.94.85.240	56647 (FUSIONMEDIA) (FUSIONMEDIA)
2	3.225.247.221 3.225.247.221	14618 (AMAZON-AES) (AMAZON-AES)
1 3	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	92.123.225.33 92.123.225.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	185.168.112.124 185.168.112.124	56647 (FUSIONMEDIA) (FUSIONMEDIA)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6 6	151.101.64.217 151.101.64.217	54113 (FASTLY) (FASTLY)
14	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c29b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 7	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	74.121.143.241 74.121.143.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	18.202.199.206 18.202.199.206	16509 (AMAZON-02) (AMAZON-02)
8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1	23.35.228.210 23.35.228.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
14	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
20	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e12b	() ()
288	43

37 2606:4700:3032::ac43:c9f1 (United States)

ASN13335 (CLOUDFLARENET, US)

businessnewsday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 5.9.135.191 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.191.135.9.5.clients.your-server.de

app.viloud.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.44.213.132 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ample-zeno-10.radiojar.com

node-10.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.70.176.31 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ample-zeno-07.radiojar.com

node-07.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.242.236 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-242-236.compute-1.amazonaws.com

stream.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.213.237.49 (United Kingdom) 1 redirects

ASN15395 (RACKSPACE-LON, GB)

stream.zenolive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.44.213.187 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ample-zeno-13.radiojar.com

node-13.zeno.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2315:c200:15:6f87:8040:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1p84540l00xkx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.85.236 (Amsterdam, Netherlands)

ASN56647 (FUSIONMEDIA, VG)
PTR: 185-94-85-236.fusionmedialtd.com

sslfxrates.forexprostools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:ad7 (United States)

ASN13335 (CLOUDFLARENET, US)

wmt-invdn-com.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:bd7 (United States)

ASN13335 (CLOUDFLARENET, US)

i-invdn-com.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.85.240 (Amsterdam, Netherlands)

ASN56647 (FUSIONMEDIA, VG)
PTR: 185-94-85-240.fusionmedialtd.com

streamjs.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.247.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-247-221.compute-1.amazonaws.com

services.viloud.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.225.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-33.deploy.static.akamaitechnologies.com

wmt-invdn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.168.112.124 (Virgin Islands (British))

ASN56647 (FUSIONMEDIA, VG)
PTR: 185-168-112-124.fusionmedialtd.com

stream124.forexpros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.64.217 (United States) 6 redirects

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:ef::5c7b:c29b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

24vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.121.143.241 (United States)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.199.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-199-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.23 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.164 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

skyfire.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:26f0:f7::5c7b:e12b (None, )

ASN- ()

61vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	496 KB
37	businessnewsday.com businessnewsday.com	4 MB
35	akamaized.net wmt-invdn-com.akamaized.net 24vod-adaptive.akamaized.net — Cisco Umbrella Rank: 130602 61vod-adaptive.akamaized.net	3 MB
28	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 ad.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 67700	175 KB
14	vimeocdn.com skyfire.vimeocdn.com — Cisco Umbrella Rank: 45999	840 KB
14	viloud.tv 2 redirects app.viloud.tv services.viloud.tv	490 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	240 KB
11	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4 mts0.google.com — Cisco Umbrella Rank: 3772	1 KB
10	investing.com wmt-invdn-com.investing.com — Cisco Umbrella Rank: 819878 i-invdn-com.investing.com — Cisco Umbrella Rank: 34072 streamjs.investing.com — Cisco Umbrella Rank: 615959	232 KB
8	cloudfront.net d1p84540l00xkx.cloudfront.net	373 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	5 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 31596 hal900016.redintelligence.net — Cisco Umbrella Rank: 155189	66 KB
6	vimeo.com 6 redirects player.vimeo.com — Cisco Umbrella Rank: 1755	6 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	181 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	2 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 2919 pixel.mathtag.com — Cisco Umbrella Rank: 1233	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 ssl.google-analytics.com — Cisco Umbrella Rank: 279	57 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	100 KB
4	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4986	336 KB
4	zeno.fm 3 redirects node-10.zeno.fm — Cisco Umbrella Rank: 817832 node-07.zeno.fm — Cisco Umbrella Rank: 770586 stream.zeno.fm — Cisco Umbrella Rank: 173964 node-13.zeno.fm — Cisco Umbrella Rank: 805352	445 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 46083	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	918 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1537	415 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 962	430 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1127	795 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	97 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 67611	312 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44330	629 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3287	376 B
1	forexpros.com stream124.forexpros.com	420 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	10 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	654 B
1	forexprostools.com sslfxrates.forexprostools.com	4 KB
1	zenolive.com 1 redirects stream.zenolive.com — Cisco Umbrella Rank: 178132	141 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
288	36

	Domain	Requested by
37	businessnewsday.com	businessnewsday.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net businessnewsday.com tpc.googlesyndication.com pagead2.googlesyndication.com
20	61vod-adaptive.akamaized.net	vjs.zencdn.net
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com businessnewsday.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	businessnewsday.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	skyfire.vimeocdn.com	vjs.zencdn.net
14	24vod-adaptive.akamaized.net	businessnewsday.com vjs.zencdn.net
12	app.viloud.tv	2 redirects businessnewsday.com d1p84540l00xkx.cloudfront.net
9	fonts.gstatic.com	fonts.googleapis.com
8	cm.g.doubleclick.net	businessnewsday.com googleads.g.doubleclick.net
8	d1p84540l00xkx.cloudfront.net	app.viloud.tv
7	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	fonts.googleapis.com	businessnewsday.com app.viloud.tv googleads.g.doubleclick.net hal900016.redintelligence.net
6	player.vimeo.com	6 redirects
5	www.googletagservices.com	googleads.g.doubleclick.net
5	i-invdn-com.investing.com	sslfxrates.forexprostools.com
4	hal900016.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900016.redintelligence.net
4	image6.pubmatic.com	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
4	wmt-invdn-com.investing.com	sslfxrates.forexprostools.com
4	www.youtube.com	d1p84540l00xkx.cloudfront.net www.youtube.com
4	vjs.zencdn.net	app.viloud.tv
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	adservice.google.com	pagead2.googlesyndication.com 5994599.fls.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com
3	www.google-analytics.com	app.viloud.tv www.googletagmanager.com
2	5994599.fls.doubleclick.net	1 redirects businessnewsday.com
2	pv.medialead.de	2 redirects
2	hal9000.redintelligence.net	businessnewsday.com hal900016.redintelligence.net
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	odr.mookie1.com	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	services.viloud.tv	d1p84540l00xkx.cloudfront.net
2	www.googletagmanager.com	businessnewsday.com www.googletagmanager.com
1	ad-server.eu	googleads.g.doubleclick.net
1	pb.media01.eu	hal900016.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	pixel.everesttech.net	1 redirects
1	mts0.google.com	googleads.g.doubleclick.net
1	stream124.forexpros.com	cdnjs.cloudflare.com
1	ssl.google-analytics.com	sslfxrates.forexprostools.com
1	wmt-invdn-com.akamaized.net	wmt-invdn-com.investing.com
1	ad.doubleclick.net	sslfxrates.forexprostools.com
1	streamjs.investing.com	sslfxrates.forexprostools.com
1	cdnjs.cloudflare.com	sslfxrates.forexprostools.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sslfxrates.forexprostools.com	businessnewsday.com
1	node-13.zeno.fm	businessnewsday.com
1	stream.zenolive.com	1 redirects
1	stream.zeno.fm	1 redirects
1	node-07.zeno.fm	1 redirects
1	node-10.zeno.fm	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
288	54

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
ifgict.org
ksf.space
zeno.fm
wallester.com
dnbc.tv

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-11` - `2023-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
app.viloud.tv R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.forexprostools.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
investing.com Cloudflare Inc ECC CA-3	`2021-09-01` - `2022-08-31`	a year	crt.sh
*.investing.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-25` - `2022-12-26`	a year	crt.sh
*.viloud.tv Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.forexpros.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-25` - `2022-12-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://businessnewsday.com/
Frame ID: F8B3BDDD9B03534C18650496E5469412
Requests: 71 HTTP requests in this frame

Frame: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Frame ID: 2DD7FF9E099EB1B379FE6C434D13A0C7
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: 757C6524A67577CED8E51E18C74D654F
Requests: 1 HTTP requests in this frame

Frame: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Frame ID: AE9347F7F18DDB9E890735498FAF4D82
Requests: 56 HTTP requests in this frame

Frame: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Frame ID: 2C02F8B1598D58F7A30291E80BB01F68
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&adk=1812271804&adf=3025194257&lmt=1649800079&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbusinessnewsday.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809606983&bpp=2&bdt=446&idt=398&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1659701599524&frm=20&pv=2&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=453
Frame ID: AFC6FA23EB2E397D18922FA0AD31045F
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5872.2079124INVAFF/B9105698.123658976;sz=95x24;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
Frame ID: 40C86FE5BA58C396C7867847AC8768DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
Frame ID: 3D5C91F445A1124C3F75D85A35940975
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249
Frame ID: 1FABBF6240F10D08E084EEEA1B8D3BDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254
Frame ID: 7AC3627A341D06502C6CC231CB923103
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Frame ID: 323E8C1F6C8A9F5371FAF25DF9A75877
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6DBDD441E1070A4E7E324A5AFC779F4A
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6A9101CF601DE78C074B7D8FABED569B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4C20F61ECD6FB8CEE638797566277CC5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E1D250A8E8BD4D6C8F94595E0E5220CD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html
Frame ID: D5D5AE14BBF1B9B5ACD6859C9E9A4698
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CgWZQyRhWYqSYCY3ctwfFqKbAApiOl81n4OWQsOgNmcDG-LYbEAEg-5W2e2CV4pCCoAegAeCexPgDyAEJqQLjTsKO_imyPqgDAcgDSKoEywFP0BVU_dTRqa9z8DQuXfuDjbUErrpmU3Wlpx3qoexhUXhwtVZR60CiypUDEe4R3NsovEUoZoDg2oEVjCHXFafbQIpXlRM6EEDALWvZPzuWxfLJ7qBINXDQn08MQmj7POrCFKfQw9Z9bugeyTSU6zJL37cyfK4EQJCXDMPACpDQfxQ_9NM9GOPqhL6Grh6vb4tS1VZGyHZuk9wYfcY0PfT15m8GDDOjQqulJrgMkKVkpw89Li79ALcTQEKVg0ltESPC3g59_meaEoP2dMAEiqqjk8UDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8fA9gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDIzQHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzU1NDkzNDgyNjQ2NzU1ORgA&sigh=eZaQ4GAiNeg&uach_m=[UACH]&template_id=419
Frame ID: 64F7CAD343DEAFC68955F6137FE0BA6B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
Frame ID: A8D9794DDFE7E5FDAB32D29AC24F3CD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CTlzLyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMcBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3OCvXWSu_o7NXcl1uF6t2vRr9BsMc3WafBndjUVAoRGrGPGApkPeIAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=ZCgJsP68p-s&uach_m=[UACH]&cid=CAQSOwCNIrLMAQeuq8IqNscM1HYIp2MfMpYJ7rAd3kz4sahG1XUNc3okr8xgB2JRn0GwhDhTaxPsengPriA3GAE&tpd=AGWhJmuTnEHp3qQcnyJnJCdZj_y4YC19OlirBdMQsYsjtE8Rb-OrYyg9idz1xgT1IslV2qC-XjOQWZh3uJV3E4nmkl1K8qS7vBilcrLPg6RRWO1ofBHOIiN6jCVePylKK8QV97Ro290kzxRmNkLYBVpCWvyfIGL50rLCl_uLuJHDPUYdui-hzFVJ1qlwsen1jWWlEk9QP_ZH93P_jBc9UlPhIXyoZqGd2fLRzuH52E0DHODAo0SqLJfzJl2arVqweywsGgjj0xrILPAcNTa9EfgGUfoHMvy6ImzxhbUHoPI1JbFZEM2V_kl0X8ElFdjms1WURrObg-G_nYsWd2GeZ9mgj4MYSwmU5zswc__IXqxjC6mGKf16xbf4Gjvnqz0z1MkzeNN2Twln0pEI4C7tY5iriJJxw7hbizK6NTKkK8j8YqMhVbKyjj_n98kq0OQfA1jRpS3TW4WgWEC6syY4vlKeC_bEGFRdoPS6B28TE2Bhk0xMNEAcVvdumyNZCE-IwTrS0CpJWMy9f19-6KpChnxr5quqP74X1muYpYx6IMb8WXImLXNn7Nq4oJkZwe909dFmbKZZPFjjQdqILq66jYRXESZ6GDYE3_pZeFSoLPuCIGfrHclbviVJnFunpyUjtxK3fbxCkoFD_dOAH2x2ZvCn_wCFjmslNoblNguvTYgYSqnQKsOgNqQElTJkk8wmGWtyjE1-VRwaRIml2w_tZq_Vh7Zp3ARwTC5WoJ62dmq897pJbLoCjavPldcA9-NzPNCFzUOOmmkpEiQWqVmwdlRZLPxNjR7wmiN3mrYs8QcLyLVpoCxp27G9fiH5o0k4gphIRLudhrN0opcheWlASHyJFJR646T2nJmivkmoC7RS1VChYMuGRcQfVvIzsLnZd7r-X6wDi_OlfRoXcoLbWoWXavBCArk3F85TAQZSkRg7gKJiusgtG4EWOBSvTg8aMaID4WfAbxG-UdfZ51B4E24r0Z6Dig-0cddclK42gArW4bBQj1SW8tLNiYLYnUM0ct3z6O50D4XmJsN92N9o8C41ztXBXUeG6co2fYORsWwEkItQXdUSwmg532ggZgbqYk1vV_pe
Frame ID: 8B1745267CDDB8E5DC1AAB09717F89EA
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
Frame ID: 5140CA6453524F26637DA729D911C93E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5265ED4376B7EB18825189A795056264
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8FD8AD56D7ADA5139FA4BFDB4B3329F3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
Frame ID: 69AB815DF09BB0311F2B88EBE3F52468
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=84402600007995400951399011928016&actionid=981741&produktid=&dt_url=
Frame ID: 896FCD72312FA5F6F2CAD419A6922D53
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636
Frame ID: CEAFAC88BADD63F960BFB9AABCD172A5
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=84402600007995400951399011928016&a=5c1224f7
Frame ID: 3711558788627D05E11365862DEE06C9
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 859638A735850776BDC04F1912498356
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 630E316D9589EB55F618A6279E7B859E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7730EE2D2943C6DB66C0B8985484DD05
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Business News Day - Daily Business News Magazine

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

288
Requests

84 %
HTTPS

45 %
IPv6

36
Domains

54
Subdomains

43
IPs

9
Countries

10996 kB
Transfer

24141 kB
Size

20
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TimeBusinessNews/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/time-business-news/

Search URL Search Domain Scan URL

URL: https://twitter.com/TimeBusinessNe1

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCsdwtYGt7HsEWOqsZU-y6bw

Search URL Search Domain Scan URL

URL: https://ifgict.org/
Title: IFGICT

Search URL Search Domain Scan URL

URL: https://ksf.space/

Search URL Search Domain Scan URL

URL: https://zeno.fm/
Title: LISTEN TO TIME RADIO STATION LIVE

Search URL Search Domain Scan URL

URL: https://wallester.com/api/card-issuing
Title: Card Issuing API

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://dnbc.tv/wp
Title: DNBC TV

Search URL Search Domain Scan URL

URL: http://dnbc.tv/
Title: DNBC.TV

Search URL Search Domain Scan URL

URL: https://dnbc.tv/info

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://app.viloud.tv/player/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0 HTTP 301
https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

Request Chain 22

https://node-10.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ HTTP 302
https://node-07.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABgCBZ9LIAgxUdMFtsktiboA HTTP 302
https://stream.zeno.fm/7ng41r774c9uv HTTP 302
https://stream.zenolive.com/7ng41r774c9uv?zs=OsJaZP7uTqmA6L5S0ZSr8w HTTP 302
https://node-13.zeno.fm/7ng41r774c9uv?zs=OsJaZP7uTqmA6L5S0ZSr8w&rj-tok=AAABgCBZ-l8AzEjQbEBmMBkVyQ&rj-ttl=5

Request Chain 40

https://app.viloud.tv/player/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0 HTTP 301
https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

Request Chain 120

https://player.vimeo.com/external/614473335.m3u8?s=30cece064871c20e947bd9d606326364da8ab236 HTTP 302
https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/1611c086,27bec306,41bcd74d,8a09da4a/master.m3u8?absolute=1&query_string_ranges=1

Request Chain 121

https://player.vimeo.com/external/614473335.m3u8?s=30cece064871c20e947bd9d606326364da8ab236 HTTP 302
https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/1611c086,27bec306,41bcd74d,8a09da4a/master.m3u8?absolute=1&query_string_ranges=1

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 191

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLb-Qb-NcF-XWq5RS5GbYIrjbopIypsbeOntA6tBTDld_iph-FmF_22aGpJ-N5lnAUCHZZGRCRwsjP1Iq6QWgln7gaMwKTO&google_gid=CAESEOR6D9MxKmmgxklB9dOzgzY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxZWXlnQUFBQmdPd0FJQA&google_push=AYg5qPLb-Qb-NcF-XWq5RS5GbYIrjbopIypsbeOntA6tBTDld_iph-FmF_22aGpJ-N5lnAUCHZZGRCRwsjP1Iq6QWgln7gaMwKTO

Request Chain 194

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAU-kZT2ZtuOAEXZYAofXRQ&google_cver=1&google_push=AYg5qPIX8oUkohAhjDuaqtuwh57OnYuCqfzJidldZYSb2HxhAla9qYzmRkwlfjyN0X939ssXtHgCG9-EOPGqJk9ovkbjaPQLYsE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAU-kZT2ZtuOAEXZYAofXRQ&google_cver=1&google_push=AYg5qPIX8oUkohAhjDuaqtuwh57OnYuCqfzJidldZYSb2HxhAla9qYzmRkwlfjyN0X939ssXtHgCG9-EOPGqJk9ovkbjaPQLYsE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z_skhVsRSVKHgfP07Gm-qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIX8oUkohAhjDuaqtuwh57OnYuCqfzJidldZYSb2HxhAla9qYzmRkwlfjyN0X939ssXtHgCG9-EOPGqJk9ovkbjaPQLYsE

Request Chain 195

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJIv-jQssC_2-aXA5177X2A&google_cver=1&google_push=AYg5qPJJi0wCOc26K5SI8RNdFa2YlzztGlobFGmgi6S6u8eyE9QRe-LYM77cWnJ0_eBvWUXrwZQopTsJhni-gXaWfhUW_r2h6xZ3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFNTlotMS05MThP&google_push=AYg5qPJJi0wCOc26K5SI8RNdFa2YlzztGlobFGmgi6S6u8eyE9QRe-LYM77cWnJ0_eBvWUXrwZQopTsJhni-gXaWfhUW_r2h6xZ3

Request Chain 196

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_cver=1&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1

Request Chain 205

https://hal900016.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlYYyQADrXgK7Z1Ktwn9Ag%26exch_seat%3D20035004448%26mt_aid%3D2817245423911958598%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_cid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%2526client%253Dca-pub-7554934826467559%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2702158952%26adf%3D2623775624%26pi%3Dt.aa~a.1931292419~rp.4%26w%3D324%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1649800079%26rafmt%3D1%26to%3Dqs%26pwprc%3D6187712557%26psa%3D0%26format%3D324x250%26url%3Dhttps%253A%252F%252Fbusinessnewsday.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1649809608199%26bpp%3D3%26bdt%3D1662%26idt%3D-M%26shv%3Dr20220406%26mjsv%3Dm202203300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D1ec8f3e290da67ff-225ff7e075cd00b8%253AT%253D1649809608%253ART%253D1649809608%253AS%253DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1659701599524%26frm%3D20%26pv%3D1%26ga_vid%3D992529018.1649809607%26ga_sid%3D1649809607%26ga_hid%3D1276224219%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D1321%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760333%252C44760474%252C31065787%26oid%3D2%26pvsid%3D1564352018688728%26pem%3D72%26tmod%3D1665515494%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DITRmV5Fthc%26p%3Dhttps%253A%2F%2Fbusinessnewsday.com%26dtd%3D241&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbusinessnewsday.com&random=5372491103555&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900016.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlYYyQADrXgK7Z1Ktwn9Ag%26exch_seat%3D20035004448%26mt_aid%3D2817245423911958598%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_cid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%2526client%253Dca-pub-7554934826467559%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2702158952%26adf%3D2623775624%26pi%3Dt.aa~a.1931292419~rp.4%26w%3D324%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1649800079%26rafmt%3D1%26to%3Dqs%26pwprc%3D6187712557%26psa%3D0%26format%3D324x250%26url%3Dhttps%253A%252F%252Fbusinessnewsday.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1649809608199%26bpp%3D3%26bdt%3D1662%26idt%3D-M%26shv%3Dr20220406%26mjsv%3Dm202203300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D1ec8f3e290da67ff-225ff7e075cd00b8%253AT%253D1649809608%253ART%253D1649809608%253AS%253DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1659701599524%26frm%3D20%26pv%3D1%26ga_vid%3D992529018.1649809607%26ga_sid%3D1649809607%26ga_hid%3D1276224219%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D1321%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760333%252C44760474%252C31065787%26oid%3D2%26pvsid%3D1564352018688728%26pem%3D72%26tmod%3D1665515494%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DITRmV5Fthc%26p%3Dhttps%253A%2F%2Fbusinessnewsday.com%26dtd%3D241&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbusinessnewsday.com&random=5372491103555&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 210

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=84402600007995400951399011928016&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=84402600007995400951399011928016&actionid=981741&produktid=&dt_url=

Request Chain 211

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636

Request Chain 213

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=84402600007995400951399011928016 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 218

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIctrkT_AtOM0GBSV2YO7rI&google_cver=1&google_push=AYg5qPI1L0FClqvMdNE19IBrV9DgsxaGqCWY3lKJ6mlYQeQK_JUiqJzVQ8ZlZP-Q4O23uhsjGho8jYBxSEvbo6eWlt8zvnfJbe_h HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI1L0FClqvMdNE19IBrV9DgsxaGqCWY3lKJ6mlYQeQK_JUiqJzVQ8ZlZP-Q4O23uhsjGho8jYBxSEvbo6eWlt8zvnfJbe_h&google_hm=cqJz_pIVIhG_Rq0lfu6hyg

Request Chain 221

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPPVAFQM3_ITxhghm-tatyE&google_cver=1&google_push=AYg5qPKVxT_qXnlDp7kldTSP8yO8GrSdB1Z7_tzV87E1UqDMNtsbiB9YCZywVvH2I7Kalz_dQFSAP659jcihJ51f2OSpYnBCeH7s HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPPVAFQM3_ITxhghm-tatyE&google_cver=1&google_push=AYg5qPKVxT_qXnlDp7kldTSP8yO8GrSdB1Z7_tzV87E1UqDMNtsbiB9YCZywVvH2I7Kalz_dQFSAP659jcihJ51f2OSpYnBCeH7s&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcBd_jIoSi6uqXkIpRzD9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKVxT_qXnlDp7kldTSP8yO8GrSdB1Z7_tzV87E1UqDMNtsbiB9YCZywVvH2I7Kalz_dQFSAP659jcihJ51f2OSpYnBCeH7s

Request Chain 222

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMD3mKBKYybj_FXpPYz19Vk&google_cver=1&google_push=AYg5qPIJQ4Qu4xqHF60x0bwk17jQEhAFkuxECCKLwWTWWCe14ijooJ5mVU1wEJ3Rm2cOc8h0gXEqR-M4GZ1L-ys7QMWMQ0HuPsSn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFOQTMtMVMtRENZRA==&google_push=AYg5qPIJQ4Qu4xqHF60x0bwk17jQEhAFkuxECCKLwWTWWCe14ijooJ5mVU1wEJ3Rm2cOc8h0gXEqR-M4GZ1L-ys7QMWMQ0HuPsSn

Request Chain 223

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_cver=1&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1

Request Chain 244

https://player.vimeo.com/external/588786205.m3u8?s=df63725c0cf9b1a715d22b6cc7223217d3714853 HTTP 302
https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_string_ranges=1

Request Chain 248

https://player.vimeo.com/external/588786205.m3u8?s=df63725c0cf9b1a715d22b6cc7223217d3714853 HTTP 302
https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_string_ranges=1

Request Chain 278

https://player.vimeo.com/external/494444052.m3u8?s=af94154c29c313a3fe025146a465eab94278d00b HTTP 302
https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/05afaf09,27f2a73e,2b1f22ed,680c3235,7e2e9cbb/master.m3u8?absolute=1

Request Chain 279

https://player.vimeo.com/external/494444052.m3u8?s=af94154c29c313a3fe025146a465eab94278d00b HTTP 302
https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/05afaf09,27f2a73e,2b1f22ed,680c3235,7e2e9cbb/master.m3u8?absolute=1

288 HTTP transactions
23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
businessnewsday.com/ 577 KB
50 KB 935ms
789ms Document
text/html 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9cf22fcea92e4dede80796367643193364aba6ec81dd028beaafd9a3d6ca69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6fb01277fe515b98-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Tue, 12 Apr 2022 21:47:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRhHvVBNXhwV%2FvxuR%2FgLuH0p3DNvV9f81Iaem0AYjqecjq%2FClW9H%2FhDZHYkK2euvghi%2FjYwGbwrVhrP3TwWVxDdu3lAihbEPzhxsLoV7OAOjGq3cuvDcVnlP5zgO9ZTUrKaQ7g0bTCIYhHEJct2BCvWF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,Accept-Encoding

GET
H2 200 6bscd.css
businessnewsday.com/wp-content/cache/wpfc-minified/k23dceng/ 1 MB
162 KB 29ms
28ms Stylesheet
text/css 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/cache/wpfc-minified/k23dceng/6bscd.css
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0262d521b560bf3e428a5de0ced56186bbdd4dfc1687ffbb93ae71d32900b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64661
cf-polished: origSize=1469202
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 16 Jan 2022 21:35:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waYWguuw1X0jdYp%2FbYPH5E0Sv5uW4%2FKLunPm7lNcm6p03NLiNy%2FzzpQu4iuMQoJAGE%2FCI61f8qT%2FpOjv%2BzWKSZdimTuqtlVxi1FTQf00jOf0p9jXlqdnMZgoYpC04U4bBdxxyBwsTxYstRExOFdAi%2Fxh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=10368000
cf-ray: 6fb0127d38f95b98-FRA
expires: max-age=A10368000, public

GET
H2 200 6bscd.js Show response
businessnewsday.com/wp-content/cache/wpfc-minified/lkwq6ctx/ 87 KB
32 KB 23ms
23ms Script
application/javascript 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/cache/wpfc-minified/lkwq6ctx/6bscd.js
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b427bd83921245604aaf9c32a91b57b17249b93641b627b58a05aca374e5049e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64661
cf-polished: origSize=89585
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 16 Jan 2022 21:35:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWCMD%2BPAzFB5IOXnaqXYdTfI0B5%2B%2F4EEznEfPNkSPucBPTuioG%2FHCbBZZDuYMj9XQOTy6XvBjVDnHYapSMqWNhVTnpi67SV7hWoYwZXdveEK2VOdZDfNSIeELT5w9Gva26aGczbAPdfpLAFrhGNOAwwG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=10368000
cf-ray: 6fb0127d38fb5b98-FRA
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 170ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35d3f578162d546184f29bf063728c7cb33354245838445b0861cdb04f845da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54149
x-xss-protection: 0
server: cafe
etag: 4425444299636076894
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 00:26:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7COpen+Sans:400,600,700&display=swap

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b3e1d3b60e8c87df17d53bfb684102153aa9675f2ed34a60dd94d36540eb810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:26:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 00:26:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 00:26:47 GMT

GET
H3 200 6bscd.css
businessnewsday.com/wp-content/cache/wpfc-minified/saly08r/ 85 KB
13 KB 948ms
947ms Stylesheet
text/css 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/cache/wpfc-minified/saly08r/6bscd.css
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a3823951b7cd7873836b6ef73521b382544300111232d39480bf491713f763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=86899
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 16 Jan 2022 21:35:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnmTz7MMBgsvvF3gfGgEGsVhltJgrfMOSZiE%2BawCy%2FlRpbnlmighZ5klcciENtsMflNrWmUibvPZj%2F%2BuKqcS7GoSCYOF0AI3UvUn0Kh7l1tv4njVR3ljbkD0B9qIOEiNo5KB%2BkOkx0%2BMoUjJr0yjMNAb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=10368000
cf-ray: 6fb0127ded069b83-FRA
expires: max-age=A10368000, public

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
32 KB 134ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTRRZT5

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7285e78205debb0276a0f98c63e88bae378cc1cba8fd32a0d7a224f6e123fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32279
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Apr 2022 00:26:47 GMT

GET
H3 200 wllBND.jpg
businessnewsday.com/wp-content/uploads/2021/01/ 77 KB
78 KB 687ms
687ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2021/01/wllBND.jpg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df702a5d664001f135888288b33cfa87b92aed1f5342512d1693f9743d383ccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: BYPASS
last-modified: Tue, 09 Feb 2021 18:40:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdaMzEzVMc14mkc9jTaHsSPQJjptdO5foa2x8S%2Frm8DeN30K%2F%2F%2BffOFBMUfOcU3e1W4lhQzeKgVMbJcui9HhPxziYybKGlRKjghyykhVENbJS5vDKO4yXGHaxapXynF9bykl9O4GSretAGJdP%2FVOFESH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0127e0d229b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79282
expires: max-age=A10368000, public

GET
H3 200 newspaper.woff
businessnewsday.com/wp-content/themes/Newspaper/images/icons/ 123 KB
123 KB 719ms
718ms Font
x-font/woff 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/wp-content/cache/wpfc-minified/k23dceng/6bscd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

Referer: https://businessnewsday.com/wp-content/cache/wpfc-minified/k23dceng/6bscd.css
Origin: https://businessnewsday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Dec 2020 22:09:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMUZZ8DqqnmoKl8wjlHx4blM7XTXbeHFqJGsEOVTqItat744oNBi2lOxlQqm7O0HDfu8gGvy4wnn5dghkTyEOByk1HhFbPuooyIjKyMhSUat0qzm%2FwESi0kRAEQ%2BFTn6Y7vUKqZ%2By5sfueF7Gv9kB%2Fsw"}],"group":"cf-nel","max_age":604800}
content-type: x-font/woff
cache-control: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0127e0d289b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125620
expires: max-age=A10368000, public

GET
H3 200 BUSINESS-News-Day-2.png
businessnewsday.com/wp-content/uploads/2020/10/ 2 KB
3 KB 678ms
678ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2020/10/BUSINESS-News-Day-2.png
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a70bdf6f7a76fa10166d8e4c50c8067d05ec91d7ccaa831c60b4a61051bc2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: BYPASS
last-modified: Tue, 09 Feb 2021 18:34:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reOa94inD4coClKN0GS16LkW%2Fp8EQwRj5sgPWnctIWFUEl%2FJFvP5%2FSFMnL2NpCnPTeEKMmIRBuHd2jvD2DugVnbOEinxfXgJnHMOpSoFMmo3gG48%2BR28QuI0zmE6VtnMlz7PITLpfFFQjEGUECG4V4zW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0127e7dd59b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2296
expires: max-age=A10368000, public

GET
H2

200

5e1f31dbdf1535936ee21fc8205eed83 Show response
app.viloud.tv/embed/channel/ Frame 2DD7
Redirect Chain

https://app.viloud.tv/player/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

3 KB
2 KB

20ms
20ms

Document
text/html

5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.191.135.9.5.clients.your-server.de
Software: nginx /
Resource Hash: b7e65448f1c481b9880b2ec2351f86d61fb7a1caf2a2517a91e527008e946ca9

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47150
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Wed, 13 Apr 2022 00:26:47 GMT
etag: W/"64222052c2f9decd41e5fed336e7587f"
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Thu, 31 Mar 2022 09:52:53 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id: IjlUtuWKmjdhtNWLTbtWOVNcCqpfvAZUGTzIBxnsyqLIibjwB3FF2A==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

Redirect headers

content-length: 464
content-type: text/html; charset=iso-8859-1
date: Wed, 13 Apr 2022 00:26:47 GMT
location: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
server: nginx

GET
H3 200 ksf-space-animated-video.gif
businessnewsday.com/wp-content/uploads/2022/01/ 2 MB
2 MB 766ms
765ms Image
image/gif 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/01/ksf-space-animated-video.gif
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad419adf538fcddbc50cf266b0e4c40965c84919745f6d09507c6b17531531e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: BYPASS
last-modified: Fri, 14 Jan 2022 19:58:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHhDS5t%2BGLP420N6q0MyPeZKQLk1mPLt%2BT7KTrDjvgi%2B9QT3mU4kk%2FGI6GWV7qYIaSvrgYSbaVydxC7Fl7a17l7wbaitvMYSdjrWaJgMZlQuXHGbJp4Aj0n2i669dtftq9k9maKMiZbtAuWIaH3oYBwk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0127e8df79b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1671757
expires: max-age=A10368000, public

GET
H3 200 DNBC_ad_TBN.jpg
businessnewsday.com/wp-content/uploads/2021/10/ 16 KB
16 KB 767ms
767ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2021/10/DNBC_ad_TBN.jpg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce1db3952811f857d75de818153e6480ae54baed9a608993cf579ccc44ed6306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: BYPASS
last-modified: Sun, 03 Oct 2021 18:35:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fwcmd%2BmH1S6F2Zavg%2B%2BMwaShqek21%2FUwtNrEDpyPjiNx1RgGZO7trOzFjntj3QQ0Niuu%2B9ky5ONdu%2B%2BWg7QODHMyQHMajQp7yvcn%2BwmNjeJxn9KCn%2FUtyqCBKWXmXOkuWzZmNwOvS0BydNUkQxVHZqQq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0127e8df89b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16124
expires: max-age=A10368000, public

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 elements.png
businessnewsday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 647ms
647ms Image
image/png 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/wp-content/cache/wpfc-minified/k23dceng/6bscd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/wp-content/cache/wpfc-minified/k23dceng/6bscd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2020 22:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuVD0VMct5BlWFu5LAK7Kpv72le3rjSLOR60qRu8RqMQN6gMHfHuUQoPHpEVrRqgiqZXltOpZsyIDCeVRthBurtTnPpbZVM4cY0L5uOnUcNoQr9cd3p5%2FMmx3Ea2u4GpQnLXXwUMeE1ZXJuyYtWnRSai"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0127eae1b9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4149
expires: max-age=A10368000, public

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7COpen+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://businessnewsday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 427226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 01:46:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 135ms
50ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7COpen+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://businessnewsday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 6100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:45:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 182ms
98ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7COpen+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://businessnewsday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 37486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 14:02:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 192ms
109ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7COpen+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://businessnewsday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 541828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:56:19 GMT

GET
H3 206 IFGICT.mp4
businessnewsday.com/wp-content/uploads/2021/09/ 6 MB
0 745ms
745ms Media
video/mp4 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/uploads/2021/09/IFGICT.mp4
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://businessnewsday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: BYPASS
last-modified: Fri, 03 Sep 2021 19:11:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuxXflFECmxTizsa8IXTSZ3WLxLRRfWsstFxEH24XkgOEDZiy5vxqyc%2FoVjQIKkp18mjZgjds45mpSJCL2JBkLaIzzSSN5cPkJySQ2KP%2F95hOa043C8RpiYJIVuvMSBOIjK96h6KXJ%2BWkPOrW88Tqa%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-6525871/6525872
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fb0127f5edb9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6525872
expires: max-age=A10368000, public

GET
H/1.1

200
OK

7ng41r774c9uv
node-13.zeno.fm/
Redirect Chain

https://node-10.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABfKKoUOIAVPvy0a3MbObzlQ
https://node-07.zeno.fm/8qmmx15z0heuv?rj-ttl=5&rj-tok=AAABgCBZ9LIAgxUdMFtsktiboA
https://stream.zeno.fm/7ng41r774c9uv
https://stream.zenolive.com/7ng41r774c9uv?zs=OsJaZP7uTqmA6L5S0ZSr8w
https://node-13.zeno.fm/7ng41r774c9uv?zs=OsJaZP7uTqmA6L5S0ZSr8w&rj-tok=AAABgCBZ-l8AzEjQbEBmMBkVyQ&rj-ttl=5

128 KB
0

1608ms
1305ms

Media
audio/mpeg

142.44.213.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://node-13.zeno.fm/7ng41r774c9uv?zs=OsJaZP7uTqmA6L5S0ZSr8w&rj-tok=AAABgCBZ-l8AzEjQbEBmMBkVyQ&rj-ttl=5
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: HTTP/1.1
Server: 142.44.213.187 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ample-zeno-13.radiojar.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

icy-name: -
content-type: audio/mpeg

Redirect headers

location: http://node-13.zeno.fm/7ng41r774c9uv?zs=OsJaZP7uTqmA6L5S0ZSr8w&rj-tok=AAABgCBZ-l8AzEjQbEBmMBkVyQ&rj-ttl=5
access-control-allow-origin: *
content-length: 0

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 297 KB
107 KB 114ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=businessnewsday.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11581ce03714240422b1aca1551356f13ea824702b79b51c03b73b8a044933c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109025
x-xss-protection: 0
server: cafe
etag: 3729224052689334143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 00:26:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame 757C 10 KB
5 KB 77ms
20ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 20:57:53 GMT
etag: 14837630671339829333
expires: Tue, 26 Apr 2022 20:57:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 2DD7 3 KB
527 B 95ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700

Requested by

Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e84c7c84edd45ae00abe02027275c2ab7e3b2e72973d2af32ed1ff5e6711f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 22:35:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 00:26:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 00:26:47 GMT

GET
H2 200 video-js.min.css
vjs.zencdn.net/7.18.1/ Frame 2DD7 39 KB
10 KB 29ms
6ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.18.1/video-js.min.css
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c867160aebdb228104b9bed90d3b34f73990cc754ab3607a8ba0a46df7c55c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 22:50:39 GMT
etag: "59190bdaf55073b90e6d131e747659c6"
x-served-by: cache-hhn4078-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 10371
x-cache-hits: 1

GET
H2 200 28b65a0c.vendor.css
d1p84540l00xkx.cloudfront.net/css/ Frame 2DD7 133 KB
25 KB 55ms
9ms Stylesheet
text/css 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/css/28b65a0c.vendor.css
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 938e93f9adee109070d12a1a3e54c7f225b1e0988652edaf3759e0f829807a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 04:59:03 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 70065
etag: W/"28b65a0cb57c7b7a2a280b8055b4ffa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: wstwOfUXUiefghhu4L-uyT9bSeHIgMs2stHzrMivGBhuSXIT3gwfeg==

GET
H2 200 2b1fcbaa.main.css
d1p84540l00xkx.cloudfront.net/css/ Frame 2DD7 19 KB
4 KB 55ms
10ms Stylesheet
text/css 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/css/2b1fcbaa.main.css
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6721f7738f09d774df260328bd2895076a67e181d0e9ec9858298aa2b735c9ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:15:09 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 69619
etag: W/"2b1fcbaad6ad555d9a5cea1247d0f5fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ynlW2WWhG-tHLV5XoGs4sPcFn86v-nG9uW5WciTf2Ws2FURi2DkNZQ==

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.18.1/ Frame 2DD7 563 KB
158 KB 30ms
7ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.18.1/video.min.js
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cbf335cdb19e47784face065ff2196f3b2fac3ba515a7b75e8822c3fd1f3c655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 22:50:39 GMT
etag: "2aaaaa0a5cce6de0b6a34997d3c36015"
x-served-by: cache-hhn4078-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 161243
x-cache-hits: 3

GET
H2 200 c07abeb0.vendor.js Show response
d1p84540l00xkx.cloudfront.net/js/ Frame 2DD7 461 KB
144 KB 60ms
15ms Script
application/javascript 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2085131cb0e962fa6d78cd70e0d7c79b7a34e6f21916bdc1daa984db0d7dadf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 03:08:32 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 76696
etag: W/"c07abeb07fb60e61252a375662d94c6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ELxC4hu9iNsiqzyGX2VVLi5W7Ip3zMM7mWFmNLWEZwIg1f5DNX-Gcg==

GET
H2 200 b6d78c02.scripts.js Show response
d1p84540l00xkx.cloudfront.net/js/ Frame 2DD7 46 KB
14 KB 63ms
18ms Script
application/javascript 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/js/b6d78c02.scripts.js
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e1e79f4681262298bfa95f94c32a1019cd062e9dbb6da54c1ea25c8dee34c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 01:04:02 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 84166
etag: W/"b6d78c02f470f3be895761a7c7621bd6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: cumdcaBX1GfW4he1vU_RsR536aOscBtJC9ynId5YBqYQIsGYZFNSjQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 107ms
60ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DHYMD7ZHK8

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTRRZT5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da4441651f552c1fefd071ec9064030b420d03342cc5288f4219291b1874d82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66586
x-xss-protection: 0
expires: Wed, 13 Apr 2022 00:26:47 GMT

GET
H2

200

5e1f31dbdf1535936ee21fc8205eed83 Show response
app.viloud.tv/embed/channel/ Frame AE93
Redirect Chain

https://app.viloud.tv/player/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

3 KB
2 KB

22ms
22ms

Document
text/html

5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.191.135.9.5.clients.your-server.de
Software: nginx /
Resource Hash: b7e65448f1c481b9880b2ec2351f86d61fb7a1caf2a2517a91e527008e946ca9

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47150
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Wed, 13 Apr 2022 00:26:47 GMT
etag: W/"64222052c2f9decd41e5fed336e7587f"
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Thu, 31 Mar 2022 09:52:53 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id: Ur-vjmWwKuftyV_8UsMDvBrfCKAjfKNjq3MSdpD-x_O78N_ZUBS2FQ==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

Redirect headers

content-length: 464
content-type: text/html; charset=iso-8859-1
date: Wed, 13 Apr 2022 00:26:47 GMT
location: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
server: nginx

GET
H3 200 ksf-space-animated-video-02.gif
businessnewsday.com/wp-content/uploads/2022/01/ 1 MB
1 MB 763ms
763ms Image
image/gif 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/01/ksf-space-animated-video-02.gif
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea31f10edab8222e4e66001e64f74b3e91f0fe42ca5ee682e09def8a6509fd9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: BYPASS
last-modified: Thu, 20 Jan 2022 19:34:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13x2DKBzA5XgE6hXtuTHhJ7peEyB%2FImXQ0myzoAtwjvjqDfad3Qo%2FsnHtVMy8lWnuAwMMFzyEGM0olnVRHTufJNn057Y0bxIQ6tWSJT3xF%2Fd6fqDYCkRHsNl5iV44YLWq4W10gWQn8UgcqC6O%2F%2FFUiwS"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01280981e9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1506578
expires: max-age=A10368000, public

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 206 IFGICT.mp4
businessnewsday.com/wp-content/uploads/2021/09/ 29 KB
0 717ms
717ms Media
video/mp4 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/uploads/2021/09/IFGICT.mp4
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://businessnewsday.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: BYPASS
last-modified: Fri, 03 Sep 2021 19:11:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9b1tdfdfTCPmsXuh2ZBWpbHj6qFQ04KTnWDXQXu0TUAW9RI6Uyx9ZQ%2FdjmmqfZRrHd32lS60AEhs9wTs7tlnTbnr95b7uZAw0b6zbUoyUqREN2T588NDnvBmKqVKhbwNuhfWyDgrRVyRf39lJzEodb7"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-6525871/6525872
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fb01280d8639b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6525872
expires: max-age=A10368000, public

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK index.php Show response
sslfxrates.forexprostools.com/ Frame 2C02 13 KB
4 KB 109ms
29ms Document
text/html 185.94.85.236
FUSIONMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.94.85.236 Amsterdam, Netherlands, ASN56647 (FUSIONMEDIA, VG),

Reverse DNS

185-94-85-236.fusionmedialtd.com

Software

nginx/1.16.1 / PHP/5.4.43

Resource Hash

5c48529f120e5d9fdf0705213ee923e9e4c015cc630b829237c32e004b459b9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3461
Content-Security-Policy: upgrade-insecure-requests; block-all-mixed-content
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Apr 2022 00:26:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Server: nginx/1.16.1
Vary: Accept-Encoding,User-Agent
Via: 1.1 varnish
X-Powered-By: PHP/5.4.43
X-Varnish: 3787416725

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 2DD7 980 B
2 KB 143ms
58ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7af3e1c1eb39bee95ffa6ca628b266660492c37a2cf2d4ba71db7e34a080d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 13 Apr 2022 00:26:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2DD7 49 KB
20 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3118
date: Tue, 12 Apr 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 13 Apr 2022 01:34:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AE93 3 KB
527 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700

Requested by

Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e84c7c84edd45ae00abe02027275c2ab7e3b2e72973d2af32ed1ff5e6711f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 23:56:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 00:26:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 00:26:47 GMT

GET
H2 200 video-js.min.css
vjs.zencdn.net/7.18.1/ Frame AE93 39 KB
10 KB 7ms
6ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.18.1/video-js.min.css
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c867160aebdb228104b9bed90d3b34f73990cc754ab3607a8ba0a46df7c55c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:47 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 22:50:39 GMT
etag: "59190bdaf55073b90e6d131e747659c6"
x-served-by: cache-hhn4078-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 10371
x-cache-hits: 2

GET
H2 200 28b65a0c.vendor.css
d1p84540l00xkx.cloudfront.net/css/ Frame AE93 133 KB
25 KB 11ms
10ms Stylesheet
text/css 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/css/28b65a0c.vendor.css
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 938e93f9adee109070d12a1a3e54c7f225b1e0988652edaf3759e0f829807a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 04:59:03 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 70065
etag: W/"28b65a0cb57c7b7a2a280b8055b4ffa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ElDwa2s4loDxpe7Fv6lfJkWz2gO12OKMEUu38jNVaq0E5AnzIp0OOQ==

GET
H2 200 2b1fcbaa.main.css
d1p84540l00xkx.cloudfront.net/css/ Frame AE93 19 KB
4 KB 11ms
10ms Stylesheet
text/css 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/css/2b1fcbaa.main.css
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6721f7738f09d774df260328bd2895076a67e181d0e9ec9858298aa2b735c9ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 05:15:09 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 69619
etag: W/"2b1fcbaad6ad555d9a5cea1247d0f5fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 0ntN7kdPEn4HRWyK-YKM0UBOSndPtJqOcvDC0AgJIHh6yhO96_WKoQ==

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.18.1/ Frame AE93 563 KB
158 KB 31ms
30ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.18.1/video.min.js
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cbf335cdb19e47784face065ff2196f3b2fac3ba515a7b75e8822c3fd1f3c655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 22:50:39 GMT
etag: "2aaaaa0a5cce6de0b6a34997d3c36015"
x-served-by: cache-hhn4078-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 161243
x-cache-hits: 4

GET
H2 200 c07abeb0.vendor.js Show response
d1p84540l00xkx.cloudfront.net/js/ Frame AE93 461 KB
144 KB 12ms
11ms Script
application/javascript 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2085131cb0e962fa6d78cd70e0d7c79b7a34e6f21916bdc1daa984db0d7dadf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 03:08:32 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 76696
etag: W/"c07abeb07fb60e61252a375662d94c6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Tey8G4_cBmb-3wqZlV3jxOjr3m3bIZ6P3nm8Kb1iOpADgmp91M8-7Q==

GET
H2 200 b6d78c02.scripts.js Show response
d1p84540l00xkx.cloudfront.net/js/ Frame AE93 46 KB
14 KB 17ms
16ms Script
application/javascript 2600:9000:2315:c200:15:6f87:8040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1p84540l00xkx.cloudfront.net/js/b6d78c02.scripts.js
Requested by: Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c200:15:6f87:8040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e1e79f4681262298bfa95f94c32a1019cd062e9dbb6da54c1ea25c8dee34c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 01:04:02 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 09:52:52 GMT
server: AmazonS3
age: 84166
etag: W/"b6d78c02f470f3be895761a7c7621bd6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: S7Aggf93Lpkyf4W9KlHLPVsfpiWpJp3K8cyhgjXALyXizj4TEgbDAQ==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 223 B
654 B 150ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=businessnewsday.com&callback=_gfp_s_&client=ca-pub-7554934826467559

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7554934826467559&plah=businessnewsday.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8cee5ba8873dfc09010fc401e5b01b164a7293e89478ef9281cf72c0e460dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 210
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 143ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=businessnewsday.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=businessnewsday.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFC6 268 KB
65 KB 526ms
491ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&adk=1812271804&adf=3025194257&lmt=1649800079&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbusinessnewsday.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809606983&bpp=2&bdt=446&idt=398&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1659701599524&frm=20&pv=2&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bedbbb85972e87083e6866556b7fe0703be8cb370df07f07fea5be6a2bbd4f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67010
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:48 GMT
expires: Wed, 13 Apr 2022 00:26:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2DD7 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://app.viloud.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v16/ Frame 2DD7 35 KB
35 KB 87ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v16/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.viloud.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:03:46 GMT
x-content-type-options: nosniff
age: 534182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36220
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 20:03:46 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 92ms
46ms Ping
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DHYMD7ZHK8&gtm=2oe460&_p=1276224219&sr=1600x1200&_z=ccd.ACB&ul=en-us&cid=992529018.1649809607&_s=1&dl=https%3A%2F%2Fbusinessnewsday.com%2F&dt=Business%20News%20Day%20-%20Daily%20Business%20News%20Magazine&sid=1649809607&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DHYMD7ZHK8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://businessnewsday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lazysizes.min.js Show response
businessnewsday.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
5 KB 704ms
703ms Script
application/javascript 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.5
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Jan 2022 17:27:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nyh%2BqdUdHDq0OX%2BcL1xqslV4YeOHEERvl3KJDA8joSE2A5aOkmZT0u5NprGm2u0bA8RUTdQt1WA%2FfbykBSZxY6Vd6KIXlNDvLKfXiLSgowELiLOUm3M6RCfHlStJkpc8KNlTyQ2zfraS9AGyuKrkwJxK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fb012841bb99b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 autoptimize_de5a7485fffd7a4410dba90438cf6f0a.js Show response
businessnewsday.com/wp-content/cache/autoptimize/js/ 433 KB
108 KB 1418ms
1418ms Script
application/javascript 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://businessnewsday.com/wp-content/cache/autoptimize/js/autoptimize_de5a7485fffd7a4410dba90438cf6f0a.js
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e137006094208e64f4f956220634c6170dcd7fbd367d0b63b0098e68dd938b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=444184
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 10 Apr 2022 15:04:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJU2Mmb2JbrBnj1Zy6l%2FgDlPtiQtBJN35F5ZFio69M6C%2BAZA%2Fhj%2FkGGwoWgBjHgHl5RdgWvA4V49cGNSq4SumLKNt7WXVjSXpIyEahOwryrc9Qr%2BvXKKF93sZNu9UlHPXQLkpOl53dtLtGo5O%2BzzoaPy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=10368000, public, immutable
cf-ray: 6fb012841bbb9b83-FRA
expires: max-age=A10368000, public

GET
DATA 200
OK truncated
/ Frame AE93 4 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://app.viloud.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 sslwmtools_rates_v1b.css
wmt-invdn-com.investing.com/ Frame 2C02 4 KB
2 KB 77ms
50ms Stylesheet
text/css 2606:4700::6812:ad7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wmt-invdn-com.investing.com/sslwmtools_rates_v1b.css
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6268d8a3a3ac3990e3ea42a90d45d0d0a4b45e38795016dbb042a1fb0ca9e45f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
origin: https://mycloud.rackspace.com
cf-cache-status: HIT
age: 32290
cf-polished: origSize=4794
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx87d8cea028d0455abe716-00621abfd4dfw1
last-modified: Sun, 02 Apr 2017 07:30:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-timestamp: 1491118241.30804
cache-control: public, max-age=84347
cf-ray: 6fb01284bcb568f7-FRA
expires: Wed, 13 Apr 2022 23:52:35 GMT

GET
H2 200 nyx_classes_75.css
i-invdn-com.investing.com/webmaster-tools/buttons-css/ Frame 2C02 11 KB
2 KB 94ms
67ms Stylesheet
text/css 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/webmaster-tools/buttons-css/nyx_classes_75.css
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5272ebc76ee36a369f155347cb3da728eb1cdb0d3312b0aa062703d6f011b566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
origin: https://mycloud.rackspace.com
cf-cache-status: HIT
age: 16305
cf-polished: origSize=12753
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx5efb984186c94182bba73-0061273caadfw1
last-modified: Mon, 03 Apr 2017 05:11:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-timestamp: 1491196287.02982
cache-control: public, max-age=368676
cf-ray: 6fb01284bce35b2c-FRA
expires: Sun, 17 Apr 2022 06:51:24 GMT

GET
H2 200 jquery_plus_func.js Show response
wmt-invdn-com.investing.com/ Frame 2C02 90 KB
33 KB 79ms
52ms Script
application/x-javascript 2606:4700::6812:ad7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wmt-invdn-com.investing.com/jquery_plus_func.js
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7b9b5496382515c4e684c8b4a1d0e86c321365dd04bf0df038e0bfaec6ca53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2011 16:37:26 GMT
server: cloudflare
age: 56272
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1308069445.65774
cache-control: public, max-age=23005
cf-ray: 6fb01284bcb868f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx4a3c6673a90e4893bd307-006165e8eedfw1
expires: Wed, 13 Apr 2022 06:50:13 GMT

GET
H2 200 refresher_v10.js Show response
wmt-invdn-com.investing.com/js/ Frame 2C02 4 KB
1 KB 78ms
51ms Script
application/x-javascript 2606:4700::6812:ad7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wmt-invdn-com.investing.com/js/refresher_v10.js
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67ff33d0f2a8202d620bb08ba797834c9f84aef45e0a2abaf17c45cba74b082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Dec 2011 22:10:35 GMT
server: cloudflare
age: 29832
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1323036634.22435
cache-control: public, max-age=22645
cf-ray: 6fb01284bcb968f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txf3bf24d2d8b540489f904-0061cfd0cddfw1
expires: Wed, 13 Apr 2022 06:44:13 GMT

GET
H2 200 ads.js Show response
i-invdn-com.investing.com/js/ Frame 2C02 73 B
649 B 80ms
53ms Script
application/x-javascript 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/ads.js
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a519b27a0b5a76d84f6abc48cb53662626cda81e843f723802145843134c8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2015 10:31:34 GMT
server: cloudflare
age: 16668
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1450348293.51193
cache-control: public, max-age=115938
cf-ray: 6fb01284bce55b2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx2575f49ce1274988be210-00610cab02dfw1
expires: Thu, 14 Apr 2022 08:39:06 GMT

GET
H2 200 dlinks.js Show response
i-invdn-com.investing.com/js/ Frame 2C02 361 B
561 B 89ms
63ms Script
application/x-javascript 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/dlinks.js
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63f0d973b692bf5c0938f26dce888401ec8c5a0cb29cf6e15ce765e8974fb0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Feb 2016 15:59:27 GMT
server: cloudflare
age: 16001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1456156766.46427
cache-control: public, max-age=74772
cf-ray: 6fb01284bce65b2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx2dcb4a409a984d079756a-006125edc5dfw1
expires: Wed, 13 Apr 2022 21:13:00 GMT

GET
H3 200 forexpros_en_logo.png
wmt-invdn-com.investing.com/ Frame 2C02 966 B
1 KB 61ms
39ms Image
image/webp 2606:4700::6812:ad7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wmt-invdn-com.investing.com/forexpros_en_logo.png
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29dacc6d487a86a102bc01521f3e8ceced6c8e832e1c3f25864b7e0e53e753be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: HIT
x-trans-id: tx80843a143b5d4168b1fcc-00623fbba5dfw1
age: 57508
cf-polished: origFmt=png, origSize=2266
content-disposition: inline; filename="forexpros_en_logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 966
expires: Wed, 13 Apr 2022 13:21:51 GMT
last-modified: Sun, 15 Sep 2013 08:55:05 GMT
server: cloudflare
etag: 007e1eac789aaa3cca6a5007752782b4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-timestamp: 1379235304.46132
cache-control: public, max-age=46503
accept-ranges: bytes
cf-ray: 6fb01285faa46939-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sockjs.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/ Frame 2C02 33 KB
10 KB 52ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/sockjs.min.js

Requested by

Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c165fe7dec11d4716d084722a41e525a04857fb2529b9137aa13193ac0bbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 709266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9551
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-8465"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LekK3Z0U3iXpccKtwdadvAkVEmA%2FculqlZA3PDGOJYtASqvkn7T9JKkubFgZz9QjODciBOAYLJeD8Z%2BDJB1KCOAQQUm3ZkcAQGL9JeZPJHKMOle1Th5%2FmdjV2HOMbW0IRA%2BGSOcePpTIk8o3Eofc2hf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fb01285f9dc9189-FRA
expires: Mon, 03 Apr 2023 00:26:48 GMT

GET
H2 200 fxindex1.js Show response
streamjs.investing.com/tools/ Frame 2C02 7 KB
2 KB 60ms
16ms Script
text/javascript 185.94.85.240
FUSIONMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://streamjs.investing.com/tools/fxindex1.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.94.85.240 Amsterdam, Netherlands, ASN56647 (FUSIONMEDIA, VG),

Reverse DNS

185-94-85-240.fusionmedialtd.com

Software

nginx /

Resource Hash

cfde9f6b1360ad2477f08eb79b7b3a171baea13f8531faf2ced3d68ceb329f17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 16:11:17 GMT
server: nginx
age: 0
etag: "1b6b-56d465e13e62d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
accept-ranges: bytes, bytes
content-length: 1856

GET
H2 200 5e1f31dbdf1535936ee21fc8205eed83 Show response
services.viloud.tv/channel/ Frame 2DD7 173 KB
174 KB 789ms
561ms XHR
application/json 3.225.247.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.viloud.tv/channel/5e1f31dbdf1535936ee21fc8205eed83?ref=https%3A%2F%2Fbusinessnewsday.com%2F
Requested by: Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.247.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-247-221.compute-1.amazonaws.com
Software: /
Resource Hash: e5bd3f0044824773a4cfe41dfd77a1a222958906a68539927ee0663590f28c6a

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.viloud.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://app.viloud.tv
date: Wed, 13 Apr 2022 00:26:48 GMT
vary: origin
content-type: application/json
content-length: 177376
apigw-requestid: QfjPYgfQoAMES3w=
access-control-expose-headers: date

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame AE93 980 B
512 B 119ms
60ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7af3e1c1eb39bee95ffa6ca628b266660492c37a2cf2d4ba71db7e34a080d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 13 Apr 2022 00:26:48 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/1e29bfc0/www-widgetapi.vflset/ Frame 2DD7 151 KB
49 KB 88ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273d394fffd5eb7b8d075e36446e0b3d8b6de1d3a238b43045f9bdba26e5274a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 23:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50033
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Apr 2023 23:58:49 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame AE93 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.viloud.tv
URL: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3118
date: Tue, 12 Apr 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 13 Apr 2022 01:34:50 GMT

GET
H3 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v16/ Frame AE93 35 KB
35 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v16/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.viloud.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:03:46 GMT
x-content-type-options: nosniff
age: 534182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36220
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 20:03:46 GMT

GET
H2 200 5e1f31dbdf1535936ee21fc8205eed83 Show response
services.viloud.tv/channel/ Frame AE93 173 KB
174 KB 386ms
370ms XHR
application/json 3.225.247.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.viloud.tv/channel/5e1f31dbdf1535936ee21fc8205eed83?ref=https%3A%2F%2Fbusinessnewsday.com%2F
Requested by: Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.247.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-247-221.compute-1.amazonaws.com
Software: /
Resource Hash: e5bd3f0044824773a4cfe41dfd77a1a222958906a68539927ee0663590f28c6a

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.viloud.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://app.viloud.tv
date: Wed, 13 Apr 2022 00:26:48 GMT
vary: origin
content-type: application/json
content-length: 177376
apigw-requestid: QfjPYgVHoAMES-g=
access-control-expose-headers: date

GET
H2 200 B9105698.123658976;sz=95x24;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment= Show response
ad.doubleclick.net/ddm/adi/N5872.2079124INVAFF/ Frame 40C8 26 B
623 B 121ms
41ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N5872.2079124INVAFF/B9105698.123658976;sz=95x24;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sslfxrates.forexprostools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 23
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/1e29bfc0/www-widgetapi.vflset/ Frame AE93 151 KB
49 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273d394fffd5eb7b8d075e36446e0b3d8b6de1d3a238b43045f9bdba26e5274a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 23:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50033
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Apr 2023 23:58:49 GMT

GET
H3 200 newSiteIconsSprite_v33f.png
i-invdn-com.investing.com/ Frame 2C02 95 KB
95 KB 41ms
29ms Image
image/webp 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i-invdn-com.investing.com/newSiteIconsSprite_v33f.png
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a443c4992f332c3cf23c3c4e4313edbe51bb8f48c4a45a2322c9e218057a172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: HIT
x-trans-id: tx0517e220bd864d518b1da-0061e8fd62dfw1
age: 75159
cf-polished: origFmt=png, origSize=140818
content-disposition: inline; filename="newSiteIconsSprite_v33f.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96968
expires: Sat, 16 Apr 2022 14:56:40 GMT
last-modified: Mon, 03 Aug 2015 06:23:16 GMT
server: cloudflare
etag: acc7c617ef2db0ef946b7f8ce86dbc94
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-timestamp: 1438582995.08876
cache-control: public, max-age=311392
accept-ranges: bytes
cf-ray: 6fb012860dc99b28-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bg_grey_tools.gif
wmt-invdn-com.akamaized.net/ Frame 2C02 508 B
743 B 56ms
7ms Image
image/gif 92.123.225.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wmt-invdn-com.akamaized.net/bg_grey_tools.gif
Requested by: Host: wmt-invdn-com.investing.com
URL: https://wmt-invdn-com.investing.com/sslwmtools_rates_v1b.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.225.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d8f01d2edd0720a649fb7cc297a11931eef05630cfa78298ce8e67e2793b353f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wmt-invdn-com.investing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
last-modified: Mon, 07 Jun 2010 14:52:43 GMT
x-trans-id: txe9f5ffb120f04b99a016e-005ff3f32fdfw1
etag: 7e9b9e538ca2eecb45e7b07431e53ccc
content-type: image/gif
x-timestamp: 1275922362.31467
cache-control: public, max-age=259200
accept-ranges: bytes
content-length: 508
expires: Sat, 16 Apr 2022 00:26:48 GMT

GET
H3 200 newSiteIconsSprite_v32p.png
i-invdn-com.investing.com/ Frame 2C02 93 KB
94 KB 33ms
23ms Image
image/webp 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i-invdn-com.investing.com/newSiteIconsSprite_v32p.png
Requested by: Host: sslfxrates.forexprostools.com
URL: https://sslfxrates.forexprostools.com/index.php?force_lang=1&pairs_ids=1;3;2;4;7;5;8;6;&header-text-color=%23FFFFFF&curr-name-color=%230059b0&inner-text-color=%23000000&green-text-color=%232A8215&green-background=%23B7F4C2&red-text-color=%23DC0001&red-background=%23FFE2E2&inner-border-color=%23CBCBCB&border-color=%23cbcbcb&bg1=%23F6F6F6&bg2=%23ffffff&bid=show&ask=show&last=hide&change=hide&last_update=hide
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffcd79bb35a16600936afdb30c56490d9cdb938b2a0b9e3d6edf543de391a765

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
cf-cache-status: HIT
x-trans-id: txbc5f3d6fc5e244db91f7d-0062425b84dfw1
age: 67960
cf-polished: origFmt=png, origSize=138342
content-disposition: inline; filename="newSiteIconsSprite_v32p.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95476
expires: Wed, 13 Apr 2022 08:23:39 GMT
last-modified: Sun, 31 May 2015 09:20:23 GMT
server: cloudflare
etag: 5aea85b543f2bff82a7969ea5857e969
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
x-timestamp: 1433064022.25314
cache-control: public, max-age=28611
accept-ranges: bytes
cf-ray: 6fb012860dc89b28-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 145 KB
51 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

032f947abdf8d897db08ddb1aa01aaae93e5e632061d45191a71e23504d5a620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52638
x-xss-protection: 0
server: cafe
etag: 9171229208345952618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 00:26:48 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 73ms
38ms Script
application/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=businessnewsday.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 94ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=businessnewsday.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D5C 33 KB
13 KB 552ms
551ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fad27a951a13f10296db5fcb961ebf6aa94497505d522c7e6c955bcf8fd74c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:49 GMT
expires: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1FAB 128 KB
42 KB 496ms
496ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcf1b95363dbc5433b4ccc855bbf10703004ad8b1975e6541c3a87f6bd7d752a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSgzd3jj_cCFQ3u7QodRZQJKA&gqi=yRhWYqKACKuBjuwPyZKd6Ak&layout=/sadbundle/%24csp%253Der3%24/322135676635472741/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43006
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSgzd3jj_cCFQ3u7QodRZQJKA&gqi=yRhWYqKACKuBjuwPyZKd6Ak&layout=/sadbundle/%24csp%253Der3%24/322135676635472741/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:49 GMT
expires: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AC3 121 KB
38 KB 829ms
829ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20ec48cb4ea97f75fdf64501c65bcd810f767194770534bb0038ec646fede0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:49 GMT
expires: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 2C02 45 KB
17 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4731
date: Tue, 12 Apr 2022 23:07:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 13 Apr 2022 01:07:58 GMT

GET
H/1.1 200
OK info Show response
stream124.forexpros.com/echo/ Frame 2C02 79 B
420 B 74ms
15ms XHR
application/json 185.168.112.124
FUSIONMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://stream124.forexpros.com/echo/info
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/sockjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.168.112.124 , Virgin Islands (British), ASN56647 (FUSIONMEDIA, VG),
Reverse DNS: 185-168-112-124.fusionmedialtd.com
Software: /
Resource Hash: cf164a176cc9fead116bed7be746a320bc07131868603b294298c37032a72e19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sslfxrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sslfxrates.forexprostools.com
Date: Wed, 13 Apr 2022 00:26:49 GMT
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 38ms
38ms Script
application/javascript 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=businessnewsday.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/ Frame 323E 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 21:41:39 GMT
etag: 14837630671339829333
expires: Tue, 26 Apr 2022 21:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/ Frame 6DBD 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 21:41:39 GMT
etag: 14837630671339829333
expires: Tue, 26 Apr 2022 21:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Mylar-485x360.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 28 KB
29 KB 782ms
780ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/Mylar-485x360.jpg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dafe5119a3df9abdd0aecbf777cf1c5656985c7288487d5a242a3f65f74b791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 21:43:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmgKL5lzxshlulUbpKX09dq%2B9u9MdTA6ec56m1ILYNDXjmB4J6hYXUcty3LFuOMrkSVqk1G73fvfJhKRKVg7h0JS0ZEzlCUR5bAkPqhqgJ3Q6wBrciDfbpmy%2Bb%2BNtLC8iceE3rU26L7pmPhKrYA7N0fn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01289a9bf9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29069
expires: max-age=A10368000, public

GET
H3 200 cosmetic-boxes-218x150.jpeg
businessnewsday.com/wp-content/uploads/2022/04/ 5 KB
5 KB 1130ms
1129ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/cosmetic-boxes-218x150.jpeg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4119832dfbf19db80f6eaeb79fe1c8d80b987154a6b662153504b4712ecc7d49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 20:01:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4wplBuJqfKTEZUH06h%2BmtSSbNMCKUMAR%2BzfpZ78xzXiA%2F1eOBAgsCofGfeA0kAsGyUSq0dhICIGAH%2FBu2IKrxQlAzwYMqjGfo5NGNrjvSF%2BBCCYOLzc0ofsgYAbxobrwkYM7b2qXaNF9YaI5COWHHq3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01289a9c19b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5018
expires: max-age=A10368000, public

GET
H3 200 analytics-g123356e4f_1280-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 6 KB
6 KB 1068ms
1067ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/analytics-g123356e4f_1280-218x150.jpg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0c966838c392505f3d0848c88b4fea00db05e2a60f27ff3fde774e061e1c624

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 18:49:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kybn9zn8TWc0e4UzYAHlbrpQljDTyY7leejG0UBiaxHG7DWRoQ1irv6Rz12LHeUscyp1uMVvXET3yk0IBp8ZEkxFpfCi3MnjVAW4ihM9EIkt%2FJd%2FgkgkiIvLpTXrPFnPHciqWOWo6B6HjV0abp9MyCiR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01289a9c49b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5736
expires: max-age=A10368000, public

GET
H3 200 seo-g7b4eebc75_1280-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 6 KB
7 KB 1011ms
1010ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/seo-g7b4eebc75_1280-218x150.jpg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55ce0ed2a405d9f7efb8fad9f049733a8fb4fc9faed333ed9b135cf5c308e954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 16:35:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2DLsc0vdcbUULuPFZt3a5Mqw%2FegtE8nIvw3g27%2BBYpIBsD9xC3iSy%2BDq%2Bwr%2FwfaSxVXTsJ0WYIlCVeldrnRLyZmFiCAZnrnjlSNq79rChVhcDwdIkySRsT52xmILhvvq0ihtMK472f19vYmdog3oJYe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01289a9c59b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6590
expires: max-age=A10368000, public

GET
H3 200 Verification-Success-218x150.png
businessnewsday.com/wp-content/uploads/2022/04/ 3 KB
4 KB 650ms
649ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/Verification-Success-218x150.png
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f36c9cbdf1a69d8ea068d4d4778a35a00ac7ba5d6b4ddc3300bf546ee87a50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 12:45:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESvx0ZBgPq9iNxbggYMdyGjpR0r8XkmNri%2BjL0x8cOlPWKboc0hK%2FpfUEfgrl8q2S%2ByIi70KxaAx%2BDp1rnDAsB1bba%2FAXEmZOTKT7phWamTh9IJauz5chC1nEDWUYHyvoJ4H87VztRIks48VVjP4671E"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01289a9c79b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3194
expires: max-age=A10368000, public

GET
H3 200 forex-image-14.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 9 KB
10 KB 698ms
697ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/forex-image-14.jpg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06184fbd2d1fd6af6bb4109668b94f540661ee5eb2881b1618244095693925d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
cf-cache-status: BYPASS
last-modified: Mon, 11 Apr 2022 12:25:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qItazOn3k8jh2P4bX%2FnIFy2MqFWjxrtw7qx9yvpt7cDopj5NF5FrADwrQPTDFm1ZH6mziA751R85xpa2OyDqyQi%2BSVLApW9M4JxJx92GJpLSXocvLYEc9mp8enoMyQGMPySkXricCY6pqgruSJEbVcbs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01289a9c89b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9463
expires: max-age=A10368000, public

GET
H3 200 make-nft.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 166 KB
166 KB 1303ms
1302ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/make-nft.jpg
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00b0229f9a27f8c57b419b7a4ce77f0940a95080f2f2f221f5ba4ec0b14b992d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
cf-cache-status: BYPASS
last-modified: Fri, 08 Apr 2022 14:56:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvxdR1A6xB2am3lVDGXjltKEz%2Fjgdm8oAQMsZ0aiRg1JLwuvRrNFylJyiG1llfQ%2BmE%2FSMYiPexP0qkVsOQ2z67TYCIES%2FljXdKkm7%2BUKhCm5NtRCpEM%2BartRgpaPOkw28oQOe7oxaeMV5NYWyuwnV9ZK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb01289a9ca9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 169566
expires: max-age=A10368000, public

GET
H3 200 css2
fonts.googleapis.com/ Frame 323E 4 KB
634 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:05:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 00:26:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 323E 205 B
743 B 128ms
39ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 21:06:03 GMT
x-content-type-options: nosniff
age: 12046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Apr 2023 21:06:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 323E 604 B
695 B 129ms
39ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 20:20:40 GMT
x-content-type-options: nosniff
age: 14769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Apr 2023 20:20:40 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame 323E 19 KB
9 KB 157ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1028dcd47e9f60f8efc41d203e597cba9e2d18649729482a997d649573c24ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 23:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 12922110104593084955
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Apr 2022 23:53:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6DBD 0
0 64ms
63ms Fetch
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ4_7yBhWYtKBCtSU9u8P3rW6IK33jZpopP7A2JoP5fHSn4okEAEg-5W2e2CV4pCCoAegAcfur9oDyAECqQKogZFzfyqyPqgDAcgDyQSqBM0BT9AeyL14L-4wAahzmUqlFc28856AazjRFHPn9QnyvsDE0GnOWYa8ZpbZyH_6h9KY5fJ6jyEq8-LvYFDW5fsfzCezXoAHonlxYhajCKOPyvYwYKhoZ7q8G5zVP-rdxhBvtTZsEZo54ev8CXDX6kU8prRP0wvjDiA12dLL53ZI04x2s_kLa1UvU6UoqPyrtQWnRT1CzlvQmMxpluKB0NZqwct4rAGebX0H9mOYX1zYzuLCfT3ym4--7kTOmibu2NpX3UyUODE6pt2WvzWb_sAEkODAmooEkgUECAQYAZIFBAgFGASgBgKAB6GR0CWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCeqQLSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzU1NDkzNDgyNjQ2NzU1ORgA&sigh=dBpCe1ndb88&uach_m=[UACH]

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 6DBD 19 KB
8 KB 145ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:02:28 GMT

GET
H2 200 10099675419531673295
tpc.googlesyndication.com/simgad/ Frame 6DBD 16 KB
16 KB 177ms
76ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10099675419531673295?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql8_RRLgY0LfvIN-6mwVSAeta-dwg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ae0b6c9370a8effbe2b2e332292a32904e8c4e1edae8a2aaf311b7a8ca257a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 21:02:41 GMT
x-content-type-options: nosniff
age: 12248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16188
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 15:09:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Apr 2023 21:02:41 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6DBD 3 KB
1 KB 176ms
75ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:24:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DBD 119 KB
37 KB 162ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6DBD 15 KB
6 KB 149ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:26:13 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6DBD 29 KB
12 KB 187ms
88ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0d03bd855e0785df2bd26a69d417378323cc995451fad98ec51c07b502c501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 20:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
server: cafe
etag: 15931380066641067587
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Apr 2022 20:19:29 GMT

GET
H2 200 5e1f31dbdf1535936ee21fc8205eed83
app.viloud.tv/resources/mkayali/logos/ Frame AE93 32 KB
0 16ms
14ms Image
image/jpeg 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.viloud.tv/resources/mkayali/logos/5e1f31dbdf1535936ee21fc8205eed83?1649809608631
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.191.135.9.5.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
last-modified: Sun, 23 Dec 2018 21:47:16 GMT
server: nginx
accept-ranges: bytes
etag: "10b99-57db76c7a6100"
content-length: 68505

GET 5e1f31dbdf1535936ee21fc8205eed83
app.viloud.tv/resources/mkayali/logos/ Frame 2DD7 0
0

GET
BLOB 206
Partial Content efda7bb7-1ddc-46c4-8484-eb0b028c7173
https://app.viloud.tv/ Frame AE93 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/efda7bb7-1ddc-46c4-8484-eb0b028c7173
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 5e1f31dbdf1535936ee21fc8205eed83
app.viloud.tv/resources/mkayali/logos/ Frame AE93 67 KB
67 KB 18ms
18ms Image
image/jpeg 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.viloud.tv/resources/mkayali/logos/5e1f31dbdf1535936ee21fc8205eed83?1649809608643
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.191.135.9.5.clients.your-server.de
Software: nginx /
Resource Hash: 5d3994f1dbd8d02bdffbb299b7b0293159d01067c7d268e19580e3cadb15665a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
last-modified: Sun, 23 Dec 2018 21:47:16 GMT
server: nginx
accept-ranges: bytes
etag: "10b99-57db76c7a6100"
content-length: 68505

GET
BLOB 206
Partial Content ee694c31-ff52-4c79-8d9e-f58d8ad1e5ec
https://app.viloud.tv/ Frame 2DD7 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/ee694c31-ff52-4c79-8d9e-f58d8ad1e5ec
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 5e1f31dbdf1535936ee21fc8205eed83
app.viloud.tv/resources/mkayali/logos/ Frame 2DD7 67 KB
67 KB 22ms
20ms Image
image/jpeg 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.viloud.tv/resources/mkayali/logos/5e1f31dbdf1535936ee21fc8205eed83?1649809608659
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.191.135.9.5.clients.your-server.de
Software: nginx /
Resource Hash: 5d3994f1dbd8d02bdffbb299b7b0293159d01067c7d268e19580e3cadb15665a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
last-modified: Sun, 23 Dec 2018 21:47:16 GMT
server: nginx
accept-ranges: bytes
etag: "10b99-57db76c7a6100"
content-length: 68505

GET
H/1.1

200
OK

master.m3u8 Show response
24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f7162bf72... Frame AE93
Redirect Chain

https://player.vimeo.com/external/614473335.m3u8?s=30cece064871c20e947bd9d606326364da8ab236
https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f...

2 KB
1 KB

40ms
27ms

XHR
application/x-mpegurl

2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/1611c086,27bec306,41bcd74d,8a09da4a/master.m3u8?absolute=1&query_string_ranges=1
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: HTTP/1.1
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2d1b50fd007ab299dce882bd5e43482d73150f232269f836ead15e63890bd541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1649782800
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 683
AK-REFERENCE-ID: 0.97c27b5c.1649809609.67518e9
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=3220
Akamai-Edge-IP: 2a02:26f0:ef::5c7b:c29b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Wed, 13 Apr 2022 01:20:29 GMT

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Host: player-backend-5b9b5d4749-vw9jf
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4034-HHN
X-Player-Backend: g
X-Timer: S1649809609.386463,VS0,VE211
Date: Wed, 13 Apr 2022 00:26:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/1611c086,27bec306,41bcd74d,8a09da4a/master.m3u8?absolute=1&query_string_ranges=1
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 0

GET
H/1.1

200
OK

https://player.vimeo.com/external/614473335.m3u8?s=30cece064871c20e947bd9d606326364da8ab236
https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f...

2 KB
1 KB

102ms
40ms

XHR
application/x-mpegurl

2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/1611c086,27bec306,41bcd74d,8a09da4a/master.m3u8?absolute=1&query_string_ranges=1
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: HTTP/1.1
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2d1b50fd007ab299dce882bd5e43482d73150f232269f836ead15e63890bd541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
origin-retrieved-hour: 1649782800
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 683
AK-REFERENCE-ID: 0.97c27b5c.1649809609.67518e4
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=3220
Akamai-Edge-IP: 2a02:26f0:ef::5c7b:c29b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Wed, 13 Apr 2022 01:20:29 GMT

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Host: player-backend-5b9b5d4749-bg4pp
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4031-HHN
X-Player-Backend: g
X-Timer: S1649809609.387977,VS0,VE137
Date: Wed, 13 Apr 2022 00:26:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://24vod-adaptive.akamaized.net/exp=1649824009~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=1979355fe77b183d0850696a472afe63151fe79ad7de686b80b3e29ba3200cb8/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/1611c086,27bec306,41bcd74d,8a09da4a/master.m3u8?absolute=1&query_string_ranges=1
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 0

GET
BLOB 200
OK 55890e46-e52e-4f11-8234-d2f592c72d2d
https://app.viloud.tv/ Frame AE93 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/55890e46-e52e-4f11-8234-d2f592c72d2d
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 1a58b592-d4bb-4a70-b6a3-42ef8cf06a5b
https://app.viloud.tv/ Frame AE93 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/1a58b592-d4bb-4a70-b6a3-42ef8cf06a5b
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 45e1a984-4fda-47c0-934e-8126cec04bc2
https://app.viloud.tv/ Frame AE93 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/45e1a984-4fda-47c0-934e-8126cec04bc2
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H3 200 css
fonts.googleapis.com/ Frame 6A91 8 KB
892 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 23:46:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 00:26:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6A91 2 KB
984 B 65ms
65ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 23:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Apr 2022 23:06:06 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 6A91 19 KB
8 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:02:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6A91 3 KB
1 KB 68ms
64ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:24:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A91 119 KB
36 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 6A91 15 KB
6 KB 95ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:26:13 GMT

GET
H3 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame 6A91 29 KB
12 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 13:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 23:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Jul 2022 13:53:23 GMT

GET
BLOB 200
OK ddb48786-a8d2-4134-9af6-7ef6a82f181a
https://app.viloud.tv/ Frame 2DD7 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/ddb48786-a8d2-4134-9af6-7ef6a82f181a
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK b1324a3a-f02b-487f-bd9a-13a4482477c2
https://app.viloud.tv/ Frame 2DD7 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/b1324a3a-f02b-487f-bd9a-13a4482477c2
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 18df5292-7bd1-420c-a659-db853b0f9899
https://app.viloud.tv/ Frame 2DD7 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/18df5292-7bd1-420c-a659-db853b0f9899
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C20 143 B
163 B 22ms
21ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:23:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6DBD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5ffcd3a1cb0a82bf4546441c6c9965072131ff33bc80ce237d6811b3f3452f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1D2 143 B
163 B 21ms
20ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:23:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/ Frame D5D5 9 KB
3 KB 46ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fa34b1d3d99c7ad8272bac4957646564169c1e40007eef4ff8f0b80dc4dd70f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 317959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3310
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Apr 2022 08:07:30 GMT
expires: Sun, 09 Apr 2023 08:07:30 GMT
last-modified: Tue, 06 Jul 2021 14:48:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 64F7 0
0 71ms
64ms Fetch
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgWZQyRhWYqSYCY3ctwfFqKbAApiOl81n4OWQsOgNmcDG-LYbEAEg-5W2e2CV4pCCoAegAeCexPgDyAEJqQLjTsKO_imyPqgDAcgDSKoEywFP0BVU_dTRqa9z8DQuXfuDjbUErrpmU3Wlpx3qoexhUXhwtVZR60CiypUDEe4R3NsovEUoZoDg2oEVjCHXFafbQIpXlRM6EEDALWvZPzuWxfLJ7qBINXDQn08MQmj7POrCFKfQw9Z9bugeyTSU6zJL37cyfK4EQJCXDMPACpDQfxQ_9NM9GOPqhL6Grh6vb4tS1VZGyHZuk9wYfcY0PfT15m8GDDOjQqulJrgMkKVkpw89Li79ALcTQEKVg0ltESPC3g59_meaEoP2dMAEiqqjk8UDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8fA9gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDIzQHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzU1NDkzNDgyNjQ2NzU1ORgA&sigh=eZaQ4GAiNeg&uach_m=[UACH]&template_id=419

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 64F7 19 KB
8 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:02:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 64F7 3 KB
1 KB 54ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:24:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64F7 119 KB
36 KB 102ms
56ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 64F7 15 KB
6 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:26:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 64F7 0
0 137ms
48ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNFSqayJFHBaDwQ3Z1OOeWFoFIgeeK-m9Vc4p4QX8eIwOqZZ0Uhhq1tmpYjgpzwZN7TYZ0kIfWtSJP4Iu1ppDLtN60hA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3-Q050 200 playlist.m3u8 Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame AE93 8 KB
1 KB 133ms
86ms XHR
application/x-mpegurl 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/8a09da4a/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f3c19397c1ddc85641e3d76243c2a473106779e94132fdaa9f8dd6391d104cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
vary: Accept-Encoding
x-vim-cachebc: EP:Q,E:m,TD0:m,PE:h
origin-retrieved-hour: 1649448000
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1003
ak-reference-id: 0.97c27b5c.1649809609.6751910
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=2230442
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: application/x-mpegURL
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3-Q050 200 playlist.m3u8 Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame 2DD7 8 KB
1 KB 122ms
86ms XHR
application/x-mpegurl 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/8a09da4a/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f3c19397c1ddc85641e3d76243c2a473106779e94132fdaa9f8dd6391d104cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
vary: Accept-Encoding
x-vim-cachebc: EP:Q,E:h
origin-retrieved-hour: 1649448000
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1003
ak-reference-id: 0.97c27b5c.1649809609.6751911
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=2230442
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: application/x-mpegURL
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C20
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

45ms
45ms

Document
text/html

2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:49 GMT
expires: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame A8D9 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 08:52:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8B17 0
0 63ms
63ms Fetch
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTlzLyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMcBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3OCvXWSu_o7NXcl1uF6t2vRr9BsMc3WafBndjUVAoRGrGPGApkPeIAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=ZCgJsP68p-s&uach_m=[UACH]&cid=CAQSOwCNIrLMAQeuq8IqNscM1HYIp2MfMpYJ7rAd3kz4sahG1XUNc3okr8xgB2JRn0GwhDhTaxPsengPriA3GAE&tpd=AGWhJmuTnEHp3qQcnyJnJCdZj_y4YC19OlirBdMQsYsjtE8Rb-OrYyg9idz1xgT1IslV2qC-XjOQWZh3uJV3E4nmkl1K8qS7vBilcrLPg6RRWO1ofBHOIiN6jCVePylKK8QV97Ro290kzxRmNkLYBVpCWvyfIGL50rLCl_uLuJHDPUYdui-hzFVJ1qlwsen1jWWlEk9QP_ZH93P_jBc9UlPhIXyoZqGd2fLRzuH52E0DHODAo0SqLJfzJl2arVqweywsGgjj0xrILPAcNTa9EfgGUfoHMvy6ImzxhbUHoPI1JbFZEM2V_kl0X8ElFdjms1WURrObg-G_nYsWd2GeZ9mgj4MYSwmU5zswc__IXqxjC6mGKf16xbf4Gjvnqz0z1MkzeNN2Twln0pEI4C7tY5iriJJxw7hbizK6NTKkK8j8YqMhVbKyjj_n98kq0OQfA1jRpS3TW4WgWEC6syY4vlKeC_bEGFRdoPS6B28TE2Bhk0xMNEAcVvdumyNZCE-IwTrS0CpJWMy9f19-6KpChnxr5quqP74X1muYpYx6IMb8WXImLXNn7Nq4oJkZwe909dFmbKZZPFjjQdqILq66jYRXESZ6GDYE3_pZeFSoLPuCIGfrHclbviVJnFunpyUjtxK3fbxCkoFD_dOAH2x2ZvCn_wCFjmslNoblNguvTYgYSqnQKsOgNqQElTJkk8wmGWtyjE1-VRwaRIml2w_tZq_Vh7Zp3ARwTC5WoJ62dmq897pJbLoCjavPldcA9-NzPNCFzUOOmmkpEiQWqVmwdlRZLPxNjR7wmiN3mrYs8QcLyLVpoCxp27G9fiH5o0k4gphIRLudhrN0opcheWlASHyJFJR646T2nJmivkmoC7RS1VChYMuGRcQfVvIzsLnZd7r-X6wDi_OlfRoXcoLbWoWXavBCArk3F85TAQZSkRg7gKJiusgtG4EWOBSvTg8aMaID4WfAbxG-UdfZ51B4E24r0Z6Dig-0cddclK42gArW4bBQj1SW8tLNiYLYnUM0ct3z6O50D4XmJsN92N9o8C41ztXBXUeG6co2fYORsWwEkItQXdUSwmg532ggZgbqYk1vV_pe

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 8B17 2 KB
2 KB 1024ms
483ms Script
application/x-javascript 74.121.143.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBNU5tTm1NelF0TmpRNE5pMDJOVE01TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTcyNDU0MjM5MTE5NTg1OTgvNjYyMjMyNS80NTYyMzA2LzQvUmRvSTM5cVUzMHUwT19zdlpBNDI5ZzBYTk1Sa1ZUYmtxZ09JUzN0OFpKby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE3MjQ1NDIzOTExOTU4NTk4L3pyaC8wLzE4MS8xMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0OTgwOTYwOS8xNjQ5ODIyMjA5LzQvcHViLTc1NTQ5MzQ4MjY0Njc1NTkv/SwQ7WL0Dg2zcXAHveOMFfHuk3Ms&nodeid=2799&group=zrh&auctionid=2817245423911958598&shardkey=2817245423911958598&sid=4562306&cid=6622325&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%26client%3Dca-pub-7554934826467559%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.307.0 /
Resource Hash: 76c59002c74bee10b4a18a57c4a9bb990d9844a2ef72f6c7d4fe9312783c4e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:50 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1649809609
Last-Modified: Wed, 13 Apr 2022 00:26:49 GMT
Server: MMBD/3.307.0
x-mm-latency: 318 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: pao-router-x81, zrh-bidder-x154
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8B17 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:24:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B17 119 KB
36 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 00:26:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 8B17 15 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:26:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B17 0
0 62ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUqRUkNGx2owf5YkQ_jjZqHFMGFQwLomfhNVG5TwtCbgTfI53Y79_6FQ8ZLsHymghNCa2NDO9sZXMu0xftSUv2nMDOBg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1D2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

59ms
57ms

Document
text/html

2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:49 GMT
expires: Wed, 13 Apr 2022 00:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5140 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 08:52:22 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D5D5 9 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 13 Apr 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D5D5 26 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 13 Apr 2022 14:22:05 GMT

GET
H3 200 250x300.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/ Frame D5D5 46 KB
46 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/250x300.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51fe96a9d684fe8d2b11a58f8a1c7e6b89eaf70e9e6c6906ae1f31015682f86f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51742
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46990
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 14:48:51 GMT
server: sffe
date: Tue, 12 Apr 2022 10:04:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Apr 2023 10:04:28 GMT

GET
H3 200 BM_Logo_RGB_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/ Frame D5D5 22 KB
22 KB 58ms
58ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/BM_Logo_RGB_3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af80c5f740d87f23a4dfba032163da333d0726400e3e466498ec6db371cccbeb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 67600
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22623
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 14:48:51 GMT
server: sffe
date: Tue, 12 Apr 2022 05:40:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Apr 2023 05:40:10 GMT

GET
H3 200 Buchen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/ Frame D5D5 1 KB
1 KB 47ms
46ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/Buchen.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/322135676635472741/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfb449d09dc4ee8bbffd86e21b831f45696a8a2d8a228462dbbacdae3f317d6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 317959
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 14:48:51 GMT
server: sffe
date: Sat, 09 Apr 2022 08:07:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Apr 2023 08:07:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5265 143 B
163 B 22ms
20ms Document
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:23:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3-Q050 200 playlist.m3u8 Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame AE93 8 KB
1 KB 54ms
54ms XHR
application/x-mpegurl 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: daa230315bf5611cb36ed996afdaf9beb818a2bd458bff1c5e6f7878ba45e535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-vim-cachebc: EP:Q,E:m,TD0:h
origin-retrieved-hour: 1649437200
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1156
ak-reference-id: 0.97c27b5c.1649809610.675192b
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=2219839
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: application/x-mpegURL
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3-Q050 200 playlist.m3u8 Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame 2DD7 8 KB
1 KB 47ms
47ms XHR
application/x-mpegurl 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: daa230315bf5611cb36ed996afdaf9beb818a2bd458bff1c5e6f7878ba45e535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-vim-cachebc: EP:Q,E:h
origin-retrieved-hour: 1649437200
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1156
ak-reference-id: 0.97c27b5c.1649809610.675192e
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=2219839
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: application/x-mpegURL
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3 200 clock.png
businessnewsday.com/wp-content/plugins/live-news/public/assets/img/ 148 B
716 B 22ms
21ms Image
image/png 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/plugins/live-news/public/assets/img/clock.png
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e04770221e9e733bf98ca51d027dd659296604449e57cfec24c21c737324a904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118346
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 148
last-modified: Sat, 26 Dec 2020 20:27:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNfxwGcYDGpKwi0LQdrYAdFpfAOqcKvZiiPyRmp4%2Fb93YL7Cc0U%2BtVOyx6E79aV7v3Hcf5d91tBQ%2Bg4PdDC6prMjKMZaltMu3sRJoVN%2BeXjUwrxg92YlRyC85j23FlB5N%2FJUhMWRQrhXm5Fi3QFfywa8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 6fb0128e7f4e9b83-FRA
expires: max-age=A10368000, public

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 64F7 0
20 B 122ms
75ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSgzd3jj_cCFQ3u7QodRZQJKA&gqi=yRhWYqKACKuBjuwPyZKd6Ak&layout=/sadbundle/%24csp%253Der3%24/322135676635472741/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 64F7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bae6c82cbb7f21b85684eccc2b1e1a95cbf666f3fb494e68b04facf0ae6ef73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 segment-1.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame AE93 180 KB
181 KB 26ms
25ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/8a09da4a/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e46a691c8b1c67706d17a2c601326499564e0bdcc93e6ecce8032d7e6ac658c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
x-vim-cachebc: EP:Q,E:m,TD0:m,PE:h
using-starlord: true
origin-retrieved-hour: 1647712800
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 184804
ak-reference-id: 0.97c27b5c.1649809610.6751946
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=495405
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3-Q050 200 segment-1.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame 2DD7 180 KB
181 KB 25ms
25ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/8a09da4a/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e46a691c8b1c67706d17a2c601326499564e0bdcc93e6ecce8032d7e6ac658c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
x-vim-cachebc: EP:Q,E:h
using-starlord: true
origin-retrieved-hour: 1647712800
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 184804
ak-reference-id: 0.97c27b5c.1649809610.6751947
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=495405
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3 200 css
fonts.googleapis.com/ Frame 7AC3 8 KB
892 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:14:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 00:26:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 00:26:50 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 7AC3 2 KB
904 B 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 23:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Apr 2022 23:06:06 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 7AC3 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:02:28 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 7AC3 3 KB
1 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:24:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AC3 119 KB
36 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 00:26:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 7AC3 15 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:26:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7AC3 0
0 94ms
44ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1pkbz9h9ZL0H5qSQiBjYJscdmYUMbeecIzhsJgzaT86fJx1sXlAz7vsWMPQ122fvqhYzwzQEFrhhQX33k30-8WGI_0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 7AC3 29 KB
12 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 04:12:33 GMT

GET
H3-Q050 200 segment-1.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame AE93 99 KB
99 KB 503ms
502ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 178089126c92308dbf8c30b25e3bbb363d487dd4f3979436bc01b881f6fd9b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
x-vim-cachebc: EP:Q,E:m,TD0:m,PE:h
using-starlord: true
origin-retrieved-hour: 1649437200
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 101332
ak-reference-id: 0.97c27b5c.1649809610.6751971
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=2219730
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7AC3 0
0 63ms
63ms Fetch
text/html 2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChzMjyRhWYsmxCdqKtwe33J-IAajxmItep-Wr158Oi8GjuK8DEAEg-5W2e2CV4pCCoAegAbqQ8LoDyAEJqQLjTsKO_imyPqgDAcgDywSqBOABT9Dm2F3WjTVRPx6HUBXgPHGnCu57F0jrJDEdcl5dWSoHEbt7Ormxfgk-dHJE8TeGFrS3bge1yueZZ9rPe3Ddslji5KyJye_fIOlVSRlzdnP4sGc17AQgDSr4obpBkTRwb-HAk5U_zuKfUq11GmJ5HHpzT6Q2vHAyXTifB66F0fPEuVa-CnU7jD876a54GaGxCD6gGrJPsXcQKO3mBv0JCuQPBOX3FQ7NbIB0VRT_XaVQSUzWZr7flkytqwaOoldknl4iZf2nyfP4m3cccfczp21t_sE6wT6Xm0czKUtrgTDABPHGnv-HA5IFBAgEGAGSBQQIBRgEoAYugAeu749FqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ33_SCAkIgOGAEBABGB-ACgHICwG4E4gE2BMK0BUBmBYBgBcBshccChoIABIUcHViLTc1NTQ5MzQ4MjY0Njc1NTkYAA&sigh=5b9LyYn5whM&uach_m=[UACH]&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Apr 2022 00:26:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 segment-1.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame 2DD7 99 KB
99 KB 493ms
493ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 178089126c92308dbf8c30b25e3bbb363d487dd4f3979436bc01b881f6fd9b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
x-vim-cachebc: EP:Q,E:h
using-starlord: true
origin-retrieved-hour: 1649437200
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 101332
ak-reference-id: 0.97c27b5c.1649809610.6751973
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=2219730
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H2 400 data=impppeAm9aKOQlkmNYB0j_abIgzrjt1B_S-kPcSjB_FPt4E5VhI7o-KOS9rPyOcQ4xdsEXrqrQH2c3w621tXkg
mts0.google.com/vt/ Frame 7AC3 0
0 93ms
72ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=impppeAm9aKOQlkmNYB0j_abIgzrjt1B_S-kPcSjB_FPt4E5VhI7o-KOS9rPyOcQ4xdsEXrqrQH2c3w621tXkg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7AC3 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7AC3 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7AC3 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7AC3 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8FD8 1 KB
749 B 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Wed, 13 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5265
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
43ms

Document
text/html

2a00:1450:4014:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:50 GMT
expires: Wed, 13 Apr 2022 00:26:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7AC3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beb5ac05d60275c04e42d06f15d91145ff5b445743a17cd24075d072587a2bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 7AC3 28 KB
28 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 6008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:46:42 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8FD8 35 B
464 B 36ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIdQaKV2bOtX9WvbbmJjWKU&google_cver=1&google_push=AYg5qPL62tycWYJYmddPRh_buiZ71m9k5U_z7da185yPHo6-A_2nYCin5hHON0GeSvP4fKZLRJN0Y6470_XtyVZeHIX63MMI4T0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FD8
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLb-Qb-NcF-XWq5RS5GbYIrjbopIypsbeOntA6...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxZWXlnQUFBQmdPd0FJQA&google_push=AYg5qPLb-Qb-NcF-XWq5RS5GbYIrjbopIypsbeOntA6tBTDld_iph-FmF_22aGpJ-N5lnAUCHZZGRCRwsjP1Iq6QWgln7gaMwKTO

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxZWXlnQUFBQmdPd0FJQA&google_push=AYg5qPLb-Qb-NcF-XWq5RS5GbYIrjbopIypsbeOntA6tBTDld_iph-FmF_22aGpJ-N5lnAUCHZZGRCRwsjP1Iq6QWgln7gaMwKTO

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxZWXlnQUFBQmdPd0FJQA&google_push=AYg5qPLb-Qb-NcF-XWq5RS5GbYIrjbopIypsbeOntA6tBTDld_iph-FmF_22aGpJ-N5lnAUCHZZGRCRwsjP1Iq6QWgln7gaMwKTO
Date: Wed, 13 Apr 2022 00:26:50 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8FD8 43 B
324 B 57ms
21ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELvYwasYvzZOhD4Tqip1XKQ&google_push=AYg5qPJp4Kh0lGtYvuzhZ3H_sOkGDMrCaMbQ1h8kzsRrTLFoH4yjc3pGxfZYTOJLy84W2sBV-qXW5BHtJBPKcX0IT_CN6vI6GmP4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:50 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8FD8 43 B
351 B 121ms
48ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPkn8JHW4OrfDyt-MNzX4Ak&google_cver=1&google_push=AYg5qPIAfdUTzevA_4GZVPWFjn5-fk8rz2iPqTM-DDkKH_vgfFnKnh71GP7GeaE6wZ7-QnX85JqU93Tk2i1sRFrvVbhgCWG2HG8C
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=280&adk=3251289625&adf=1992553241&pi=t.aa~a.2051409264~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=1068x280&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=14&bdt=1662&idt=14&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250%2C324x250&nras=4&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qV0ln0Wj84&p=https%3A//businessnewsday.com&dtd=254
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:49 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: e4qno2n0s6s2dhvaa0fqm6dl539k5gkm

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FD8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z_skhVsRSVKHgfP07Gm-qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z_skhVsRSVKHgfP07Gm-qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIX8oUkohAhjDuaqtuwh57OnYuCqfzJidldZYSb2HxhAla9qYzmRkwlfjyN0X939ssXtHgCG9-EOPGqJk9ovkbjaPQLYsE

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z_skhVsRSVKHgfP07Gm-qg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIX8oUkohAhjDuaqtuwh57OnYuCqfzJidldZYSb2HxhAla9qYzmRkwlfjyN0X939ssXtHgCG9-EOPGqJk9ovkbjaPQLYsE
date: Wed, 13 Apr 2022 00:26:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8FD8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJIv-jQssC_2-aXA5177X2A&google_cver=1&google_push=AYg5qPJJi0wCOc26K5SI8RNdFa2YlzztGlobFGmgi6S6u8eyE9QRe-LYM77cWnJ0_eBvWUXrwZQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFNTlotMS05MThP&google_push=AYg5qPJJi0wCOc26K5SI8RNdFa2YlzztGlobFGmgi6S6u8eyE9QRe-LYM77cWnJ0_eBvWUXrwZQopTsJhni-gXaWfhUW_r2h6xZ3

170 B
188 B

82ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFNTlotMS05MThP&google_push=AYg5qPJJi0wCOc26K5SI8RNdFa2YlzztGlobFGmgi6S6u8eyE9QRe-LYM77cWnJ0_eBvWUXrwZQopTsJhni-gXaWfhUW_r2h6xZ3

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFNTlotMS05MThP&google_push=AYg5qPJJi0wCOc26K5SI8RNdFa2YlzztGlobFGmgi6S6u8eyE9QRe-LYM77cWnJ0_eBvWUXrwZQopTsJhni-gXaWfhUW_r2h6xZ3
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 8FD8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8FD8 0
232 B 119ms
40ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L82am48it7yAAVbimibJ21JTWUY1hn8Tq8TNwUsmCMAm2bsrTluw0x7chDtnSidzlkZNzE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame D5D5 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 08:52:22 GMT

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 69AB 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 08:52:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6DBD 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVc2xKXM5evxm1JjJed-vSQXSPcv_WdTOGQZiCpg7JsDcYikO2eQfGh0HtHarRJyFHZh6wotXVBrhtPGMFVfejRXHEQ4NRlBuh1M2JAfsfCG_423F14w&sai=AMfl-YSL5O9f9-dowxrjJsSQHuHDK5laUYOkp__HUrRcHBdmPWvBzF_pA6jtIIQ9YssnZEJiQj_shYOpqXNT&sig=Cg0ArKJSzE2mc1DlqGo-EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=102,688,1001,1051,1051&tos=102,586,313,50,0&v=20220411&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649809608537&rpt=368&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK xxvlvujily3i Show response
hal9000.redintelligence.net/zone/ Frame 8B17 11 KB
4 KB 48ms
16ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/xxvlvujily3i?subid=&rnd=2817245423911958598&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlYYyQADrXgK7Z1Ktwn9Ag%26exch_seat%3D20035004448%26mt_aid%3D2817245423911958598%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_cid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%2526client%253Dca-pub-7554934826467559%2526adurl%253D%26redirect%3D
Requested by: Host: businessnewsday.com
URL: https://businessnewsday.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0ff9572517dd30d3cab149c67596fde9385663c2ebac5c8070a3c9422bf37921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3423
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 8B17 49 B
330 B 483ms
482ms Image
image/gif 74.121.143.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2817245423911958598&node_id=2799&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBNU5tTm1NelF0TmpRNE5pMDJOVE01TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTcyNDU0MjM5MTE5NTg1OTgvNjYyMjMyNS80NTYyMzA2LzQvUmRvSTM5cVUzMHUwT19zdlpBNDI5ZzBYTk1Sa1ZUYmtxZ09JUzN0OFpKby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE3MjQ1NDIzOTExOTU4NTk4L3pyaC8wLzE4MS8xMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0OTgwOTYwOS8xNjQ5ODIyMjA5LzQvcHViLTc1NTQ5MzQ4MjY0Njc1NTkv/SwQ7WL0Dg2zcXAHveOMFfHuk3Ms&nodeid=2799&group=zrh&auctionid=2817245423911958598&shardkey=2817245423911958598&sid=4562306&cid=6622325&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%26client%3Dca-pub-7554934826467559%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.307.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:51 GMT
Server: MMBD/3.307.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: pao-router-x91, zrh-bidder-x154
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 13 Apr 2022 00:26:50 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8B17 43 B
404 B 400ms
21ms Image
image/gif 23.35.228.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=2817245423911958598&v3=651871&v4=4562306&v5=6622325&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBNU5tTm1NelF0TmpRNE5pMDJOVE01TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTcyNDU0MjM5MTE5NTg1OTgvNjYyMjMyNS80NTYyMzA2LzQvUmRvSTM5cVUzMHUwT19zdlpBNDI5ZzBYTk1Sa1ZUYmtxZ09JUzN0OFpKby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE3MjQ1NDIzOTExOTU4NTk4L3pyaC8wLzE4MS8xMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0OTgwOTYwOS8xNjQ5ODIyMjA5LzQvcHViLTc1NTQ5MzQ4MjY0Njc1NTkv/SwQ7WL0Dg2zcXAHveOMFfHuk3Ms&nodeid=2799&group=zrh&auctionid=2817245423911958598&shardkey=2817245423911958598&sid=4562306&cid=6622325&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%26client%3Dca-pub-7554934826467559%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-210.deploy.static.akamaitechnologies.com
Software: MT3 4335 2c68c00 master cdg-pixel-x1 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:51 GMT
Server: MT3 4335 2c68c00 master cdg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Apr 2022 00:26:50 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 8B17 49 B
330 B 798ms
478ms Image
image/gif 74.121.143.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=2817245423911958598&st=4562306&time=1649809610&nodeid=2799
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBNU5tTm1NelF0TmpRNE5pMDJOVE01TFRBd01EQXRNREF3TURBd01EQXdNREF3LzI4MTcyNDU0MjM5MTE5NTg1OTgvNjYyMjMyNS80NTYyMzA2LzQvUmRvSTM5cVUzMHUwT19zdlpBNDI5ZzBYTk1Sa1ZUYmtxZ09JUzN0OFpKby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8yODE3MjQ1NDIzOTExOTU4NTk4L3pyaC8wLzE4MS8xMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0OTgwOTYwOS8xNjQ5ODIyMjA5LzQvcHViLTc1NTQ5MzQ4MjY0Njc1NTkv/SwQ7WL0Dg2zcXAHveOMFfHuk3Ms&nodeid=2799&group=zrh&auctionid=2817245423911958598&shardkey=2817245423911958598&sid=4562306&cid=6622325&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.139&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%26client%3Dca-pub-7554934826467559%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.307.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:51 GMT
Server: MMBD/3.307.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: pao-router-x92, zrh-bidder-x154
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 13 Apr 2022 00:26:50 GMT

GET
H/1.1

200
OK

request.php Show response
hal900016.redintelligence.net/ Frame 8B17
Redirect Chain

https://hal900016.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900016.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

103ms
81ms

Script
application/x-javascript

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlYYyQADrXgK7Z1Ktwn9Ag%26exch_seat%3D20035004448%26mt_aid%3D2817245423911958598%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_cid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%2526client%253Dca-pub-7554934826467559%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2702158952%26adf%3D2623775624%26pi%3Dt.aa~a.1931292419~rp.4%26w%3D324%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1649800079%26rafmt%3D1%26to%3Dqs%26pwprc%3D6187712557%26psa%3D0%26format%3D324x250%26url%3Dhttps%253A%252F%252Fbusinessnewsday.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1649809608199%26bpp%3D3%26bdt%3D1662%26idt%3D-M%26shv%3Dr20220406%26mjsv%3Dm202203300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D1ec8f3e290da67ff-225ff7e075cd00b8%253AT%253D1649809608%253ART%253D1649809608%253AS%253DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1659701599524%26frm%3D20%26pv%3D1%26ga_vid%3D992529018.1649809607%26ga_sid%3D1649809607%26ga_hid%3D1276224219%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D1321%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760333%252C44760474%252C31065787%26oid%3D2%26pvsid%3D1564352018688728%26pem%3D72%26tmod%3D1665515494%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DITRmV5Fthc%26p%3Dhttps%253A%2F%2Fbusinessnewsday.com%26dtd%3D241&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbusinessnewsday.com&random=5372491103555&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
Protocol: HTTP/1.1
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5d404b756821f3703ca34f00f0c4429316e5f7dbe20515e6f3e0620485a13aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 00:26:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 84402600007995400951399011928016
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 998
Expires: Wed, 13 Apr 2022 01:26:51 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 13 Apr 2022 00:26:50 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlYYyQADrXgK7Z1Ktwn9Ag%26exch_seat%3D20035004448%26mt_aid%3D2817245423911958598%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_cid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%2526client%253Dca-pub-7554934826467559%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2702158952%26adf%3D2623775624%26pi%3Dt.aa~a.1931292419~rp.4%26w%3D324%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1649800079%26rafmt%3D1%26to%3Dqs%26pwprc%3D6187712557%26psa%3D0%26format%3D324x250%26url%3Dhttps%253A%252F%252Fbusinessnewsday.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1649809608199%26bpp%3D3%26bdt%3D1662%26idt%3D-M%26shv%3Dr20220406%26mjsv%3Dm202203300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D1ec8f3e290da67ff-225ff7e075cd00b8%253AT%253D1649809608%253ART%253D1649809608%253AS%253DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1659701599524%26frm%3D20%26pv%3D1%26ga_vid%3D992529018.1649809607%26ga_sid%3D1649809607%26ga_hid%3D1276224219%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D1321%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760333%252C44760474%252C31065787%26oid%3D2%26pvsid%3D1564352018688728%26pem%3D72%26tmod%3D1665515494%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DITRmV5Fthc%26p%3Dhttps%253A%2F%2Fbusinessnewsday.com%26dtd%3D241&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbusinessnewsday.com&random=5372491103555&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 13 Apr 2022 01:26:50 +0200

GET segment-2.ts
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame 2DD7 0
0

POST
H2 200 play Show response
app.viloud.tv/1/ Frame 2DD7 0
1 KB 32ms
31ms XHR
text/html 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viloud.tv/1/play

Requested by

Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.191.135.9.5.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryXohYnqqUy6s94fV6

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
content-length: 0
expires: -1

POST
H2 200 play Show response
app.viloud.tv/1/ Frame AE93 0
1 KB 32ms
31ms XHR
text/html 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viloud.tv/1/play

Requested by

Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.191.135.9.5.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryE3e8gB0VzGLyLJqd

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
content-length: 0
expires: -1

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 896F
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=84402600007995400951399011928016&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=84402600007995400951399011928016&actionid=981741&produktid=&dt_url=

0
629 B

64ms
29ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=84402600007995400951399011928016&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlYYyQADrXgK7Z1Ktwn9Ag%26exch_seat%3D20035004448%26mt_aid%3D2817245423911958598%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_cid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%2526client%253Dca-pub-7554934826467559%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2702158952%26adf%3D2623775624%26pi%3Dt.aa~a.1931292419~rp.4%26w%3D324%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1649800079%26rafmt%3D1%26to%3Dqs%26pwprc%3D6187712557%26psa%3D0%26format%3D324x250%26url%3Dhttps%253A%252F%252Fbusinessnewsday.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1649809608199%26bpp%3D3%26bdt%3D1662%26idt%3D-M%26shv%3Dr20220406%26mjsv%3Dm202203300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D1ec8f3e290da67ff-225ff7e075cd00b8%253AT%253D1649809608%253ART%253D1649809608%253AS%253DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1659701599524%26frm%3D20%26pv%3D1%26ga_vid%3D992529018.1649809607%26ga_sid%3D1649809607%26ga_hid%3D1276224219%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D1321%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760333%252C44760474%252C31065787%26oid%3D2%26pvsid%3D1564352018688728%26pem%3D72%26tmod%3D1665515494%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DITRmV5Fthc%26p%3Dhttps%253A%2F%2Fbusinessnewsday.com%26dtd%3D241&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbusinessnewsday.com&random=5372491103555&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Apr 2022 00:26:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 13 Apr 2022 02:26:50 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 13 Apr 2022 00:26:51 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=84402600007995400951399011928016&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BA4:B648_91EFC182:01BB_625618CB_1D3263A9:F726

GET
H3

200

activityi;dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636 Show response
5994599.fls.doubleclick.net/ Frame CEAF
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636?

391 B
345 B

93ms
50ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636?

Requested by

Host: businessnewsday.com
URL: https://businessnewsday.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

d15550cca70b5931a2f7149ea4201763ecef0355c447ee01257ce00aa22081dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 322
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:51 GMT
expires: Wed, 13 Apr 2022 00:26:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame 3711 6 KB
2 KB 37ms
12ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=84402600007995400951399011928016&a=5c1224f7
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=287e7e7d7b&subid=&uid=dfae3e497ef4156c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYlYYyQADrXgK7Z1Ktwn9Ag%26exch_seat%3D20035004448%26mt_aid%3D2817245423911958598%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_cid%3D41086256-18ca-4b01-bca2-337cfec3a930%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCtY9lyRhWYvzSCJDwtweVj6PIAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTc1NTQ5MzQ4MjY0Njc1NTnIAQmoAwGqBMoBT9DcE9itE1ZiH8P-SrIWdAYGflJnGteRz4votDIvkwpFgPldL7Z_Y4vX4I-YDtTHOuZa3ACOtsl0w4BtqRL__GcUePjjBi2nkJa0ZcthGHI7lD4IkS3DNt-G5plnDz6fBQKICRQUV-R_5Ap8QuUiecbBmFv2D3U9XTMjN3dYjZexfXZ3WQYUV44i38p_l84TDzyRDVJj_eSsSSdDGF-GW3PAv1QAF0afMvqBnkqi98QhssRmjcf4cRHatnW6-CVYgHtomyUI9bN7cYAGv8zEzpr545eAAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2vvsTtGndO9g93ZsLdwV2bfzh7pg%2526client%253Dca-pub-7554934826467559%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7554934826467559%26output%3Dhtml%26h%3D250%26adk%3D2702158952%26adf%3D2623775624%26pi%3Dt.aa~a.1931292419~rp.4%26w%3D324%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1649800079%26rafmt%3D1%26to%3Dqs%26pwprc%3D6187712557%26psa%3D0%26format%3D324x250%26url%3Dhttps%253A%252F%252Fbusinessnewsday.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1649809608199%26bpp%3D3%26bdt%3D1662%26idt%3D-M%26shv%3Dr20220406%26mjsv%3Dm202203300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D1ec8f3e290da67ff-225ff7e075cd00b8%253AT%253D1649809608%253ART%253D1649809608%253AS%253DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1659701599524%26frm%3D20%26pv%3D1%26ga_vid%3D992529018.1649809607%26ga_sid%3D1649809607%26ga_hid%3D1276224219%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D1321%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760333%252C44760474%252C31065787%26oid%3D2%26pvsid%3D1564352018688728%26pem%3D72%26tmod%3D1665515494%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3DITRmV5Fthc%26p%3Dhttps%253A%2F%2Fbusinessnewsday.com%26dtd%3D241&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fbusinessnewsday.com&random=5372491103555&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 865cad1f7a9ea6cdbe22e21ed7be10a4c65b1913848d4e6e6b9b2692fd1069c2

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1860
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Apr 2022 00:26:51 GMT
Expires: Wed, 13 Apr 2022 01:26:51 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 8B17
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=84402600007995400951399011928016
https://ad-server.eu/wm/pb/native.png

68 B
312 B

159ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:32:11 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Wed, 13 Apr 2022 00:26:51 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA4:B64A_91EFC182:01BB_625618CB_1D3662C8:F723
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8596 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Wed, 13 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8B17 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66eec00f2587a6a35ca1fe0ae100299bfe4234e6fe38042c888dcd187c48279a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 3711 4 KB
649 B 53ms
52ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84402600007995400951399011928016&a=5c1224f7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:15:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Apr 2022 00:26:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Apr 2022 00:26:51 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3711 55 KB
55 KB 43ms
19ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84402600007995400951399011928016&a=5c1224f7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8073ef912c4d2f9bd3eca80bfa5dc0420f61b8b579243da540b608cdfa6151e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 56123
Vary: Accept-Encoding
Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8596
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIctrkT_AtOM0GBSV2YO7rI&google_cver=1&google_push=AYg5qPI1L0FClqvMdNE19IBrV9DgsxaGqCWY3lKJ6mlYQeQK_JUiqJzVQ8...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI1L0FClqvMdNE19IBrV9DgsxaGqCWY3lKJ6mlYQeQK_JUiqJzVQ8ZlZP-Q4O23uhsjGho8jYBxSEvbo6eWlt8zvnfJbe_h&google_hm=cqJz_pIVIhG_...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI1L0FClqvMdNE19IBrV9DgsxaGqCWY3lKJ6mlYQeQK_JUiqJzVQ8ZlZP-Q4O23uhsjGho8jYBxSEvbo6eWlt8zvnfJbe_h&google_hm=cqJz_pIVIhG_Rq0lfu6hyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI1L0FClqvMdNE19IBrV9DgsxaGqCWY3lKJ6mlYQeQK_JUiqJzVQ8ZlZP-Q4O23uhsjGho8jYBxSEvbo6eWlt8zvnfJbe_h&google_hm=cqJz_pIVIhG_Rq0lfu6hyg
pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8596 43 B
106 B 22ms
19ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEM-WRdgy2-xVJScrlVF-eIY&google_push=AYg5qPJ5KxtDvqiFgx8nS5tZ92nb4KGRyfkw1X0M8le6JnwshzIe4EJntWTYN6azlD64bR98MJcJm-jYarUVIqAiU3qf18jIuSMe&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 8596 43 B
64 B 92ms
57ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECQsFzz3YObu8uNHcJ1Iaq4&google_cver=1&google_push=AYg5qPJfKyA_YJUyNMZufXAXgLDp6uvCSuLZDvp5zT33m6eBJwRTq9OulKm0nrARRXI94zDlwKPB-lvUXPSGPb5jlpK8juNZxWIF
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vrvsiu6lecaiopjket7hnn1u2urcn3cq

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8596
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcBd_jIoSi6uqXkIpRzD9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcBd_jIoSi6uqXkIpRzD9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKVxT_qXnlDp7kldTSP8yO8GrSdB1Z7_tzV87E1UqDMNtsbiB9YCZywVvH2I7Kalz_dQFSAP659jcihJ51f2OSpYnBCeH7s

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xcBd_jIoSi6uqXkIpRzD9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKVxT_qXnlDp7kldTSP8yO8GrSdB1Z7_tzV87E1UqDMNtsbiB9YCZywVvH2I7Kalz_dQFSAP659jcihJ51f2OSpYnBCeH7s
date: Wed, 13 Apr 2022 00:26:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8596
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMD3mKBKYybj_FXpPYz19Vk&google_cver=1&google_push=AYg5qPIJQ4Qu4xqHF60x0bwk17jQEhAFkuxECCKLwWTWWCe14ijooJ5mVU1wEJ3Rm2cOc8h0gXE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFOQTMtMVMtRENZRA==&google_push=AYg5qPIJQ4Qu4xqHF60x0bwk17jQEhAFkuxECCKLwWTWWCe14ijooJ5mVU1wEJ3Rm2cOc8h0gXEqR-M4GZ1L-ys7QMWMQ0HuPsSn

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFOQTMtMVMtRENZRA==&google_push=AYg5qPIJQ4Qu4xqHF60x0bwk17jQEhAFkuxECCKLwWTWWCe14ijooJ5mVU1wEJ3Rm2cOc8h0gXEqR-M4GZ1L-ys7QMWMQ0HuPsSn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFXVTFOQTMtMVMtRENZRA==&google_push=AYg5qPIJQ4Qu4xqHF60x0bwk17jQEhAFkuxECCKLwWTWWCe14ijooJ5mVU1wEJ3Rm2cOc8h0gXEqR-M4GZ1L-ys7QMWMQ0HuPsSn
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 8596
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9...

0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame 8596 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8596 0
12 B 41ms
39ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzJ23Y-qgmp06drkr4ebz_4AFk1i1Ill02Xgzzq1_ETdrlFo8ixirruvxeWLiCsUHjuG9vZA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=2623775624&pi=t.aa~a.1931292419~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=3&bdt=1662&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0&nras=2&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ITRmV5Fthc&p=https%3A//businessnewsday.com&dtd=241

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636
adservice.google.com/ddm/fls/z/ Frame CEAF 42 B
63 B 77ms
76ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ35x97jj_cCFfBBHQkdPs0KCg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6375938118063.636?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 3711 0
150 B 48ms
24ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=84402600007995400951399011928016&a=41f541b6&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=84402600007995400951399011928016&a=5c1224f7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=84402600007995400951399011928016&a=5c1224f7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:26:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 3711 13 KB
13 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 541362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 18:04:09 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 3711 13 KB
13 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 541401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 18:03:30 GMT

GET
H3-Q050 200 segment-211.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame 2DD7 155 KB
155 KB 149ms
148ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/8a09da4a/chop/segment-211.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3ddd7de4a28fa6345eb3dbfd7b51304581589695344fe9257563ea65fc474f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:51 GMT
x-vim-cachebc: EP:Q,E:m,TD0:m,CW:h
using-starlord: true
origin-retrieved-hour: 1649185200
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 158484
ak-reference-id: 0.97c27b5c.1649809611.6751a52
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=1969134
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3-Q050 200 segment-211.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame 2DD7 49 KB
49 KB 116ms
116ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/chop/segment-211.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a98a091d867c53ed6d1d3aa01e4e75f65f4529c01161a449cb60138784ac9487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:51 GMT
x-vim-cachebc: EP:Q,E:m,TD0:m,CW:h
using-starlord: true
origin-retrieved-hour: 1648497600
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 50196
ak-reference-id: 0.97c27b5c.1649809611.6751a53
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=1280763
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3-Q050 200 segment-211.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame AE93 155 KB
155 KB 148ms
148ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/video/8a09da4a/chop/segment-211.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3ddd7de4a28fa6345eb3dbfd7b51304581589695344fe9257563ea65fc474f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:51 GMT
x-vim-cachebc: EP:Q,E:h
using-starlord: true
origin-retrieved-hour: 1649185200
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 158484
ak-reference-id: 0.97c27b5c.1649809611.6751a54
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=1969134
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3-Q050 200 segment-211.ts Show response
24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf72... Frame AE93 49 KB
49 KB 118ms
118ms XHR
video/mp2t 2a02:26f0:ef::5c7b:c29b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/chop/segment-211.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a02:26f0:ef::5c7b:c29b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a98a091d867c53ed6d1d3aa01e4e75f65f4529c01161a449cb60138784ac9487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:51 GMT
x-vim-cachebc: EP:Q,E:h
using-starlord: true
origin-retrieved-hour: 1648497600
timing-allow-origin: *
akamai-mon-iucid-del: 879819
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 50196
ak-reference-id: 0.97c27b5c.1649809611.6751a55
access-control-max-age: 86400
aka-c-hit: cache-hit
access-control-allow-origin: *
access-control-expose-headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control: max-age=1280763
akamai-edge-ip: 2a02:26f0:ef::5c7b:c29b
content-type: video/MP2T
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version: Q050

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 55ms
54ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d78e4c9cd174a5cf735f0363facd5168e6b31d027f1cdd9476e3cd89ba4e4925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Apr 2022 00:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10506
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Apr 2022 00:26:51 GMT

GET
H3 200 instant-trade-license-dubai-blog-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 5 KB
5 KB 877ms
876ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/instant-trade-license-dubai-blog-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93e6886552077ba9a4497548249e84f3cf180a04f3fba3be06a837faafae4151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
cf-cache-status: BYPASS
last-modified: Mon, 04 Apr 2022 10:41:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2nNloOqxbIWKbgw7zguPqIBH%2BzipfnUiiR9yLFY6ENL026CVQu%2BwFzezYvc%2FCYpIyAIY3nMtkabA8LCrt57tvRVVWL9%2FtIKjVmztWizphscNm6jXAR5%2FN0h%2FMO7PgdGUwGTw1rPBvKrJ%2FbhoLYuSRk1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129a3d719b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4888
expires: max-age=A10368000, public

GET
H3 200 forex-trade-img-C-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 6 KB
7 KB 877ms
876ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/forex-trade-img-C-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc83248d6f69ed9a7c1bd8f7075abd3f29d5ada17c274e901d6e44f25aa4cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
cf-cache-status: BYPASS
last-modified: Sat, 02 Apr 2022 12:18:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImBm2V9T72YFFKj74sQ7VA6ISNjWywIY28O5aMblwP7WeiGovwgDqnsY8eHDrJHcpulSvFkVyqOBsOZopbZmfzOUR3Q7kmbHQRTMoaFpA%2Butjv4p9i1LqUqi5VgmIxKwFIw7F6n5tNcYdrHZSJ0ZoVgC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129a4d739b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6460
expires: max-age=A10368000, public

GET
H3 200 Screenshot-2022-04-02-151632-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 7 KB
7 KB 1133ms
1133ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/Screenshot-2022-04-02-151632-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661dad9be09b1acd6ed092971243203c654a2ed1d6d7f8d92dc09cb4eaf79b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
cf-cache-status: BYPASS
last-modified: Sat, 02 Apr 2022 07:17:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT5B%2F61Lw2iqGhI6uk0ooKtFIFlFiQcJCreghrdIp2Tr6jmc%2Bs%2BHltUYGomDWowk52Wn8an5pc5PCjPW7MGEwD0%2FoWQ3buZ5jnG0GPytOclSmxkiDtgfKF91uwFGoARF6rupSbwZB1zNghRTF1P5W0bi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129a4d749b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6814
expires: max-age=A10368000, public

GET
H3 200 bnd-default-bg.jpg
businessnewsday.com/wp-content/uploads/2021/10/ 11 KB
12 KB 888ms
888ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2021/10/bnd-default-bg.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d20bc64f99bded2f9724540bdf550b21f27c766feaad8ca8bc0f8d71cc1433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
cf-cache-status: BYPASS
last-modified: Thu, 28 Oct 2021 13:34:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMaPs5vq5SiwNrWR9lhObhQQwjL8%2B6ggdNrN96mOok%2FTuIqkgdmu96oGISZySLe7sad2G6QbKGDdetehcnMqSZ8I2nEE9ge9GYwcLZgQefjjz6UgiN2pcTc5kWDRbyTtxzWPKBwVrzl6XaNNHsc%2FnFV6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129a4d759b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11290
expires: max-age=A10368000, public

GET
H3 200 dispensary-near-me-485x360.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 26 KB
26 KB 1219ms
1218ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/dispensary-near-me-485x360.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2bd703cc20f6a49edcb9baecbf9441037b3fad80c0de43e3220f2b8075a71a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 07:37:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TNo6ViASuh0C0TuhhyzXHdDZTCUPvmX2YR7MqBSg8qbr3r8RXhDt7itWGgWFRmJe2jiy%2FUGZ7mhRzx8LlcqUhesz8gmRZYkzfuGwzXVkUtRLHK9CUGxZ4XxMlAmRNtdbqgq17zxem9LjxsEiso4UJWA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129a4d779b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26440
expires: max-age=A10368000, public

GET
H3 200 unnamed-14-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 13 KB
14 KB 1159ms
1159ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/unnamed-14-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abdcfe30869ea942f9d42d239c9725e977c5fd3e86d2802c9fbe5dc1505ac5dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 16:31:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Biy%2BPQDFSrO39O8cH4Vlk7yWgDjeJCobVNg3PB3J3ZV%2BE%2BjDz0mTw9Vwqv1U%2FRH2pk1dX8FE53mIlPkcoX6%2F7iWZifpxqbH13gg%2BA8esy7A4GGRrzfBAsdXBGOj8fgHm%2BOZDeckMLbqqeOq74EMj1fFE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129a4d789b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13444
expires: max-age=A10368000, public

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 630E 13 KB
5 KB 42ms
42ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Apr 2022 20:53:20 GMT
expires: Wed, 12 Apr 2023 20:53:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7730 783 B
534 B 49ms
49ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7feab8eb390cbadb99c547d446c7a5ceead5a0e02c131c0c40a25d845abb79a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wv+7Zzx2+3gnmlLy6smyQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://businessnewsday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-wv+7Zzx2+3gnmlLy6smyQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 00:26:51 GMT
expires: Wed, 13 Apr 2022 00:26:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

master.m3u8 Show response
skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/ Frame 2DD7
Redirect Chain

https://player.vimeo.com/external/588786205.m3u8?s=df63725c0cf9b1a715d22b6cc7223217d3714853
https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_st...

2 KB
1 KB

168ms
113ms

XHR
application/vnd.apple.mpegurl

151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_string_ranges=1
Protocol: H2
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fdd553b8b3ba787ce61abe2b3e58cdcd07a79020365fa29b24f7b45819f83e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, MISS
origin-retrieved-hour: 1649800800
access-control-max-age: 86400
content-encoding: gzip
content-length: 618
x-served-by: cache-iad-kiad7000093-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809612.256272,VS0,VE106
vary: Accept-Encoding, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Host: player-backend-5b9b5d4749-n4vcw
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4034-HHN
X-Player-Backend: g
X-Timer: S1649809612.976729,VS0,VE207
Date: Wed, 13 Apr 2022 00:26:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_string_ranges=1
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 0

GET
BLOB 200
OK aab000b6-ef05-4666-94c3-87d8d72c15ab
https://app.viloud.tv/ Frame 2DD7 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/aab000b6-ef05-4666-94c3-87d8d72c15ab
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 0a5fc884-e722-473c-aa6c-e406118d1aa8
https://app.viloud.tv/ Frame 2DD7 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/0a5fc884-e722-473c-aa6c-e406118d1aa8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 7e418941-3aec-42df-a366-cde058aef308
https://app.viloud.tv/ Frame 2DD7 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/7e418941-3aec-42df-a366-cde058aef308
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H2

200

https://player.vimeo.com/external/588786205.m3u8?s=df63725c0cf9b1a715d22b6cc7223217d3714853
https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_st...

2 KB
695 B

101ms
101ms

XHR
application/vnd.apple.mpegurl

151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_string_ranges=1
Protocol: H2
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fdd553b8b3ba787ce61abe2b3e58cdcd07a79020365fa29b24f7b45819f83e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, HIT
origin-retrieved-hour: 1649800800
access-control-max-age: 86400
content-encoding: gzip
content-length: 618
x-served-by: cache-iad-kiad7000093-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809612.269569,VS0,VE93
vary: Accept-Encoding, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Host: player-backend-5b9b5d4749-ggnkt
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4031-HHN
X-Player-Backend: g
X-Timer: S1649809612.018770,VS0,VE244
Date: Wed, 13 Apr 2022 00:26:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://skyfire.vimeocdn.com/1649824012-0x1c91075e65b8909904707db045c494e2ec50b1b0/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464,75851e47,7b32557a,afc21163/master.m3u8?absolute=1&query_string_ranges=1
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 0

GET
BLOB 200
OK 4cd1cf5e-4b6d-40c4-939f-e13035130462
https://app.viloud.tv/ Frame AE93 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/4cd1cf5e-4b6d-40c4-939f-e13035130462
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK b59da91b-a5ef-40a6-8d4a-77b96f36bafd
https://app.viloud.tv/ Frame AE93 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/b59da91b-a5ef-40a6-8d4a-77b96f36bafd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 4b5d4071-baf9-4e11-b9a6-976ac5aef0e4
https://app.viloud.tv/ Frame AE93 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/4b5d4071-baf9-4e11-b9a6-976ac5aef0e4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7730 0
0 75ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220406&jk=1564352018688728&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js Show response
pagead2.googlesyndication.com/bg/ Frame 630E 35 KB
13 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 08:52:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 08:52:22 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 630E 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1SYJpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 playlist.m3u8 Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/ Frame 2DD7 201 B
222 B 102ms
101ms XHR
application/vnd.apple.mpegurl 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af71358daae5dececefbf539e111920bd0ee7dc0ca22e5effb70e34139606ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, MISS
origin-retrieved-hour: 1649246400
access-control-max-age: 86400
content-encoding: gzip
content-length: 155
x-served-by: cache-iad-kcgs7200105-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809612.386376,VS0,VE94
vary: Accept-Encoding, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 playlist.m3u8 Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/ Frame AE93 201 B
266 B 93ms
93ms XHR
application/vnd.apple.mpegurl 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af71358daae5dececefbf539e111920bd0ee7dc0ca22e5effb70e34139606ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, HIT
origin-retrieved-hour: 1649246400
access-control-max-age: 86400
content-encoding: gzip
content-length: 155
x-served-by: cache-iad-kcgs7200105-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809612.394727,VS0,VE85
vary: Accept-Encoding, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 playlist.m3u8 Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/ Frame AE93 201 B
271 B 101ms
100ms XHR
application/vnd.apple.mpegurl 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b4e8bc40fc99b743e96a5bdf0b1ef89e5bb779fb378e13efeffcdb3d01f2a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, MISS
origin-retrieved-hour: 1648461600
access-control-max-age: 86400
content-encoding: gzip
content-length: 159
x-served-by: cache-iad-kcgs7200178-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809612.494031,VS0,VE94
vary: Accept-Encoding, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 playlist.m3u8 Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/ Frame 2DD7 201 B
226 B 98ms
98ms XHR
application/vnd.apple.mpegurl 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/playlist.m3u8?query_string_ranges=1
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b4e8bc40fc99b743e96a5bdf0b1ef89e5bb779fb378e13efeffcdb3d01f2a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, HIT
origin-retrieved-hour: 1648461600
access-control-max-age: 86400
content-encoding: gzip
content-length: 159
x-served-by: cache-iad-kcgs7200178-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809612.497303,VS0,VE91
vary: Accept-Encoding, Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 segment-1.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/ Frame AE93 84 KB
84 KB 127ms
127ms XHR
video/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/segment-1.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 340499ef70421836fa54338238e24ba595c387980f082994def9a4d826eb2eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, MISS
origin-retrieved-hour: 1649768400
content-length: 85540
x-served-by: cache-iad-kjyo7100031-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.508717,VS0,VE118
access-control-max-age: 86400
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 segment-1.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/ Frame 2DD7 84 KB
84 KB 125ms
125ms XHR
video/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/segment-1.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 340499ef70421836fa54338238e24ba595c387980f082994def9a4d826eb2eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, HIT
origin-retrieved-hour: 1649768400
content-length: 85540
x-served-by: cache-iad-kjyo7100031-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.509819,VS0,VE117
access-control-max-age: 86400
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 segment-1.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/ Frame AE93 100 KB
100 KB 103ms
103ms XHR
audio/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/segment-1.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af457ef202f91d60300437b9d47b5ffe2d9e3c84343ff660952f64f9b59e0f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, MISS
origin-retrieved-hour: 1649242800
content-length: 102084
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.623960,VS0,VE97
access-control-max-age: 86400
content-type: audio/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 0

GET
H2 200 segment-1.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/ Frame 2DD7 100 KB
100 KB 87ms
87ms XHR
audio/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/segment-1.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af457ef202f91d60300437b9d47b5ffe2d9e3c84343ff660952f64f9b59e0f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, HIT
origin-retrieved-hour: 1649242800
content-length: 102084
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.648089,VS0,VE73
access-control-max-age: 86400
content-type: audio/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H3 200 instant-trade-license-dubai-blog-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 5 KB
5 KB 641ms
640ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/instant-trade-license-dubai-blog-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93e6886552077ba9a4497548249e84f3cf180a04f3fba3be06a837faafae4151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Mon, 04 Apr 2022 10:41:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgIDpDmV0Z4l2ByE%2BKGRXwcirC1%2BhzbaTAwhgALxnUmb%2FxBbj%2BlVqDl6W0MvonAEp%2FulfTX9oo%2FE2x4RpAjf4iXx1oIA8Ubln9isEQt%2BZIeZTa41rkTVJHC%2BLu4gFt90ilLF5L3W%2BN%2Bl9866G%2BXNhwvi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129ffba29b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4888
expires: max-age=A10368000, public

GET
H3 200 forex-trade-img-C-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 6 KB
7 KB 710ms
709ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/forex-trade-img-C-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc83248d6f69ed9a7c1bd8f7075abd3f29d5ada17c274e901d6e44f25aa4cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Sat, 02 Apr 2022 12:18:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqbZk%2Frz8r36kNhHdoqA6Lq1fmAp9vUrCu9Qd2ab8i3ChFQ%2Bofv5kA%2Bys84nMftYhqww5IFeZ6bGq3qnncs4wqBHRmsqkSxQEGE%2FfW20qRd%2Fp4CA6tfmLBKTyz9pg1w%2FkPaHViAukDNqHHgPWcc0ZwWP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129ffba39b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6460
expires: max-age=A10368000, public

GET
H3 200 bnd-default-bg.jpg
businessnewsday.com/wp-content/uploads/2021/10/ 11 KB
12 KB 716ms
715ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2021/10/bnd-default-bg.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d20bc64f99bded2f9724540bdf550b21f27c766feaad8ca8bc0f8d71cc1433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Thu, 28 Oct 2021 13:34:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb47D%2FyjoNn%2Bad7%2FZ7bjrrCHnakXsEKi2LzjtqC1xzGI7km737w83r%2FPAwp3aAP0M7cD5tlmbktm4QDBuG9jHceIEPId9mp%2FwT1HtpgM%2Bzf8U8s5TCGJiv5H8LKgU2kpRQ1dR0KIGnWFdTxdASBUgne0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb0129ffba49b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11290
expires: max-age=A10368000, public

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220406&jk=1564352018688728&bg=!fH-lfzvNAAZAkm7qYJI7ACkAdvg8WlZwqsdTt-QTXxt12KEPLYG3DTOenmu9S99Xi8O0tROnykjsJAIAAAB2UgAAAANoAQcKAKEqF13A8Y0gyT6pO1NmRybjRQRnIe7jE8Tl2Ll2crJu9D5HhpS-4gvZa3vF0w9OJmtVwiKMXfgkoDquQgqWo1RUS2xAailRqPH7aglYDYsO-l2Rmz5KTY4spCPX74UZqQUq5rJELPpHSL1n6P4NaFWsINKHUqP6_bEaDUhLSKxH26rJAi5Hf6xDy1NUkQqu2fLCXxLEPioKOyUNikyy2oQ62JkCqX9-cQW8ZmZSi1AY0tRmxdEPR3QgmanzazH-Am-8TlDYpYVjnDHUpArONiRNJp2w5TEC1tqT2TXwztcWfu_tz0m7SL9lm7NOvyCiXQgVVy2fuZaLjYi_NtHbOYvIxgjKeOKlS5QAj25ZzLZEt7WQpuEeluGnkz5OAhwRtEUN2KKeU2p9ic1kwiZEYX223JiKpfi37CYGR4ZA_tHEtrWmO-TijrIcppc4F-LQUTBdBBf_-4yrMH2L13Us3W6oDCUtrMT9-p8EnFrCNmcZwBtLM_aJvEsTBVz_gMQFTidxAoOTe9CHCdmA5vhQABMSq1fe6bGuAVhVbxMHIGVokrknpJstsPn5XMeHRqgvHstIO2VhU51Iwsf8vkrZ0ZSJWJF_SOnuiD5WBSLcsjELVdUwiEhjgFNWe5EeQcvD-bvtjzGrNzgImEvU8paQlN6adK9A9iobOMj1lW5Q4NDJGH-kgY3mTa5Hicxs3JCQyqyjHxC6pzrd9oWrXOjlAaVBupUhJGCdeIfJaIB_6jOrkWiHRCqcN7CViQojjIwId3jKqlgraLO3IscG7-Vw0nHHWjTZzeFZzD7zgnMPBFVT2SxWcuUPfg-VZHkyRYaF2QtTFhqhF5vrPmB6eqFVgUadja1Zov7yWi-4E8j79a5bg0N2TmJSMbthn5S-xy9skUx-UH7aZo_mNXnUkzuCWOBA4JAepVid-G8gqmT4jY4yI9FV5KC5lnhz3u3OZsitp-EstT-rw99vVj4Pj7L7_LZUH8y_9QbOgy_bshbKeB62Li5F6ctTLBPaHYg0XzhkGpY_rtfkCQ4L_zTUlkQuVFV0rbRJZwRVUeNsBbiUHdiLezNBuQTGaEPsVl9GW8Kp3P53PJXCUl8ZzpGI6ipRQvunuvTYrcfa5IQWWbKehg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 segment-2.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/ Frame AE93 122 KB
122 KB 97ms
96ms XHR
audio/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/segment-2.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: faca3ec5b70035426d5dc04ad6a2af0a8173ca8c834d1451e2418d57c37d400f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, MISS
origin-retrieved-hour: 1648627200
content-length: 124832
x-served-by: cache-iad-kjyo7100072-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.844827,VS0,VE90
access-control-max-age: 86400
content-type: audio/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 segment-2.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/ Frame 2DD7 122 KB
122 KB 84ms
84ms XHR
audio/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/audio/afc21163/chop/segment-2.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: faca3ec5b70035426d5dc04ad6a2af0a8173ca8c834d1451e2418d57c37d400f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:52 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, HIT
origin-retrieved-hour: 1648627200
content-length: 124832
x-served-by: cache-iad-kjyo7100072-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.865233,VS0,VE70
access-control-max-age: 86400
content-type: audio/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

POST
H2 200 play Show response
app.viloud.tv/1/ Frame AE93 0
1 KB 33ms
33ms XHR
text/html 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viloud.tv/1/play

Requested by

Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.191.135.9.5.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWjYO3aM2grciMKRF

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
content-length: 0
expires: -1

POST
H2 200 play Show response
app.viloud.tv/1/ Frame 2DD7 0
1 KB 33ms
33ms XHR
text/html 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viloud.tv/1/play

Requested by

Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.191.135.9.5.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySQP66qIRFHAwdTMO

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:26:52 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
content-length: 0
expires: -1

GET
H3 200 Screenshot-2022-04-06-035732-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 10 KB
10 KB 652ms
652ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/Screenshot-2022-04-06-035732-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6387ca83b6df5dd44702f1444d0c565bbb47836ee45be9b3ad480fb58a15b67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 05 Apr 2022 20:01:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fbkgj7jAGDBJZeyRgxA8%2FxZUTUIyZu7Pzh3RUcmhPzBwjzQ9DH6s09btysiYZC9CDk8S7%2Fc0ug9r%2FIkpFIIj94lv4lowUNTOvepbS%2BwfefH9Qb3zcX%2Bq3gxTF%2FuRXR9J7aIxe%2B4L3b6NmX2rF%2BAveXlC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb012a0ec8d9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9837
expires: max-age=A10368000, public

GET
H3 200 Screenshot-2022-04-02-151632-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 7 KB
7 KB 683ms
683ms Image
image/webp 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/Screenshot-2022-04-02-151632-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661dad9be09b1acd6ed092971243203c654a2ed1d6d7f8d92dc09cb4eaf79b42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Sat, 02 Apr 2022 07:17:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Referer, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNvK2nTyv7H7cRao7shsxBJ04FZ%2FvvdtHvy5bj%2BniZT1eUVg7g0c75bE0YJt%2FymjMqBgD2CDPHciJfKOgjd%2B2nuz%2FgrI4VWRPR4HnEswXw9BTPKVgZScJgV509K1o068xFqVqUKJtn1FBpEr8uGRpakv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb012a18d3d9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6814
expires: max-age=A10368000, public

GET
H3 200 unnamed-14-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 13 KB
14 KB 762ms
761ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/unnamed-14-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abdcfe30869ea942f9d42d239c9725e977c5fd3e86d2802c9fbe5dc1505ac5dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 16:31:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RR9TRaFgXBSBZUMZXaQkgJrG2BGzB%2BB%2BcUpZm8D2J7OVbVZi13RpwlHXVqaymSIoD6HMpEmuOpUuDcMSnah8apSH8PtcuwQjDHlejLaWeCAQc2zXwGEL1E3MDmflZOqir9LtyKMk1HWeHRnzSviLr2D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb012a1bd7c9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13444
expires: max-age=A10368000, public

GET
H3 200 dispensary-near-me-485x360.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 26 KB
26 KB 715ms
714ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/dispensary-near-me-485x360.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2bd703cc20f6a49edcb9baecbf9441037b3fad80c0de43e3220f2b8075a71a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
cf-cache-status: BYPASS
last-modified: Tue, 12 Apr 2022 07:37:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNSrbctTja2RBI50B5UJdhsWpMauShc0s6vigD485D4ZINc9Z4UitlX%2FkZPfLd%2BnzqQ%2FMkB6HN32aRo4mXW2TfeGUJOpvf%2FdVl%2B9Vrf2naId2RfvZkddEFtbVBxywwBsT3DuB0Q4QrECUN1lLGPrkvVF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb012a21de29b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26440
expires: max-age=A10368000, public

GET
H2 200 segment-2.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/ Frame AE93 113 KB
113 KB 105ms
105ms XHR
video/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/segment-2.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2641c5c62a72ae93920d6b6f09def0f4255f4db4829253081d2368c1eb5c3075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, MISS
origin-retrieved-hour: 1648627200
content-length: 115432
x-served-by: cache-iad-kiad7000109-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.341210,VS0,VE96
access-control-max-age: 86400
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H2 200 segment-2.ts Show response
skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/ Frame 2DD7 113 KB
113 KB 104ms
104ms XHR
video/mp2t 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://skyfire.vimeocdn.com/1649845283-0x6dda560f38f91b2251f762b660f9020a347c73fd/1842542b-78d7-4046-a3c1-a705d2c0af01/sep/video/487d0464/chop/segment-2.ts?r=dXM%3D
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2641c5c62a72ae93920d6b6f09def0f4255f4db4829253081d2368c1eb5c3075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:53 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 0
using-starlord: true
x-cache: HIT, HIT
origin-retrieved-hour: 1648627200
content-length: 115432
x-served-by: cache-iad-kiad7000109-IAD, cache-fra19170-FRA
pragma: no-cache
expires: 0
x-timer: S1649809613.341473,VS0,VE96
access-control-max-age: 86400
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: x-cache, x-cache-hits, x-served-by, x-timer
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
x-cache-hits: 1, 1

GET
H3 200 Screenshot-2022-04-06-035732-218x150.jpg
businessnewsday.com/wp-content/uploads/2022/04/ 10 KB
10 KB 722ms
721ms Image
image/jpeg 2606:4700:3032::ac43:c9f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://businessnewsday.com/wp-content/uploads/2022/04/Screenshot-2022-04-06-035732-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c9f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6387ca83b6df5dd44702f1444d0c565bbb47836ee45be9b3ad480fb58a15b67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://businessnewsday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 00:26:54 GMT
cf-cache-status: BYPASS
last-modified: Tue, 05 Apr 2022 20:01:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saK99TezTsCFiRNfZ%2FugJA6B25H9SGpUARQrJZh4G4cJP3EY2nOWZqXkxw9%2B65i9VFbjdgCEd%2BKVxOVF8EOSur1SYjhmRgpdzQTjkxCcO%2FwV%2BON6RhMVqd2RUoAP7rtT1bFgfWKjCm4KgAT98WSjlDFg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6fb012a508fc9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9837
expires: max-age=A10368000, public

GET
H/1.1

200
OK

master.m3u8 Show response
61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93
Redirect Chain

https://player.vimeo.com/external/494444052.m3u8?s=af94154c29c313a3fe025146a465eab94278d00b
https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2...

3 KB
1 KB

340ms
285ms

XHR
application/x-mpegurl

2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/05afaf09,27f2a73e,2b1f22ed,680c3235,7e2e9cbb/master.m3u8?absolute=1
Protocol: HTTP/1.1
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d4604a11788365c99cec32218bfe885ee65db0b6cdb03a6ae5015156bfd1322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:m,TD0:h,CW:h
origin-retrieved-hour: 1649793600
Connection: keep-alive
Content-Length: 693
AK-REFERENCE-ID: 0.27e17b5c.1649809626.3329d1a
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=12985
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Wed, 13 Apr 2022 04:03:31 GMT

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Host: player-backend-5b9b5d4749-kpxlt
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4031-HHN
X-Player-Backend: g
X-Timer: S1649809626.462474,VS0,VE134
Date: Wed, 13 Apr 2022 00:27:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/05afaf09,27f2a73e,2b1f22ed,680c3235,7e2e9cbb/master.m3u8?absolute=1
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 0

GET
H/1.1

200
OK

https://player.vimeo.com/external/494444052.m3u8?s=af94154c29c313a3fe025146a465eab94278d00b
https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2...

3 KB
1 KB

304ms
272ms

XHR
application/x-mpegurl

2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/05afaf09,27f2a73e,2b1f22ed,680c3235,7e2e9cbb/master.m3u8?absolute=1
Protocol: HTTP/1.1
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d4604a11788365c99cec32218bfe885ee65db0b6cdb03a6ae5015156bfd1322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1649793600
Connection: keep-alive
Content-Length: 693
AK-REFERENCE-ID: 0.27e17b5c.1649809626.3329d24
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=12985
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Wed, 13 Apr 2022 04:03:31 GMT

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
X-Host: player-backend-5b9b5d4749-g4xt7
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4034-HHN
X-Player-Backend: g
X-Timer: S1649809626.499488,VS0,VE134
Date: Wed, 13 Apr 2022 00:27:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Location: https://61vod-adaptive.akamaized.net/exp=1649824026~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=4df075851712676ebf0c55f50f759c192094614eefe3f3db34ab584217444910/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/05afaf09,27f2a73e,2b1f22ed,680c3235,7e2e9cbb/master.m3u8?absolute=1
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 0

GET
BLOB 200
OK 0ce6b044-b924-4217-bf2e-bb61ab6788a7
https://app.viloud.tv/ Frame AE93 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/0ce6b044-b924-4217-bf2e-bb61ab6788a7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 4d76f709-9bcd-42ff-9577-957feacbf1e1
https://app.viloud.tv/ Frame 2DD7 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/4d76f709-9bcd-42ff-9577-957feacbf1e1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 98425397-6d5b-47e7-892f-e03c9013d3a9
https://app.viloud.tv/ Frame AE93 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/98425397-6d5b-47e7-892f-e03c9013d3a9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK a188bcdd-dd3f-4e45-a613-43b947a820e7
https://app.viloud.tv/ Frame AE93 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/a188bcdd-dd3f-4e45-a613-43b947a820e7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 1db83d19-bd0c-44ad-ad42-75ae4cd2e0fd
https://app.viloud.tv/ Frame 2DD7 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/1db83d19-bd0c-44ad-ad42-75ae4cd2e0fd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
BLOB 200
OK 457768b1-ae3c-4020-981a-07b762644464
https://app.viloud.tv/ Frame 2DD7 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.viloud.tv/457768b1-ae3c-4020-981a-07b762644464
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 79884
Content-Type: application/javascript

GET
H/1.1 200
OK playlist.m3u8 Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 323 B
853 B 30ms
30ms XHR
application/x-mpegurl 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9b2aa966bd8da358f642e51c226b75521927bf1ea308f7eb8cd31652688fcfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1648220400
Connection: keep-alive
Content-Length: 165
AK-REFERENCE-ID: 0.27e17b5c.1649809626.3329dd9
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1005533
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK playlist.m3u8 Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 323 B
859 B 26ms
26ms XHR
application/x-mpegurl 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9b2aa966bd8da358f642e51c226b75521927bf1ea308f7eb8cd31652688fcfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
origin-retrieved-hour: 1648220400
Connection: keep-alive
Content-Length: 165
AK-REFERENCE-ID: 0.27e17b5c.1649809626.3329dd8
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1005533
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK playlist.m3u8 Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 323 B
872 B 20ms
20ms XHR
application/x-mpegurl 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 027ec7c56e6e0a94cf09f5197525083d4f6568c1620d094eff18827ef1b59ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
origin-retrieved-hour: 1648353600
Connection: keep-alive
Content-Length: 178
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329dfa
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1138488
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK playlist.m3u8 Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 323 B
866 B 23ms
18ms XHR
application/x-mpegurl 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 027ec7c56e6e0a94cf09f5197525083d4f6568c1620d094eff18827ef1b59ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-mpegURL
X-VIM-CACHEBC: EP:H11,E:h
origin-retrieved-hour: 1648353600
Connection: keep-alive
Content-Length: 178
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329df9
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1138488
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-1.ts Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 166 KB
167 KB 55ms
34ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aed97b6f7e91e05fe4cbe0cd3e7ee5ed34889da76a7b0ce3666f3caa4e790969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
using-starlord: true
origin-retrieved-hour: 1647770400
Connection: keep-alive
Content-Length: 169952
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e05
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=556017
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-1.ts Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 166 KB
167 KB 55ms
34ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aed97b6f7e91e05fe4cbe0cd3e7ee5ed34889da76a7b0ce3666f3caa4e790969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1647770400
Connection: keep-alive
Content-Length: 169952
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e09
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=556017
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-1.ts Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 99 KB
99 KB 22ms
21ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95559e11e4b21af7853b4ef192fdd9f8b298fe91bf16ab7274ca46b401b85680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
using-starlord: true
origin-retrieved-hour: 1648479600
Connection: keep-alive
Content-Length: 101144
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e3a
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1265377
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-1.ts Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 99 KB
99 KB 11ms
11ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95559e11e4b21af7853b4ef192fdd9f8b298fe91bf16ab7274ca46b401b85680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1648479600
Connection: keep-alive
Content-Length: 101144
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e3b
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1265377
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-2.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 267 KB
267 KB 130ms
129ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-2.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
using-starlord: true
origin-retrieved-hour: 1648875600
Connection: keep-alive
Content-Length: 273164
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e98
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1660724
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-2.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 267 KB
267 KB 125ms
125ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-2.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1648875600
Connection: keep-alive
Content-Length: 273164
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e99
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1660724
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-2.ts Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 99 KB
99 KB 30ms
30ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-2.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9273eb925ccd1207449dbb6624b86139fbc90b40ea5d1ee8ab3788ad64dd095b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
using-starlord: true
origin-retrieved-hour: 1648728000
Connection: keep-alive
Content-Length: 100956
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e19
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1513327
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-2.ts Show response
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 99 KB
99 KB 29ms
29ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-2.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9273eb925ccd1207449dbb6624b86139fbc90b40ea5d1ee8ab3788ad64dd095b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1648728000
Connection: keep-alive
Content-Length: 100956
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329e18
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1513327
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

POST
H2 200 play Show response
app.viloud.tv/1/ Frame 2DD7 0
1 KB 66ms
66ms XHR
text/html 5.9.135.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.viloud.tv/1/play

Requested by

Host: d1p84540l00xkx.cloudfront.net
URL: https://d1p84540l00xkx.cloudfront.net/js/c07abeb0.vendor.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.135.191 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.191.135.9.5.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.viloud.tv/embed/channel/5e1f31dbdf1535936ee21fc8205eed83?autoplay=1&volume=0&controls=0&title=0&share=0&open_playlist=0&amp&ampmodestbranding=1;random%3D0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypU1y3lMtadS4vXyi

Response headers

pragma: no-cache
date: Wed, 13 Apr 2022 00:27:07 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
content-length: 0
expires: -1

POST play
app.viloud.tv/1/ Frame AE93 0
0

GET
H/1.1 200
OK segment-3.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 98 KB
99 KB 24ms
23ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-3.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
using-starlord: true
origin-retrieved-hour: 1648728000
Connection: keep-alive
Content-Length: 100580
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329ee7
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1513419
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-3.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 98 KB
99 KB 19ms
19ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-3.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1648728000
Connection: keep-alive
Content-Length: 100580
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329ee8
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1513419
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-3.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 276 KB
276 KB 122ms
122ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-3.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
using-starlord: true
origin-retrieved-hour: 1647781200
Connection: keep-alive
Content-Length: 282376
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329f16
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=564714
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-3.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 276 KB
276 KB 123ms
123ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-3.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1647781200
Connection: keep-alive
Content-Length: 282376
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329f17
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=564714
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-4.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 98 KB
99 KB 31ms
31ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-4.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
using-starlord: true
origin-retrieved-hour: 1648735200
Connection: keep-alive
Content-Length: 100580
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329fc9
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1518510
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK segment-4.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 98 KB
99 KB 31ms
30ms XHR
video/mp2t 2a02:26f0:f7::5c7b:e12b

General

Check archive.org

Show headers Download Go to

Full URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-4.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.18.1/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.viloud.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 13 Apr 2022 00:27:07 GMT
Content-Type: video/MP2T
X-VIM-CACHEBC: EP:H11,E:h
using-starlord: true
origin-retrieved-hour: 1648735200
Connection: keep-alive
Content-Length: 100580
AK-REFERENCE-ID: 0.27e17b5c.1649809627.3329fc8
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=1518510
Akamai-Edge-IP: 2a02:26f0:f7::5c7b:e12b
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET segment-4.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame 2DD7 0
0

GET segment-5.ts
61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5... Frame AE93 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.viloud.tv
URL: https://app.viloud.tv/resources/mkayali/logos/5e1f31dbdf1535936ee21fc8205eed83?1649809608650

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1

Domain: 24vod-adaptive.akamaized.net
URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/chop/segment-2.ts

Domain: 24vod-adaptive.akamaized.net
URL: https://24vod-adaptive.akamaized.net/exp=1649827229~acl=%2F48c160c1-e5e1-470f-b72a-f7162bf721cf%2F%2A~hmac=dbb82e83a93cd40ea2f225c4fa1ceb284cda4218a6651e2d8c006e84743a6368/48c160c1-e5e1-470f-b72a-f7162bf721cf/sep/audio/41bcd74d/chop/segment-2.ts

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEN0Nd8up_Tq-8VtIhonJuww&google_cver=1&google_push=AYg5qPLImsaD-VECjtTDoyd6P5nQlG-tJ1MpkUtBGqD4I4bXlYCBIVPPzzo9Ay1dn90IfP_DRXrxmjNMOFGaEcibjX0ZHIxoRAylVw

Domain: app.viloud.tv
URL: https://app.viloud.tv/1/play

Domain: 61vod-adaptive.akamaized.net
URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-4.ts

Domain: 61vod-adaptive.akamaized.net
URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/video/7e2e9cbb/chop/segment-4.ts

Domain: 61vod-adaptive.akamaized.net
URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-5.ts

Domain: 61vod-adaptive.akamaized.net
URL: https://61vod-adaptive.akamaized.net/exp=1649837011~acl=%2F5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564%2F%2A~hmac=10387c3f84e012d168a36aa8654f07d703fe9a57641bb1c98bd4fbaaa168aef7/5ec9efe1-f41d-4b81-a2ac-2acb8bfb5564/sep/audio/2b1f22ed/chop/segment-5.ts

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: S4xrr_apV1U
.youtube.com/	1970-01-20 06:36:01	Name: VISITOR_INFO1_LIVE Value: zfvkrrb7J7E
.businessnewsday.com/	1970-01-20 19:48:01	Name: _ga_DHYMD7ZHK8 Value: GS1.1.1649809607.1.0.1649809607.0
.businessnewsday.com/	1970-01-20 19:48:01	Name: _ga Value: GA1.1.992529018.1649809607
.businessnewsday.com/	1970-01-20 11:38:25	Name: __gads Value: ID=1ec8f3e290da67ff-225ff7e075cd00b8:T=1649809608:RT=1649809608:S=ALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw
.investing.com/	1970-01-20 02:16:51	Name: __cf_bm Value: pC1P9qf3l5Efnx2pgR.wvdNWlelp2lztWNd5ZQvn1fY-1649809608-0-AYdn2tylqZ+gJ5bXwtXfm4YfoaiPyGpqwi/bVsP2pOi6YoeGXcGqN6vsOAnTnrv6ADZSyhyJTELC+JY4rDh24hA=
.doubleclick.net/	1970-01-20 11:38:25	Name: IDE Value: AHWqTUnANNV8uq8aPnUAKopMMZceQY-e7HpOf9YxB6E9QBtqCAbwvTXH_9stIV2IQSc
.doubleclick.net/	1970-01-20 02:16:53	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 04:26:25	Name: d Value: EE8BCQHyJYEA
.quantserve.com/	1970-01-20 11:47:04	Name: mc Value: 625618ca-69230-638bc-1bf57
.casalemedia.com/	1970-01-20 11:02:25	Name: CMID Value: YlYYysCfhbtUnzZKAOx7-AAA
.casalemedia.com/	1970-01-20 04:26:25	Name: CMPS Value: 3269
.casalemedia.com/	1970-01-20 04:26:25	Name: CMPRO Value: 1165
.mathtag.com/	1970-01-20 11:02:25	Name: uuid Value: 41086256-18ca-4b01-bca2-337cfec3a930
.redintelligence.net/	1970-01-20 04:26:25	Name: 8lcfmzhxc8d6_uid Value: d4de4dd6c6c94141
.casalemedia.com/	1970-01-20 02:18:16	Name: CMST Value: YlYYymJWGMsA
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4dgayoshujv0jf4wogdq4jzm
pb.media01.eu/	1970-01-20 19:49:28	Name: DTU Value: 1E5A6A53417DBD4925DCAEC76D0F586B
.pubmatic.com/	1970-01-20 02:18:16	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:26:25	Name: KADUSERCOOKIE Value: CFFB2485-5B11-4952-8781-F3F4EC69BEAA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/322135676635472741/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7554934826467559&output=html&h=250&adk=2702158952&adf=3878093745&pi=t.aa~a.4085473756~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1649800079&rafmt=1&to=qs&pwprc=6187712557&psa=0&format=324x250&url=https%3A%2F%2Fbusinessnewsday.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649809608199&bpp=2&bdt=1663&idt=-M&shv=r20220406&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ec8f3e290da67ff-225ff7e075cd00b8%3AT%3D1649809608%3ART%3D1649809608%3AS%3DALNI_MZ5nA8F_g7Lc6Pr4YOrfRjv3_aWRw&prev_fmts=0x0%2C324x250&nras=3&correlator=1659701599524&frm=20&pv=1&ga_vid=992529018.1649809607&ga_sid=1649809607&ga_hid=1276224219&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760333%2C44760474%2C31065787&oid=2&pvsid=1564352018688728&pem=72&tmod=1665515494&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=40tdaZRHj9&p=https%3A//businessnewsday.com&dtd=249 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/322135676635472741/index.html".
network	error	URL: https://mts0.google.com/vt/data=impppeAm9aKOQlkmNYB0j_abIgzrjt1B_S-kPcSjB_FPt4E5VhI7o-KOS9rPyOcQ4xdsEXrqrQH2c3w621tXkg Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEN0Nd8up_Tq-8VtIhonJuww&google_cver=1&google_push=AYg5qPLImsaD-VECjtTDoyd6P5nQlG-tJ1MpkUtBGqD4I4bXlYCBIVPPzzo9Ay1dn90IfP_DRXrxmjNMOFGaEcibjX0ZHIxoRAylVw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEDj1SYJJkpWCE7fb4mq-jWE&google_push=AYg5qPI7VhZM5Ja77ieWCbJwM6t4zbA_dJDo3C4BCtiGCzjHHJ1TbhnGFVKLp2GcCyOR3CHgErnErQCjKkyYS5OBcERyvsx7vYxd&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlYYysCfhbtUnzZKAOx7_AAABI0AAAIB&google_gid=CAESEM1J1ru33VozNO8VA8oqAdU&google_push=AYg5qPJqpTA_bLPenC-8YycJFvVfRAOMfS6QXBQ_9vbTPsUboB9_uRDj-cRzP-8HXbJLuZHbsngAgtDaawfFNh-JQE9AqYGo8ELx&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24vod-adaptive.akamaized.net
5994599.fls.doubleclick.net
61vod-adaptive.akamaized.net
ad-server.eu
ad.doubleclick.net
adservice.google.com
adservice.google.de
app.viloud.tv
businessnewsday.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d1p84540l00xkx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900016.redintelligence.net
i-invdn-com.investing.com
image6.pubmatic.com
mts0.google.com
node-07.zeno.fm
node-10.zeno.fm
node-13.zeno.fm
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
player.vimeo.com
pv.medialead.de
rtb.openx.net
services.viloud.tv
skyfire.vimeocdn.com
ssl.google-analytics.com
sslfxrates.forexprostools.com
stream.zeno.fm
stream.zenolive.com
stream124.forexpros.com
streamjs.investing.com
tags.mathtag.com
tpc.googlesyndication.com
vjs.zencdn.net
wmt-invdn-com.akamaized.net
wmt-invdn-com.investing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
24vod-adaptive.akamaized.net
61vod-adaptive.akamaized.net
app.viloud.tv
cm.g.doubleclick.net
googlecm.hit.gemius.pl
104.36.113.23
134.213.237.49
138.201.220.30
138.201.63.164
142.250.181.230
142.250.185.194
142.250.186.162
142.44.213.132
142.44.213.187
145.239.193.130
151.101.14.109
151.101.64.217
18.202.199.206
185.168.112.124
185.94.85.236
185.94.85.240
23.35.228.210
2600:9000:2315:c200:15:6f87:8040:93a1
2606:4700:3032::ac43:c9f1
2606:4700::6811:190e
2606:4700::6812:ad7
2606:4700::6812:bd7
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:4014:80e::2002
2a02:26f0:ef::5c7b:c29b
2a02:26f0:f7::5c7b:e12b
2a04:4e42::729
3.225.247.221
34.98.67.61
35.227.252.103
44.198.242.236
5.9.135.191
54.76.176.197
66.70.176.31
69.173.144.138
74.121.143.241
88.198.250.30
92.123.225.33
00b0229f9a27f8c57b419b7a4ce77f0940a95080f2f2f221f5ba4ec0b14b992d
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
027ec7c56e6e0a94cf09f5197525083d4f6568c1620d094eff18827ef1b59ae1
032f947abdf8d897db08ddb1aa01aaae93e5e632061d45191a71e23504d5a620
06184fbd2d1fd6af6bb4109668b94f540661ee5eb2881b1618244095693925d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ff9572517dd30d3cab149c67596fde9385663c2ebac5c8070a3c9422bf37921
1028dcd47e9f60f8efc41d203e597cba9e2d18649729482a997d649573c24ac3
11581ce03714240422b1aca1551356f13ea824702b79b51c03b73b8a044933c9
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
178089126c92308dbf8c30b25e3bbb363d487dd4f3979436bc01b881f6fd9b4c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bc83248d6f69ed9a7c1bd8f7075abd3f29d5ada17c274e901d6e44f25aa4cbb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20ec48cb4ea97f75fdf64501c65bcd810f767194770534bb0038ec646fede0c0
25d20bc64f99bded2f9724540bdf550b21f27c766feaad8ca8bc0f8d71cc1433
2641c5c62a72ae93920d6b6f09def0f4255f4db4829253081d2368c1eb5c3075
273d394fffd5eb7b8d075e36446e0b3d8b6de1d3a238b43045f9bdba26e5274a
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
29dacc6d487a86a102bc01521f3e8ceced6c8e832e1c3f25864b7e0e53e753be
2d1b50fd007ab299dce882bd5e43482d73150f232269f836ead15e63890bd541
2e8cee5ba8873dfc09010fc401e5b01b164a7293e89478ef9281cf72c0e460dd
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
340499ef70421836fa54338238e24ba595c387980f082994def9a4d826eb2eaa
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
35d3f578162d546184f29bf063728c7cb33354245838445b0861cdb04f845da1
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
3b3e1d3b60e8c87df17d53bfb684102153aa9675f2ed34a60dd94d36540eb810
3ddd7de4a28fa6345eb3dbfd7b51304581589695344fe9257563ea65fc474f2b
3e1e79f4681262298bfa95f94c32a1019cd062e9dbb6da54c1ea25c8dee34c55
4119832dfbf19db80f6eaeb79fe1c8d80b987154a6b662153504b4712ecc7d49
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
51fe96a9d684fe8d2b11a58f8a1c7e6b89eaf70e9e6c6906ae1f31015682f86f
5272ebc76ee36a369f155347cb3da728eb1cdb0d3312b0aa062703d6f011b566
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ce0ed2a405d9f7efb8fad9f049733a8fb4fc9faed333ed9b135cf5c308e954
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c48529f120e5d9fdf0705213ee923e9e4c015cc630b829237c32e004b459b9a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d3994f1dbd8d02bdffbb299b7b0293159d01067c7d268e19580e3cadb15665a
5d404b756821f3703ca34f00f0c4429316e5f7dbe20515e6f3e0620485a13aac
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c165fe7dec11d4716d084722a41e525a04857fb2529b9137aa13193ac0bbfe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6268d8a3a3ac3990e3ea42a90d45d0d0a4b45e38795016dbb042a1fb0ca9e45f
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6387ca83b6df5dd44702f1444d0c565bbb47836ee45be9b3ad480fb58a15b67f
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
661dad9be09b1acd6ed092971243203c654a2ed1d6d7f8d92dc09cb4eaf79b42
66eec00f2587a6a35ca1fe0ae100299bfe4234e6fe38042c888dcd187c48279a
6721f7738f09d774df260328bd2895076a67e181d0e9ec9858298aa2b735c9ca
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6dafe5119a3df9abdd0aecbf777cf1c5656985c7288487d5a242a3f65f74b791
6e84c7c84edd45ae00abe02027275c2ab7e3b2e72973d2af32ed1ff5e6711f7f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
76c59002c74bee10b4a18a57c4a9bb990d9844a2ef72f6c7d4fe9312783c4e91
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a70bdf6f7a76fa10166d8e4c50c8067d05ec91d7ccaa831c60b4a61051bc2b2
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
7af3e1c1eb39bee95ffa6ca628b266660492c37a2cf2d4ba71db7e34a080d9a8
7feab8eb390cbadb99c547d446c7a5ceead5a0e02c131c0c40a25d845abb79a6
8073ef912c4d2f9bd3eca80bfa5dc0420f61b8b579243da540b608cdfa6151e6
80f36c9cbdf1a69d8ea068d4d4778a35a00ac7ba5d6b4ddc3300bf546ee87a50
865cad1f7a9ea6cdbe22e21ed7be10a4c65b1913848d4e6e6b9b2692fd1069c2
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a443c4992f332c3cf23c3c4e4313edbe51bb8f48c4a45a2322c9e218057a172
8a519b27a0b5a76d84f6abc48cb53662626cda81e843f723802145843134c8b9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae0b6c9370a8effbe2b2e332292a32904e8c4e1edae8a2aaf311b7a8ca257a5
8bae6c82cbb7f21b85684eccc2b1e1a95cbf666f3fb494e68b04facf0ae6ef73
8d4604a11788365c99cec32218bfe885ee65db0b6cdb03a6ae5015156bfd1322
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
8fa34b1d3d99c7ad8272bac4957646564169c1e40007eef4ff8f0b80dc4dd70f
9273eb925ccd1207449dbb6624b86139fbc90b40ea5d1ee8ab3788ad64dd095b
938e93f9adee109070d12a1a3e54c7f225b1e0988652edaf3759e0f829807a75
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93e6886552077ba9a4497548249e84f3cf180a04f3fba3be06a837faafae4151
95559e11e4b21af7853b4ef192fdd9f8b298fe91bf16ab7274ca46b401b85680
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4e8bc40fc99b743e96a5bdf0b1ef89e5bb779fb378e13efeffcdb3d01f2a77
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c966838c392505f3d0848c88b4fea00db05e2a60f27ff3fde774e061e1c624
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a98a091d867c53ed6d1d3aa01e4e75f65f4529c01161a449cb60138784ac9487
a9b2aa966bd8da358f642e51c226b75521927bf1ea308f7eb8cd31652688fcfc
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abdcfe30869ea942f9d42d239c9725e977c5fd3e86d2802c9fbe5dc1505ac5dc
ad419adf538fcddbc50cf266b0e4c40965c84919745f6d09507c6b17531531e1
aed97b6f7e91e05fe4cbe0cd3e7ee5ed34889da76a7b0ce3666f3caa4e790969
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af457ef202f91d60300437b9d47b5ffe2d9e3c84343ff660952f64f9b59e0f87
af71358daae5dececefbf539e111920bd0ee7dc0ca22e5effb70e34139606ff1
af80c5f740d87f23a4dfba032163da333d0726400e3e466498ec6db371cccbeb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b427bd83921245604aaf9c32a91b57b17249b93641b627b58a05aca374e5049e
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b7285e78205debb0276a0f98c63e88bae378cc1cba8fd32a0d7a224f6e123fb9
b7e65448f1c481b9880b2ec2351f86d61fb7a1caf2a2517a91e527008e946ca9
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd7b9b5496382515c4e684c8b4a1d0e86c321365dd04bf0df038e0bfaec6ca53
be0d03bd855e0785df2bd26a69d417378323cc995451fad98ec51c07b502c501
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
beb5ac05d60275c04e42d06f15d91145ff5b445743a17cd24075d072587a2bc7
bedbbb85972e87083e6866556b7fe0703be8cb370df07f07fea5be6a2bbd4f46
bfb449d09dc4ee8bbffd86e21b831f45696a8a2d8a228462dbbacdae3f317d6c
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2085131cb0e962fa6d78cd70e0d7c79b7a34e6f21916bdc1daa984db0d7dadf
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c867160aebdb228104b9bed90d3b34f73990cc754ab3607a8ba0a46df7c55c6a
cbf335cdb19e47784face065ff2196f3b2fac3ba515a7b75e8822c3fd1f3c655
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce1db3952811f857d75de818153e6480ae54baed9a608993cf579ccc44ed6306
cf164a176cc9fead116bed7be746a320bc07131868603b294298c37032a72e19
cfde9f6b1360ad2477f08eb79b7b3a171baea13f8531faf2ced3d68ceb329f17
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6
d15550cca70b5931a2f7149ea4201763ecef0355c447ee01257ce00aa22081dd
d3a3823951b7cd7873836b6ef73521b382544300111232d39480bf491713f763
d5ffcd3a1cb0a82bf4546441c6c9965072131ff33bc80ce237d6811b3f3452f4
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d78e4c9cd174a5cf735f0363facd5168e6b31d027f1cdd9476e3cd89ba4e4925
d8f01d2edd0720a649fb7cc297a11931eef05630cfa78298ce8e67e2793b353f
da4441651f552c1fefd071ec9064030b420d03342cc5288f4219291b1874d82c
daa230315bf5611cb36ed996afdaf9beb818a2bd458bff1c5e6f7878ba45e535
db9cf22fcea92e4dede80796367643193364aba6ec81dd028beaafd9a3d6ca69
dcf1b95363dbc5433b4ccc855bbf10703004ad8b1975e6541c3a87f6bd7d752a
df702a5d664001f135888288b33cfa87b92aed1f5342512d1693f9743d383ccf
e04770221e9e733bf98ca51d027dd659296604449e57cfec24c21c737324a904
e137006094208e64f4f956220634c6170dcd7fbd367d0b63b0098e68dd938b4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a691c8b1c67706d17a2c601326499564e0bdcc93e6ecce8032d7e6ac658c3
e5bd3f0044824773a4cfe41dfd77a1a222958906a68539927ee0663590f28c6a
ea31f10edab8222e4e66001e64f74b3e91f0fe42ca5ee682e09def8a6509fd9d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed2bd703cc20f6a49edcb9baecbf9441037b3fad80c0de43e3220f2b8075a71a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0262d521b560bf3e428a5de0ced56186bbdd4dfc1687ffbb93ae71d32900b24
f3c19397c1ddc85641e3d76243c2a473106779e94132fdaa9f8dd6391d104cce
f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a
f63f0d973b692bf5c0938f26dce888401ec8c5a0cb29cf6e15ce765e8974fb0c
f67ff33d0f2a8202d620bb08ba797834c9f84aef45e0a2abaf17c45cba74b082
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
faca3ec5b70035426d5dc04ad6a2af0a8173ca8c834d1451e2418d57c37d400f
fad27a951a13f10296db5fcb961ebf6aa94497505d522c7e6c955bcf8fd74c59
fdd553b8b3ba787ce61abe2b3e58cdcd07a79020365fa29b24f7b45819f83e6b
ffcd79bb35a16600936afdb30c56490d9cdb938b2a0b9e3d6edf543de391a765

businessnewsday.com Open in urlscan Pro 2606:4700:3032::ac43:c9f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

288 Requests

84 %HTTPS

45 %IPv6

36 Domains

54 Subdomains

43 IPs

9 Countries

10996 kBTransfer

24141 kBSize

20 Cookies

14 Outgoing links

Redirected requests

288 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 23 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

businessnewsday.com Open in urlscan Pro
2606:4700:3032::ac43:c9f1 Public Scan

Screenshot
Live screenshot

Full Image

288
Requests

84 %
HTTPS

45 %
IPv6

36
Domains

54
Subdomains

43
IPs

9
Countries

10996 kB
Transfer

24141 kB
Size

20
Cookies

288 HTTP transactions
23 data transactions